Windows 10 oh so NSA & GCHQ (amongst others) friendly ….

Posted on July 29, 2015


Time is running out folk’s, by the time you read this the witching hour will almost be upon us, 1st August 2015 will see the revisions to Microsoft Privacy Statements and Services Agreement Agreements move Windows users into a brave new world of exposure / intimacy with Microsoft, and why, because there is a new kid on the OS block called Windows 10.

The Microsoft Privacy Statement and its Services Agreement could individually be dissected to fill separate 300+ page books full of the potential risk and exposures they entail for innocent users. So I am cherry picking in this missive, but there is oh so much more.

Before we get any further into this I want you to know that Widows 10 is a definite upgrade you should take, BUT do not be mislead by Microsoft’s obfuscating messaging around security, privacy and trust. Microsoft is not behaving like the friendly champion of your privacy they would like like you to believe. There is huge upside in the new Windows but with a whole lot of exposure to surveillance, and eavesdropping on an industrial scale that puts the NSA and GCHQ to shame (or are they in on the game).

I get the tightrope of functionality provision they are walking that demands certain data sharing, but there are ways of dealing with this that puts the user in an empowered position and comfort zone. Windows 10 does not behave in such a respectful way.

So let’s commence with a quote from the Microsoft Privacy Statement:

We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to protect our customers or enforce the terms governing the use of the services.”

Well my hackles were up before I got half way through the first line. What ever happened to good manners, and just because its software does not mean it can ride rough shod over cordial practices.

Ask first tends to be the ‘norm’ in the real world, but Microsoft like so many it has lambasted in the past (Google with its Scroogle campaign) is behaving like it no longer cares. Ask first in the software work means asking people to ‘Opt-In’ NOT forcing them to have to wander through multiple settings pages to find where they need to ‘Opt-Out’. Just about everything in the new Windows 10 is set to ‘Opt-Out’. That’s before you tae into account the data sharing that Microsoft does not even provide a user interface switch for.

Microsoft is on a real time data smash and grab. No please or thank you, a straight forward I am having this and taking it. The fig leaves of ‘improving end user experience’ amongst other excuses do not excuse what is going on.

The echo’s have hardly died from the honorable words spoken of trust by Satay Nadella (CEO) from the main stage of the Microsoft Worldwide Partner Conference only weeks ago, see my earlier blogs on this for details. Hot air and humbug. On the Cortana assistant that Satya Nadella spoke so eloquently, quote:

“To enable Cortana to provide personalized experiences and relevant suggestions, Microsoft collects and uses various types of data, such as your device location, data from your calendar, the apps you use, data from your emails and text messages, who you call, your contacts and how often you interact with them on your device.

Cortana also learns about you by collecting data about how you use your device and other Microsoft services, such as your music, alarm settings, whether the lock screen is on, what you view and purchase, your browse and Bing search history, and more.”

The inflection in the wording that Cortana is the user is laughable. What this means is everything you actually say when activating Cortana is shared with Microsoft, yes your statements, your actual words, a real time eavesdropping system.

My closing comment is on encryption. The final stand against permissive intelligence services and compliant global IT vendors. IF you enable device encryption (and you should) your Bitlocker encryption key is automatically backed up on OneDrive.  Hmmm… in a passing glance sort of way I get the thinking behind this to ensure users have a fallback if they forget their unencrypt passphrase, but the Snowden documents made it crystal clear that OneDrive was openly shared with the NSA. Does NO ONE at Microsoft think these things through, or care?

For those of us who care we have a frustrating few days locking W10 down. Look out for a step guide in a later blog. I am guessing that the new policy that we have to take the updates means having to Police Microsoft to ensure the updates to not re-open pandora’s box.