GeForce experience tracks every single window you have open, sending the title and window information, along with every single spot that you click on your screen to Nvidia, tied to your now mandatory account.

That was a couple years back. Who knows how much more invasive it’s gotten since.

Oh. And this data is considered to be “valuable debugging information”, so is not prevented by opting out of analytics.

There is absolutely no benefit to me the user to force me to create an account. What a deeply frustrating user experience (especially when I have to dig around for my password just to update a graphics driver?!) I hope someone wakes up at Nvidia and removes the account requirement. Why do they even do it?

The one thing that I like about mandatory accounts like this is that they're a strong indication that the company is abusive and you should remove any of their software immediately. It makes the problem obvious.

Nvidia is on top of the world right now and companies on the rise often make really stupid long-term customer alienating decisions. Nvidia won't miss any on of as an individual customer at all. For these types of situations, usually at some point the things that were pushing the company upwards slow or stop while the damage from their arrogance accumulates enough to start causing real harm. After some foot dragging and false reforms, the company eventually has to do something to repair the damage and by then, those who enacted those policies are usually gone.

Well, PiHole stops one particular endpoint for sure. And it's called several thousands times during a 3-hour gaming session. Pretty creepy indeed.

Now we just wait for them to do DNS over HTTPS and domain fronting to a generic cloudflare endpoint.

Good to know! Uninstalling when I get home. Windows has really become a big bag of certified malware and adware. I always feel a bit dirty when I play a game on my windows pc, and now I know why.

The irony here is that you will get NVIDIA (and AMD) drivers vendored through Windows Update automatically by default. These work fine for 3D acceleration, and don't install GFE or require an account.

You'll just be a few versions behind, not sure what their release cadence is for this. But as far as I know this is a net positive to the Windows PC user and potentially eliminates needing to deal with GFE/Adrenalin as long as you are satisfied with the builds Microsoft is shipping you.

Except the telemetry service was moved into the drivers in 2016, and isn’t a part of GFE any more.

:-/

>Windows has really become a big bag of certified malware and adware.

This 100%. I would include Azure too.

I actively try not to use Windows every time I get a chance. I am so glad a company like Apple exists. I agree Apple might not be 100% right on privacy but they are pretty darn close that I a live with.

I actually was racking my brain since I haven't seen any major nvidia callouts on my DNS block, but I use a 3090.

Then I remembered I game in linux, on steam.

I believe it, but do you have a source? I have a few friends I'd like to inform of this.

Funny, because I was wrong. Here’s the Nvidia privacy policy:

https://www.nvidia.com/en-us/about-nvidia/privacy-policy/

How I was wrong is was in the “valuable debugging information”. Because you can actually disable the sending of debug and crash statistics, but you cannot disable the collection of tracking everything you do except for password boxes!

The original source on the telemetry was a print magazine, CanardPC, but this is referenced quite a bit.

I was additionally wrong the GeForce Experience matters. This is currently untrue. After the original article was released of how much spying Nvidia does, the telemetry package was moved to the driver rather than GeForce experience.

Long story short: if you have an Nvidia video card and have not actively disabled nvtmmon then Nvidia is tracking every window you open, how long it’s open, which windows have focus and for how long, window locations titles etc, along with clicks (but not keyboard strokes) etc. *It is not only tracking games. It tracks everything. It does this with just the driver*. If you have GeForce experience, then that information is tied to your sensitive personal information. If you do not opt out, they sell that to advertisers. If you do opt out, the collection happens anyway, but they claim they’re not sending it to third parties.

Where does your link support what you are claiming? Clicking "see more" on all the sections and searching, there is no mention of "valuable debubbing information". Under "Using NVIDIA Products" section it lists GeForce experience, but not plain graphics cards or their drivers. I have no nvtmmon.exe running and the folder

    C:\ProgramData\NVIDIA Corporation\NvTelemetry\reports

Has almost empty files last modified 2019.

Where do you opt out if you don't have GeForce experience at all?

I’ve just learned: you don’t. I thought this was limited to just GeForce experience, but it’s not.

You need to kill Nvidia telemetry services (one site has it listed as nmtvmon).

Another option would be to block traffic to Nvidia from leaving your network (pihole captures at least some Nvidia telemetry, not sure if it blocks all). I don’t have a list of urls or IPs to look out for.

I see nothing related to "title and window information" nor "every single spot that you click on your screen". Why did you dodge the question?

Wow. Thanks for the response. That's pretty bad.

> If you do opt out, the collection happens anyway, but they claim they’re not sending it to third parties.

For EU-based customers, how can this be GDPR-compliant?

We've reached the point where, even when you are paying for it, you are the product.

Where's capitalism to go once it's milked that cash cow to saturation? Think of the poor shareholders.

I use glasswire firewall and I just checked nvidia's activity and it doesn't even amount to a megabyte (uploaded) in the last week. I'm thinking this is tinfoil hat stuff.

I think you’re being misled by insane JavaScript bundles re how much information can be conveyed in small compressed text files.

Capturing window titles and how long they have focus over a weeks logging takes a couple bytes of text…

> it doesn't even amount to a megabyte (uploaded) in the last week.

That seems like a lot for a piece of software that doesn't have to send anything whatsoever in order to do its job.

Hey great I was just wondering if there was a little snitch for windows

https://www.glasswire.com

Harry Potter and the Half-Blood Prince is 970KB uncompressed, 228KB with bzip2. You may be able to compress the whole thing in 1MB with some effort.

I’m a little surprised no one has MitM the telemetry service and reverse engineered what it’s sending.

Assuming they're using halfway decent cryptography, then doing this is nontrivial. But there are probably people working on it, and if so, they may eventually succeed.

Sounds like a lot to me.