Technology

Microsoft Windows 10 “Privacy” Not What It Seems

According to tech website ArsTechnica, it turns out Windows 10 privacy settings aren’t so private after all.

A series of recent real-world tests shows that Windows 10 continues to send identifiable information to Microsoft even if a user turns off both the Bing search and Cortana features, and turns all of the privacy settings to on.

The series of practical tests makes it clear that Windows 10 still “phones home”to Microsoft even when all privacy settings are enabled. Privacy experts note some of this contact is just basic and unidentifiable testing for an internet connection that is to be expected, but some of the information sent to and requested by Microsoft is associated with the firm’s One Drive cloud storage service and a content delivery network, and includes a user identification number.

Windows 10 privacy concerns

More details Windows 10 privacy concerns

One example of a privacy concern with Windows 10 is that, even with Cortana and web searching from the Start menu turned off, opening Start will initiate a request to www.bing.com to request a file called threshold.appcache which appears to contain some Cortana information. The Ars Technicas staff noted that the request for this file contains a random machine ID that lasts even after reboots.

The report also notes that “Some of the traffic looks harmless but feels like it shouldn’t be happening.” As one example, they note that even with no Live tiles pinned to Start (and therefore no need to poll for new tile data), Windows 10 downloads new tile info from MSN’s network from time to time, using unencrypted HTTP. Although the requests do not have identifying information, there’s no obvious reason for this to be happening at all.

Some of the privacy issues are more serious. For some reason, Windows 10 regularly sends data to a Microsoft server called ssw.live.com. This server is connected to OneDrive and other services. The problem is the new OS automatically transmits information to the server even when OneDrive is off and using a local account that isn’t connected to a Microsoft Account. Exactly what data is being sent is not obvious, although it seems to be connected telemetry settings, but the same question arises — why is any data being sent at all?

Windows 10 privacy concerns

Get our newsletter and our in-depth investor case studies all for free!

  • ftf123

    “We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary”

  • Ilya Geller

    Microsoft uses SQL.
    SQL, Structured Query Language is a programming language designed for managing data held in relational database, and was intended to manipulate and retrieve the data. SQL structures EXTERNAL questions in the sense that it was designed to convert incorrectly formulated EXTERNAL questions into the right ones.
    SQL works with structured data; where the structured data refers to information with a high – but never absolute! – degree of organization, such the database is easily searchable by simple, straightforward search engine.
    SQL structures queries which have nothing in common with the data itself! Actually SQL operates with EXTERNAL descriptions of the data – this is the reason why everybody wants to collect all possible details completing the description to the perfection, this is the reason why Microsoft began to spy or the EXTERNAL to the data details.
    Windows harvests these details and Microsoft sells them to advertisers and whoever wants to buy them.

    My technology structures INTERNALLY the data itself and it does not need any EXERNAL details.
    I, however, discovered and patented how to structure any data without SQL, the queries – INTERNALLY: Language has its own INTERNAL parsing, indexing and statistics and can be structured INTERNALLY. (For more details please browse on my name ‘Ilya Geller’.)
    For instance, there are two sentences:
    a) ‘Sam!’
    b) ‘A loud ringing of one of the bells was followed by the appearance of a smart chambermaid in the upper sleeping gallery, who, after tapping at one of the doors, and receiving a request from within, called over the balustrades -‘Sam!’.’
    Evidently, that the ‘Sam’ has different importance into both sentences, in regard to extra information in both. This distinction is reflected as the phrases, which contain ‘Sam’, weights: the first has 1, the second – 0.08; the greater weight signifies stronger emotional ‘acuteness’; where the weight refers to the frequency that a phrase occurs in relation to other phrases.

    SQL cannot produce the above statistics – SQL is obsolete and out of business.
    Microsoft made a huge mistake: Microsoft could become the leader in the fight for privacy instead of spying.

  • http://goodthings2life.azurewebsites.net/ GoodThings2Life

    OK, just to be clear here… the report by ArsTechnica’s Peter Bright (who really is a bright fellow), explicitly stated there’s NO REASON to believe that the information transmitted is identifiable.

    In fact, it’s a little disingenuous to call it a privacy concern at all. When you go to Start > Settings > Privacy > Feedback & Diagnostics, you see the second option for Diagnostic and usage data. The lowest option you can choose is BASIC. Not NONE and even offers a link to learn more about it.

    So what does this do? It does the same thing it’s done since Windows XP days: it anonymizes and submits crash diagnostic (error messages and such) to Microsoft in order for them to identify crash scenarios that need fixing. It sends little details like “Save function in Word crashed with error 0xwhatever.” That’s it. If your computer or applications are crashing, they want to know so they can get it fixed, and they don’t care who you are to get the info… “Just the facts, ma’am.”

  • Bill Smyth

    They do make a tool “destroy.windows.spying” without the dots – supposed to disable spying…

  • BrianW

    Can you clarify if the systems were using the Insider license or the public RTM upgrade license. Insiders are still treated differently.