Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Breakdown of the Windows 10 Privacy Policy

Posted by samzenpus on from the what's-mine-is-yours dept.

WheezyJoe writes: The Verge has a piece on Windows 10 privacy that presents actual passages from the EULA and privacy policy that suggest what the OS is capturing and sending back to Microsoft. The piece takes a Microsoft-friendly point of view, arguing that all Microsoft is doing is either helpful or already being done either by Google or older releases of Windows, and also touches on how to shut things off (which is also explained here). But the quoted passages from the EULA and the privacy policy are interesting to review, particularly if you look out for legal weasel words that are open to Microsoft's interpretation, such as "various types (of data)", diagnostic data "vital" to the operation of Windows (cannot be turned off), sharing personal data "as necessary" and "to protect the rights or property of Microsoft". And while their explanations following the quotes may attempt an overly friendly spin, the article may be right about one thing: "In all, only a handful of these new features, and the privacy concerns they bring, are actually in fact new... Most people have just been either unaware or just did not care of their existence in past operating systems and software." Even pirates are having privacy concerns and blocking Windows 10 users.

1 of 318 comments (clear)

  1. It's pretty bad. by SuricouRaven · · Score: 5, Interesting

    Get a packet sniffer on Windows ten. You can't run calculator without MS knowing.

    Seriously. Try it. Every time you run any of the new-style apps, including calculator or the image preview, it opens up a brief encrypted TCP connection to a MS licensing server. I have a video: https://www.youtube.com/watch?...

    Just ignore the bit about photoDNA at the end - that was a theory on my part that I've now determined is unlikely. It's not actually reporting on images, it's reporting on every time the image previewer is loaded. Or calculator, or sound recorder, or quite a few other things. I'm not sure that's much better.

    I had quite a bit of fun at the weekend with wireshark seeing just what a freshly-upgraded no-software-installed Windows 10 reports, after setting every privacy option I could find to private. The answer is pretty much everything. Even if you disable searching from the start menu, it still executes the search - it just doesn't display the results. It fetches updates for the default tiles on the start menu (weather and news) even after you remove the tiles. It establishes mysterious TLS connections frequently that I can't identify the purpose of - some of them might be checking for updates, but I doubt it check for upgrades every few minutes.

    Don't trust in my paranoia. Install wireshark and look for yourself.

    The good news is that Windows 10 firewall can be made to block almost everything with a deny rule and a list of IP ranges. The bad news is that it's quite tricky to do so without also blocking windows update, Bing, the Windows store (No great loss) and I suspect a few Azure hosts.