{"id":182554,"date":"2015-08-13T18:17:00","date_gmt":"2015-08-13T23:17:00","guid":{"rendered":"https:\/\/www.panix.com\/~msaroff\/40years\/2015\/08\/13\/belay-that-upgrade-to-windows-10\/"},"modified":"2015-08-13T18:17:00","modified_gmt":"2015-08-13T23:17:00","slug":"belay-that-upgrade-to-windows-10","status":"publish","type":"post","link":"https:\/\/www.panix.com\/~msaroff\/40years\/2015\/08\/13\/belay-that-upgrade-to-windows-10\/","title":{"rendered":"Belay that Upgrade to Windows 10"},"content":{"rendered":"

No verification yet, but there has been a semi credible report that Microsoft’s new operating system is literally sending everything you do to the Redmond Borg<\/a>: <\/p>\n

Note: Some readers have commented that the original source for the article is of questionably validity. If anyone can confirm or refute the original author’s finding with actual data, please let me know in the comments, and I’ll update this post accordingly.<\/i><\/span>

<\/span>Some Czech guy did a traffic analysis<\/a> of data produced by Windows 10, and released his findings the other day. His primary thesis was that Windows 10 acts more like a terminal than an operating system — because of the extent of the “cloud” integration, a large portion of the OS functions are almost dependent on remote (Microsoft’s) servers. The amount of collected information, even with strict privacy settings, is quite alarming.<\/span><\/p>\n

Information transmitted<\/span><\/h2>\n

All text typed on the keyboard<\/b> is stored in temporary files, and sent (once per 30 mins) to: <\/span><\/p>\n

\n
oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com
<\/code><\/span><\/pre>\n<\/blockquote>\n
There isn’t a clear purpose for this, considering there there’s no autocorrect\/prediction anywhere in the OS<\/s> (There  is autocorrect in certain text fields, but the supposed purpose for  transmitting these keystrokes is to improve autocorrect across devices.  Whether a full keylog is necessary for this (as opposed to just  corrections) is questionable. Furthermore, this appears to still occur  even if the user is not signed in to a Microsoft account, eliminating  the “across devices” benefit. Perhaps there is a global autocorrect  dictionary that benefits all users, but the privacy implications of an  un-disableable always-on keylogger outweigh these potential benefits.<\/i>).  The implications of this are significant: because this is an OS-level  keylogger, all the data you’re trying to transmit securely is now  sitting on some MS server. This includes passwords and encrypted chats.  This also includes the on-screen keyboard, so there is no way to  authenticate to a website without MS also getting your password.<\/span>

<\/span>\u2026\u2026\u2026<\/span>

<\/span>\u2026\u2026\u2026In another example, typing the name of any popular movie<\/b> into your local<\/i> file search starts a telemetry process that indexes all media files on your computer and transmits them to:  \u2026\u2026\u2026<\/span>

<\/span>\u2026\u2026\u2026<\/span>

<\/span>It’s hard to imagine any purpose for this other than the obvious piracy crackdown possibilities.<\/span>

<\/span>When a webcam is first enabled, ~35mb of data gets immediately transmitted to: <\/span><\/p>\n
\u2026\u2026\u2026 <\/span><\/p>\n
Everything that is said into an enabled microphone<\/strong> is immediately transmitted to:  <\/span>

<\/span>\u2026\u2026\u2026 <\/span><\/p>\n
<\/strong><\/span>If this weren’t bad enough, this behaviour still occurs after Cortana is fully disabled\/uninstalled<\/strong>.  It’s speculated that the purpose of this function to build up a massive  voice database, then tie those voices to identities, and eventually be  able to identify anyone simply by picking up their voice, whether it be a  microphone in a public place or a wiretap on a payphone. <\/span><\/p>\n
\u2026\u2026\u2026  <\/span><\/p>\n
While the inital reflex may be to block all of the above servers via  HOSTS, it turns out this won’t work: Microsoft has taken the care to  hardcode certain IPs, meaning that there is no DNS lookup and no HOSTS  consultation. However, if the above servers are blocked via HOSTS,  Windows will pretend to be crippled by continuously throwing errors,  while still maintaining data collection in the background. Other than an  increase in errors, HOSTS blocking did not affect the volume,  frequency, or rate of data being transmitted.  <\/span><\/p><\/blockquote>\n
So it appears that Microsoft does key-logging under Win 10, which means that they have your password, they phone home with your media files, meaning that the RIAA and MPAA can go after you for your bootlegs, and they have created a voice profile, so that the NSA can listen to you when they recognize your voice..<\/p>\n
Again, this is preliminary, but if half of this is true, my next computer will be a Linux box.<\/p>\n","protected":false},"excerpt":{"rendered":"
No verification yet, but there has been a semi credible report that Microsoft’s new operating system is literally sending everything you do to the Redmond Borg: Note: Some readers have commented that the original source for the article is of questionably validity. If anyone can confirm or refute the original author’s finding with actual data, …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1005,1060,969,1066,989,1025],"tags":[],"class_list":["post-182554","post","type-post","status-publish","format-standard","hentry","category-business","category-computer","category-evil","category-privacy","category-software","category-technology"],"_links":{"self":[{"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/posts\/182554"}],"collection":[{"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/comments?post=182554"}],"version-history":[{"count":0,"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/posts\/182554\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/media?parent=182554"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/categories?post=182554"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.panix.com\/~msaroff\/40years\/wp-json\/wp\/v2\/tags?post=182554"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}