Windows 10: Forget Cloudobile, put Security and Privacy First

But - dammit - It would be insane to say 'don't collect, because NSA'


OK, there's a point to this stuff. It helps solve tech problems

Despite this, the NSA has already exploited these levels of "instrumentation" in order to spy on their targets. (Complete with weak non-denials!) "What is your hardware configuration" combined with "what applications you have installed" can be pretty valuable information to someone wanting to design targeted malware.

As long as there are sane limits on what's hoovered up – system specs, installed apps, etc – then what is collected is really only of use to the spooks when they want to play "targeted malware" games. I'm not exactly fond of handing that particular pack of narcissistic sociopaths any free meals, but for the time being they're too busy playing spy-versus-spy to spend too much time hunting down rabble-rousers.

That said, life is different if there is a keylogger (or worse) built into the OS. If the OS and/or the stock apps can be easily engaged to send back what you write (the content) or even just who you write it too (the all-important metadata) then who knows what fun others can get up to with that information.

The taxman cometh

If the Windows 10 preview's instrumentation is left in the final release then this could give spooks the ability to collect metadata and content on even "secure" comms apps: the ones employed by users specifically to bypass the prying eyes. It doesn't matter how many layers of encryption you use if your operating system is spying on you and phoning home with the info.

Given the growing predilection of western governments for criminalising dissenting political speech, I find the above abilities worrying. I'm not talking here about the NSA yet again, but rather more mundane organisations, like the IRS.

If the taxman in the US can blatantly target political opponents, then we have entered an era in which the rights of the individual to be free from petty interference by the state are going to be severely challenged.

Governments around the world are cracking down on public protests. They are increasingly moving towards censorship and even outright criminalization of political dissent. Or blasphemy, if you live in some of the more horrible parts of the world.

Any operating system from any vendor that collects large amounts of information about its users and then pipes that home is, in this political climate, probably a Very Bad Plan. Anything that the developer harvests for their own purposes can be – and ultimately will be – harvested by the bad guys, be they spooks, petty bureaucrats or skilled and well-resourced black hat hackers working for organized criminals.

This is why the uproar exists.

Windows 10 start menu

This is not the greatest song in the world... This is just a preview-ew-ew

To be perfectly clear: Windows 10 is currently a technical preview and there is no reason to assume that what's in the technical preview will necessarily end up in the final code. Microsoft says in the EULA it will monitor you. The EULA was perfectly clear about this and the EULA was well written and in plain English.

By the same token, however, Microsoft are not the good guys. While there is no reason to believe it will leave the full extent of the "instrumentation" in the final version of the software, there's no reason to assume it'll pull it out either.

I want to believe that Microsoft will behave honourably. I've built a career on Microsoft technologies and – despite my seething hatred for Windows 8 – I am growing to like Windows 10. Unfortunately, I am all too easily overcome by my doubts, and thus I find myself – like so many others – simply unable to take anything Microsoft says or does at face value.


Other stories you might like

Biting the hand that feeds IT © 1998–2022