And you thought Google was snoopy!
I always find it interesting when Microsoft ships a new product. They have a long history of forgetting about security and privacy. The reason may be business, or perhaps the influence of law enforcement or nation states. In either case here is a summary of the landmines individuals and corporations need to keep in mind when upgrading to Windows 10.
To begin with, I spent time reading the Microsoft small print before installing Windows 10. I was appalled at the over-extent by which Microsoft has decided to monitor and sell information that I had planned on putting on this laptop. A few minutes after reading this small print, I noticed an article by Heini Järvinen (1) going into many of the same gritty details that I noticed. As Heini’s writing style and notes are better than mine, I’m going to reference the article, and have placed the link below.
To me, offering a free product and then changing the agreement several days after looks like “bait and switch”.
2. “By default, when signing into Windows with a Microsoft account, Windows syncs some of your settings and data with Microsoft servers, for example “web browser history, favorites, and websites you have open” as well as “saved app, website, mobile hotspot, and Wi-Fi network names and passwords”. Users can however deactivate this transfer to the Microsoft servers by changing their settings.”
This feature gives Microsoft permission and legal authority to exfiltration or extraction of privacy data, passwords, and details of your browsing habits. For individuals this is a large violation of trust and privacy, for corporations this violates compliance standards of keeping passwords confidential, within your organization.
(For the rest of the article, click the link.)