Microsoft Windows Hosts
Donate
Microsoft Windows as Malware, Windows Insecurity, Windows Backdoors, Windows User Freedoms Restrictions, Windows Surveillance, Other Windows Abuses, Inescapable Telemetry
Windows Backdoors
Table: Windows Backdoors
| Category | Description |
|---|---|
| User Content Upload to Microsoft | Windows sometimes takes user content, such as documents, and uploads it to Microsoft servers.
Quote Microsoft: Configure telemetry and other settings in your organization (web archived website)
Media also reported. The Register: Windows 10 telemetry secrets: Where, when, and why Microsoft collects your data
Quote ZDNet: Windows 10 telemetry secrets: Where, when, and why Microsoft collects your data
Quote OS researchgate: Call Home: Background Telemetry Reporting in Windows 10
Quote Microsoft (web archived, year 2018)
Alternative write-up: Scaring: Windows 10 lets Microsoft access your own local files In theory, it might be possible to disable this behavior, but there have also been cases where these settings were not honored, as documented in chapter Inescapable Telemetry. There is a privacy by policy safeguard implemented at the Microsoft organizational level. Quote: "However, before more info is gathered, Microsoft’s privacy governance team, including privacy and other subject matter experts, must approve the diagnostics request made by a Microsoft engineer." However, privacy by policy is not privacy by design (privacy enforced through technology). Generally speaking, there is a history of privacy by policy safeguards being circumvented by malicious employees (insider attack), hacking (outsider attacks), and privacy by policy also fails in the case of government requests. Microsoft’s privacy governance team would be circumvented if Microsoft were compelled through a government order. Quote FBI–Apple encryption dispute
While there exists (to the knowledge of the author) no law that allows the government to compel companies to add new surveillance capabilities or backdoors to operating systems, Microsoft has an Possibly even orders that Microsoft would never be allowed to disclose due to a gag order The relevant statement by Microsoft Whether using this |
| Encryption | Microsoft has backdoored its disk encryption.
Quote The Intercept: (...) Microsoft Probably Has Your Encryption Key
But disabling this requires awareness of the issue, skills of using search engines and finding documentation how to do so, and technical skills to disable this privacy intrusion. This is often not the case for non-technical users. (The Tyranny of the Default) Quote Microsoft handed the NSA access to encrypted messages
|
| Software Choice and Deletion |
|
Windows Surveillance[edit]
Table: Windows Surveillance Threats
| Category | Description |
|---|---|
| Adversary Collaboration |
|
| Anonymity |
|
| Keylogger |
Windows 10 comes with a keylogger. Quote Microsoft (year 2015 web archived version): Windows 10 speech, inking, typing, and privacy FAQ
Quote [2] PCWorld: text input and unique typing cadence (pattern)
Quoting the 2015 version of Microsoft: Windows 10 speech, inking, typing, and privacy FAQ
Note: any deletion from the quote is only a promise. If data was leaked or shared with other parties previously or requested through a government order previously, it would not be deleted. Such data is vulnerable to Keystroke Deanonymization. |
| Voice Recording |
Quote 2020 Microsoft: Windows 10 speech, inking, typing, and privacy FAQ
This means Windows is recording the user's voice and storing it on servers owned by Microsoft. The same website mentions that this can be disabled.
But disabling this requires awareness of the issue, skill in using search engines and finding documentation on how to do so, and technical ability to disable this privacy intrusion. This is often not the case for non-technical users. (The Tyranny of the Default) Quote Microsoft Privacy Statement, Last Updated: March 2021
This sounds rather theoretical: "collect samples" - how many samples? "processed to remove" data "which could be used to reconstruct the original content or associate the input to you" - how effective is that processing? Such data is vulnerable to Voice Deanonymization |
| Spyware |
|
| Telemetry and Personal Data |
EU still concerned over Windows 10 privacy despite Microsoft’s changes Quote EFF With Windows 10, Microsoft Blatantly Disregards User Choice and Privacy: A Deep Dive
France orders Microsoft to stop tracking Windows 10 users
Ars Technica: Dutch privacy regulator says Windows 10 breaks the law
|
| Trust |
|
| Windows Error Reporting (WER) and Core Dumps Privacy Issues |
According to Der Spiegel: Inside TAO: Documents Reveal Top NSA Hacking Unit
Quote Microsoft
|
Trying to disable the lengthy list of privacy-invasive features
is a huge task, similar to playing "whack-a-mole". Being unaware of some spyware feature could result in unwanted surveillance.
Windows User Freedom Restrictions[edit]
A number of conscious decisions by Microsoft severely limit user freedoms.
Table: Windows User Freedom Threats
| Category | Description |
|---|---|
| Trust |
The German government, Ministry of Economics, and Federal Office for Information Security (BSI) do not trust Microsoft Windows. Archived, redacted version after court order requested by Microsoft against newspaper ZEIT ONLINE: page 1
What was it that ZEIT ONLINE needed to redact? Quote A BSI-2i.pdf German government internal documents leaked on wikileaks
Heise: German authorities are losing control over critical IT systems
The Register - Germany warns: You just CAN'T TRUST some Windows 8 PCs A whitewashed statement by the German government, Federal Office for Information Security, BSI, [12] wrote (See full statement (web archived)
|
| Forced Updates | Microsoft has a history of updating software without permission. While configurable update reminders are good for those who forget to regularly update, forced updates are problematic for those who do not wish to. [13]
This Windows issue had not been foreseen. To the knowledge of the author, there were no popular "really disable all Windows updates" instructions. By comparison, such an issue is unlikely to happen with Debian (and many derivatives) based operating systems (and other Freedom Software Linux distributions). On Windows, there was no real way to check which code would run when. Or at least, for practical purposes, nobody did reverse engineering and documented that. For example, on Debian (based) operating systems, by default their default package manager APT is fully Open Source. But also without reading the source code, its behavior is much more predictable. Software sources are defined in easily human-readable files such as |
| Forced Upgrades |
|
| Tiered Stability (Updates Testing) | Windows forces lower-paying customers to install new updates and gives higher-paying customers the option of whether or not to adopt them. Quote:
|
| User Freedoms |
|
| Software Freedom |
|
| Forced Telemetry into C++ Binaries |
Adversary Collaboration[edit]
Microsoft has a history of informing adversaries of bugs before they are fixed. Microsoft reportedly gives adversaries security tips (archive.is) on how to crack into Windows computers.
Microsoft Corp. (MSFT), the world’s largest software company, provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix, according to two people familiar with the process.
Redmond, Washington-based Microsoft (MSFT) and other software or Internet security companies have been aware that this type of early alert allowed the U.S. to exploit vulnerabilities in software sold to foreign governments, according to two U.S. officials. Microsoft doesn't ask and can't be told how the government uses such tip-offs, said the officials, who asked not to be identified because the matter is confidential.
Frank Shaw, a spokesman for Microsoft, said those releases occur in cooperation with multiple agencies and are designed to give government "an early start" on risk assessment and mitigation
See also this opinion analyzing this, How Can Any Company Ever Trust Microsoft Again?.
By comparison, the Linux kernel has a security buy embargo process.
[...]
Although our preference is to release fixes for publicly undisclosed bugs as soon as they become available, this may be postponed at the request of the reporter or an affected party for up to 7 calendar days from the start of the release process, with an exceptional extension to 14 calendar days if it is agreed that the criticality of the bug requires more time. The only valid reason for deferring the publication of a fix is to accommodate the logistics of QA and large scale rollouts which require release coordination.
While embargoed information may be shared with trusted individuals in order to develop a fix, such information will not be published alongside the fix or on any other disclosure channel without the permission of the reporter. This includes but is not limited to the original bug report and followup discussions (if any), exploits, CVE information or the identity of the reporter.
In other words our only interest is in getting bugs fixed. All other information submitted to the security list and any followup discussions of the report are treated confidentially even after the embargo has been lifted, in perpetuity.
[...]
Fixes for sensitive bugs, such as those that might lead to privilege escalations, may need to be coordinated with the private <linux-distros@vs.openwall.org> mailing list so that distribution vendors are well prepared to issue a fixed kernel upon public disclosure of the upstream fix. Distros will need some time to test the proposed patch and will generally request at least a few days of embargo, and vendor update publication prefers to happen Tuesday through Thursday. When appropriate, the security team can assist with this coordination, or the reporter can include linux-distros from the start.
[...]
The crucial difference between Microsoft bug embargoes and Linux bug embargoes is that Microsoft notifies intelligence agencies, which are then known to exploit vulnerabilities, while the Linux kernel security team has a much more transparent bug embargo process. In the Linux case, trusted parties - such as major Linux distributions - receive early notification to ensure wide availability of the software upgrade containing the fix before public disclosure, thereby helping to prevent widespread exploitation by attackers in the wild.
[edit]
- Open Source, Freedom Software versus
- proprietary, closed source, precompiled software
are totally different development models. Both development models have advantages and disadvantages.
The case for Open Source, Freedom Software is made on the Avoid Non-Freedom Software wiki page.
One argument in favor of closed source software could be its secrecy, security through obscurity. (Also addressed on the Avoid Non-Freedom Software wiki page.)
However, Microsoft Windows has none of the advantages of Open Source, Freedom Software, and also cannot fully benefit from security through obscurity either. Part of the Shared Source Initiative is the Government Security Program. Quote ZDNet:
Microsoft's Shared Source Initiative
Simplified summary: Independent security researchers do not have access to the source code, but large groups of people - some of whom you likely do not trust - do have an advantage over you. The only motivation for sharing the source code is to gain regulatory approval for deployment in foreign government networks that require certain assurances for market access. This has nothing to do with empowering third parties or giving them the freedom to modify the software or share it with others.
Inescapable Telemetry[edit]
The fact that there is no way to completely remove or disable telemetry requires further consideration. For instance, non-enterprise editions do not permit anyone to completely opt out of the surveillance "features" of Windows 10.
Quote: Even when told not to, Windows 10 just can’t stop talking to Microsoft.
Quote: Windows 10 Sends Your Data 5500 Times Every Day Even After Tweaking Privacy Settings.
CheesusCrust also disabled every single tracking and telemetry features in the operating system. He then left the machine running Windows 10 overnight in an effort to monitor the connections the OS is attempting to make.
Eight hours later, he found that the idle Windows 10 box had tried over 5,500 connections to 93 different IP addresses, out of which almost 4,000 were made to 51 different IP addresses belonging to Microsoft.
Even if some settings are tweaked to limit this behavior, it is impossible to trust that those changes will be respected. Even the Enterprise edition was found to completely ignore privacy settings and any attempts to disable contact with Microsoft servers. [19]
Any corporation that forces code changes on a user's machine - despite Windows updates being turned off multiple times before - is undeserving of trust. [20] [21] [22] [23] [24] Windows 10 updates have been discovered to frequently reset or ignore telemetry privacy settings.[25] Microsoft backported this behavior to Windows 7 and 8 for those who held back, so the odds are that Windows users are already running it.
Forfeited Privacy Rights[edit]
By now, the reader should be convinced that simply using any version of Windows results in a complete forfeiture of the right to privacy. Windows is incompatible with the intent of Kicksecure (and the anonymous Tor Browser), since running a compromised Windows host undermines the trusted computing base, which is a fundamental part of any threat model. Privacy is inconceivable if any information that is typed or downloaded is provided to third parties, or if programs bundled as part of the OS regularly "phone home" by default.
Targeted Malicious Upgrades[edit]
Microsoft Windows is not designed to be resistant to targeted malicious software upgrades of the Windows operating system or applications from the Windows Store.
A targeted malicious software upgrade refers to singling out specific users and delivering malicious upgrades only to those selected individuals.
Most users utilize a Windows Live ID, as this is encouraged by Windows, and it is commonly associated with their real names and IP addresses
.
When installing or updating applications through the Microsoft Store, Microsoft is aware of the user's Windows Live ID, and therefore also knows the user's real name and IP address. As a result, a coerced or compromised Microsoft Store could single out specific users and deliver malicious software containing malware with features such as remote control, remote viewing, file upload and download, microphone and webcam snooping, keylogging, and more. This risk also exists with any operating system that uses a corporate-controlled, walled garden app store, such as those operated by Apple, Google, or Amazon.
Given Microsoft's already well-documented privacy-intrusive behavior, as described elsewhere on this page, it is reasonable to assume that the same risks apply to Microsoft Update.
By comparison:
- Most Linux distributions usually do not require an email-based login to receive upgrades. However, users can still be singled out by IP address unless they opt in to use something like
apt-transport-tor, which is not the default. - In the case of Whonix and Kicksecure, all upgrades are downloaded over Tor. This prevents the server from delivering legitimate upgrade packages to most users while singling out specific users for targeted attacks.
Opinion by GNU Project[edit]
The GNU Project opinion is that Windows is "malware" due to the threats it poses to personal freedom, privacy, and security, meaning the software is designed to function in ways that mistreat or harm the user.
Interpretation of Opinion by GNU Project:
Word definitions: Spyware is a type of malware.
Quote from Wikipedia on malware:
A wide variety of malware types exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software, wiper and scareware.
If that definition is accepted, then it follows that if one agrees "Windows is spyware", it logically follows that "Windows is also malware". This explains the GNU Project's rationale for labeling Windows as malware.
Windows is considered malware by definition based on its behavior. The fact that individuals may trust Microsoft with the data it collects by default does not change that classification.
Opinion by Free Software Foundation[edit]
The Free Software Foundation (FSF) writes quote:
Microsoft uses draconian law to put Windows, the world's most-used operating system, completely outside the control of its users. Neither Windows users nor independent experts can view the system's source code, make modifications or fixes, or copy the system. This puts Microsoft in a dominant position over its customers, which it takes advantage of to treat them as a product
Windows Insecurity[edit]
Microsoft's willingness to consult with adversaries and provide zero days before public fixes are announced logically places Windows users at greater risk, especially since adversaries buy security exploits from software companies to gain unauthorized access to computer systems.[26] Even the Microsoft company president has harshly criticized adversaries for stockpiling vulnerabilities that, when leaked, led to the recent worldwide ransomware crisis. This is elaborated in chapter Adversary Collaboration.
Windows is not a security-focused operating system. If it were, it would, for example:
- Not upload user data to Microsoft servers.
- Minimize the data stored on or accessible to Microsoft servers. (Windows Surveillance)
- Use end-to-end encryption whenever possible.
- Be resilient to targeted malicious upgrade attacks by not linking software installation/upgrading to a Windows ID and/or by providing an option to download software over the Tor anonymity network (or hypothetically a next-generation anonymity network developed by Microsoft).
- Not upload full disk encryption keys to Microsoft servers (see chapter Windows Backdoors, category Encryption).
Such security standards are entirely affordable, because Microsoft makes billions in profit and are very realistic, as some Freedom Software Linux distributions have already implemented these.
Due to Microsoft's restrictive, proprietary licensing policy for Windows, there are no legal software projects providing a security-enhanced Windows software fork. There are security-enhanced Windows software forks, but these are illegal, violate Microsoft's copyright, and are provided by anonymous developers. In contrast, the Linux community has multiple Freedom Software Linux variants strongly focused on security, such as Qubes OS.
Microsoft provides Tyrant Security, not Freedom Security. (Freedom vs Tyrant Security) Windows includes some innovative security technologies; however, its privacy and user freedom are severely lacking. Security and privacy are closely connected.
Quote Bruce Schneier: Security vs. Privacy, The Value of Privacy:
There is no security without privacy.
I equate privacy with security because they are very much related in the real world, especially for whistleblowers.
Windows Historic Insecurity[edit]
Microsoft updates have historically used weak cryptographic verification methods such as MD5 and SHA-1. In 2009, the CMU Software Engineering Institute stated that MD5 "...should be considered cryptographically broken and unsuitable for further use".[27] In 2012, the Flame malware exploited weaknesses in MD5 to fake a Microsoft digital signature.[28]
Before Windows 8, there was no central software repository comparable to those used by Linux distributions, where software could be safely downloaded. This means a large segment of the population remains at risk, since many Windows users are still running Windows 7.
https://seclists.org/fulldisclosure/2023/Feb/14
Windows Software Sources[edit]
On the Windows platform, a common way to install additional software is to search the Internet and install the relevant program. This is risky, as many websites bundle software downloads with adware, or worse, malware. Even when software is downloaded from reputable sources, these sources often behave in insecure ways. For example, if Mozilla Firefox is downloaded from a reputable website like chip.de,[29] then until recently, the download would have taken place over an insecure, plain HTTP connection.[30] In such cases, it is trivial for ISP-level adversaries, Wi-Fi providers, and others to perform man-in-the-middle attacks and inject malware into the download. Even when HTTPS is used, it only provides a very basic form of authentication.
To keep a system secure and free of malware, it is strongly recommended to always verify software signatures. However, this is very difficult - if not impossible - for most Windows users. Typically, Windows programs do not include software signature files (OpenPGP / gpg signatures) as is common in the GNU/Linux world.
Tools for digital signature verification are not installed by default on the Windows platform. Neither SignTool (Authenticode) nor gpg4win come preinstalled. While they can be manually installed, this creates a bootstrap problem: these tools themselves would have to be downloaded over HTTPS, offering only minimal authentication. In contrast, most Linux distributions include GnuPG for software signature verification by default.
For these reasons, it is safe to assume that virtually no Windows users are regularly benefiting from the strong authentication provided by software signature verification.
The Windows 10 App Store does not suffer from this issue, as it performs software signature verification; however, many applications are not available through the Windows App Store. In the Windows ecosystem, software signature verification is far less culturally widespread.
By contrast, most Linux distributions provide centralized software repositories. For example, Debian and Debian-based distributions use APT, which offers strong authentication by verifying all downloads against the Debian repository signing key. This process is automatic and enabled by default, requiring no user interaction. APT also displays a warning if there is an attempt to install unsigned software. Even when software is unavailable in the distribution's software repository, in most cases OpenPGP / gpg signatures are available. In the Linux world, it is practically possible to always verify software signatures.
No Ecosystem Diversity Advantage[edit]
The popularity of Windows platforms on desktops actually increases risk, as attackers regularly target this near-monocultural operating system environment. A security bug is often exploitable across many versions of Windows deployed globally, making them what is known in security terms as a "class break".[31] For example:
- The Wanna Decryptor ransomware attack that spread worldwide was solely focused on Windows platforms.
- Flaws in Internet Explorer and Edge have previously allowed attackers to retrieve Microsoft account credentials.
- Point-of-sale terminals running Windows were previously taken over to collect customers' credit card numbers.
Intransparency[edit]
Windows source code is unavailable for public review or building by independent third parties.
Microsoft Windows has none of the advantages of Open Source, Freedom Software, but also cannot fully benefit from security through obscurity either. This point is further discussed in chapter Shared Source.
There is no public issue tracker for Microsoft Windows where any reasonable user is allowed to post or reply. There is a public list of vulnerabilities, but it lacks public discussion among developers and/or users.[32] Microsoft's internal issue tracker is private and inaccessible to the public, even for reading purposes.[33] The ability of the public to gain insights into Microsoft’s planning and development processes, or to participate in the development of Windows, is significantly limited. This is common among closed source, proprietary software projects. The community is largely excluded from development. In contrast, Open Source projects often maintain public issue trackers where anyone can post and reply (except in the case of embargoed security issues).
When users encounter problems and seek help, the common advice is often to "reinstall Windows". Due to the closed source nature of Windows, analyzing issues, creating bug fixes, and developing workarounds is considerably more difficult.
Reverse engineering is sometimes cited as an alternative to the lack of access to Windows source code. However, reverse engineering is much more difficult and limited in scope. For example, the forced updates and forced upgrades instances where Windows ignores the user's automatic update settings (as documented in chapter Windows User Freedom Restrictions)—were not foreseen or published by anyone performing reverse engineering. Users were taken by surprise.
Using Earlier Windows Versions is No Good Alternative[edit]
When users learn about shortcomings, anti-features, or spyware features of Windows, they often consider avoiding newer versions or downgrading to earlier versions of Windows as an alternative.[34]
However, this is not a solid long-term plan, as security support for older Windows versions is being discontinued. Without ongoing support, newly discovered security vulnerabilities will remain unpatched.
- Microsoft has dropped support for Windows 7 and 8 on recent processors following the release of Windows 10.
- Microsoft has made Windows 7 and 8 non-functional on certain new computers, forcing many users to switch to Windows 10. For example, support was dropped for all future Intel, AMD, and Qualcomm CPUs.
- Microsoft ends support for specific platforms - such as Windows XP - and software, including popular Internet Explorer versions, even after users have built strong software dependencies around them.
This approach is further undermined by forced updates and forced upgrades, as discussed above.
Terrible Company[edit]
Microsoft has historically been hostile toward Freedom Software. Microsoft has acted as a patent troll, claiming that Linux infringed on its intellectual property. Despite the backlash over this claim, Microsoft never substantiated the accusation, never sued anyone, and never issued an apology. References:
- Now defunct website
Show Us The Code, archived: https://web.archive.org/web/20071120042104/http://showusthecode.com/responses.htm - Internet search term:
"microsoft" "Show Us The Code" - https://www.redhat.com/en/blog/microsoft-and-patent-trolls
- https://openinventionnetwork.com/
Other references:
- https://www.eff.org/deeplinks/2015/12/stupid-patent-month-microsofts-design-patent-slider
- Microsoft used the DMCA (Digital Millennium Copyright Act) to shut down reverse engineering of Skype. See DMCA notice received by and published on GitHub.
The Tyranny of the Default[edit]
Quote from The Tyranny of the Default: [35]
“‘The tyranny of the default’ [is] the expression I like to use for: we know most users don’t go in and change things. They just assume that someone smarter than them chose the settings that are best for them, and so they say ‘YES’ a lot when they’re asked questions. What that means is that if it’s enabled by default, it’ll tend to stay on.”
Any anti-features of Windows, such as telemetry, cannot be excused by the argument "but it can be disabled". That is, at best, a workaround - not a fix. The fact remains: for most users, if it’s enabled by default, it will tend to stay on.
Changing defaults requires awareness of the issue, the ability to use search engines to find documentation, and the technical skills to make the change. This is often not the case for non-technical users. Even technical users might forget to reapply changes in situations such as after a reinstallation. Therefore, default settings matter.
Nuisances[edit]
- "Reinstall Windows": When users encounter issues and search for help, they are often advised to "reinstall Windows". Due to the closed source nature of Windows, it is far more difficult to analyze issues, provide bug fixes, or develop workarounds.
- Windows updates often take a long time and require multiple reboots. [36]
The typical update process:
- User runs Windows Update.
- Windows downloads and installs updates.
- A reboot is required; during shutdown, Windows takes a long time to finalize some updates.
- On the next boot, Windows takes additional time finalizing updates.
- Windows Update reports more updates are available. Return to step 1.
- This cycle may repeat several times.
By comparison, for Debian-based distributions, a single command "sudo apt update && sudo apt full-upgrade" is sufficient to download and install all available updates. No extra time is required during shutdown or the next boot, and no further updates are typically needed immediately after reboot. [37]
- Advertisements:
- Windows displays advertisements for Microsoft products and partner offers.
- Windows inserts advertisements into File Explorer to promote paid subscriptions.
- Windows displays advertisements
- Windows is less flexible. While Linux distributions can easily be installed to a USB drive or transferred between hardware by simply swapping hard drives, these tasks are significantly more challenging for Windows users.
- Windows is difficult to modify. For example, Qubes Windows Tools for Windows 10 are still not ready.
Freedom Software Superiority[edit]
Based on the preceding sections and analysis, it is strongly recommended to learn more about GNU/Linux and install a suitable distribution to safeguard personal rights to security and privacy. Otherwise, users must exert significant effort to play "whack-a-mole" in disabling Windows anti-features, which routinely subject them to surveillance, restrict choice, deliberately weaken security, and harass through advertisements, forced updates/forced upgrades, and more.
See also: Avoid Non-Freedom Software.
Conclusion[edit]
Can Windows 10 be secure for huge enterprise-level customers? In theory, maybe. These customers might have access to Windows Shared Source, which might even be complete enough to build Windows from source code. However, this cannot be known for sure due to the high requirements to gain access to the Windows source code and the obligation to sign a non-disclosure agreement (NDA). Even if the author of this page had such access, it could not be discussed here due to NDA restrictions. These customers might also be able to avoid the otherwise inescapable Inescapable Telemetry by building their own Windows installer ISOs and updates from source.
In practice, however, it is foolish to trust any version of Windows coming from an entity that has repeatedly proven itself untrustworthy. It is far better to move on and use sustainable alternatives.
Can Windows 10 be secure for laymen users? Probably not. Due to Windows Error Reporting (WER) and Core Dumps Privacy Issues, telemetry, spyware, and keylogger features (see chapter Windows Surveillance), excessive amounts of private user information end up on Microsoft servers. Microsoft is legally compelled to cooperate with governments that employ thousands of analysts, making the data vulnerable to misuse. Such data can be exploited using parallel construction - a technique for circumventing constitutional protections against unreasonable searches and seizures.
While security updates are necessary for any operating system, the issue with Microsoft is that these updates often include more than users expect. In the past, updates were altered to phone home, even when telemetry was disabled. Examples include Inescapable Telemetry and forced updates/upgrades.
Windows openly admits to data mining and presents users with so-called "choices" regarding what data is shared. However, third parties have consistently demonstrated that these user choices are ignored, and there is no way to completely disable data collection.
Does Windows result in a net gain or loss of privacy worldwide?
A proprietary, security-hardened version of Windows that resists third-party spyware - but includes built-in data snooping - results in a net loss of end user freedom, privacy, and increased security risk, as NSA has been known to exploit Windows error reporting.
In contrast, a less security-hardened Freedom Software operating system may be more vulnerable to active attacks, but with no privacy-invasive code included by default, it provides a net gain in privacy by default. Nothing is reported anywhere unless a targeted attack is deployed.
Forum Discussion[edit]
https://forums.whonix.org/t/host-operating-system-selection-wiki-page-discussion/11303
See Also[edit]
- Basic Host Security
- Advanced Host Security
- Miscellaneous Threats to User Freedom
- Avoid Non-Freedom Software
- Tyrant Security vs Freedom Security
- Why Kicksecure is Freedom Software
- Unsubstantiated Conclusions
- Kicksecure Policy on Non-Freedom Software
References[edit]
- ↑ With the ability to be legally allowed to actually talk about. I.e. without non-disclosure agreement (NDA).
- ↑ modified by author: added link to web archive with quote from 2015
- ↑
https://www.government.nl/documents/publications/2019/06/11/dpia-windows-10-enterprise-v.1809-and-preview-v.-1903
- ↑
Microsoft Privacy Statement for Error Reporting
- ↑
Description of the end user privacy policy in application error reporting when you are using Office
- ↑
https://rcpmag.com/articles/2002/10/03/microsoft-error-reporting-drives-bug-fixing-efforts.aspx
- ↑
https://web.archive.org/web/20200312211152/https://www.forcepoint.com/blog/x-labs/are-your-windows-error-reports-leaking-data
- ↑
So heißt es in einem internen Papier aus dem Wirtschaftsministerium von Anfang 2012: "Durch den Verlust der vollen Oberhoheit über Informationstechnik" seien "die Sicherheitsziele 'Vertraulichkeit' und 'Integrität' nicht mehr gewährleistet." An anderer Stelle stehen Sätze wie: "Erhebliche Auswirkungen auf die IT-Sicherheit der Bundesverwaltung können damit einhergehen." Die Schlussfolgerung lautet dementsprechend: "Der Einsatz der 'Trusted-Computing'-Technik in dieser Ausprägung … ist für die Bundesverwaltung und für die Betreiber von kritischen Infrastrukturen nicht zu akzeptieren."
- ↑
Bei der Verhandlungsführung kann bezogen auf die TPM-Nutzung daraufhingewiesen werden,
dass nicht nur die Bundesregierung den nicht selbst kontrollierten Einsatz von TPMs kritisch
sieht, sondern auch weite Teile der deutschen Industrie, insbesondere in Kritischen Infrastrukturen.
- ↑
Daher argumentiert Microsoft damit, dass sie selbst die Kontrolle über UEFI „Secure Boot"
benötigen, um für den Eigentümer UEFI „Secure Boot" sicher zu verwalten. Aus Sicht des BSI ist der Aufwand für eine selbst kontrollierte Konfiguration von UEFI „Secure Boot" zwar derzeit hoch, aber insbesondere in Einsatzbereichen mit hohem Schutzbedarf oder in Kritischen
Infrastrukturen dringend geboten.
- ↑
Einerseits verlangt die Bundesregierung „uneingeschränkte Kontrollierbarkeit“ von Computern, die kritische Infrastrukturen am Laufen halten – also Atomkraftwerke, Wasser-, Energie und Verkehrsnetze. Andererseits tun die zuständigen Behörden nichts, um die bereits an Intel und Microsoft verlorene Kontrolle zurückzuerlangen.
- ↑ Bundesamt für Sicherheit in der Informationstechnik
- ↑
https://www.techrepublic.com/index.php/blog/it-news-digest/microsoft-admits-to-stealth-updates/
- ↑
sudo apt update
... Get:5 tor+https://deb.debian.org/debian buster-backports InRelease [46.7 kB] Get:6 tor+https://deb.debian.org/debian-security buster/updates InRelease [65.4 kB] Get:7 tor+https://deb.debian.org/debian buster-updates InRelease [51.9 kB] Hit:8 tor+https://deb.debian.org/debian buster InRelease ...
- ↑
sudo apt full-upgrade
Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done The following packages will be upgraded: anon-apt-sources-list anon-icon-pack apparmor-profile-dist apparmor-profile-torbrowser bootclockrandomization damngpl dist-base-files gpg-bash-lib hardened-malloc hardened-malloc-kicksecure-enable helper-scripts kicksecure-base-files kicksecure-cli kicksecure-dependencies-cli msgcollector msgcollector-gui open-link-confirmation repository-dist sdwdate secbrowser security-misc tb-default-browser tb-starter tb-updater timesanitycheck tor tor-geoipdb usability-misc vm-config-dist whonix-initializer 30 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 5,957 kB of archives. After this operation, 732 kB of additional disk space will be used. Do you want to continue? [Y/n]
- ↑
https://www.theguardian.com/technology/2015/sep/11/microsoft-downloading-windows-1
- ↑
https://www.computerworld.com/article/3012278/microsoft-sets-stage-for-massive-windows-10-upgrade-strategy.html
- ↑
- ↑
https://web.archive.org/web/20170609221304/https://forums.whonix.org/uploads/default/original/2X/0/004857ec71ff2e4b23c88bf596b6142373fe2879.jpg
- ↑
https://web.archive.org/web/20071011010707/http://informationweek.com/news/showArticle.jhtml?articleID=201806263
- ↑
https://archive.fo/LffTy
- ↑
https://arstechnica.com/information-technology/2015/07/windows-10-updates-to-be-automatic-and-mandatory-for-home-users/
- ↑
https://web.archive.org/web/20171006181359/http://voices.washingtonpost.com/securityfix/2007/09/microsofts_stealth_update_come.html
- ↑
https://www.zdnet.com/blog/hardware/confirmation-of-stealth-windows-update/779
- ↑
https://community.spiceworks.com/topic/1535835/win-10-update-resets-privacy-again
- ↑ This is especially true for users of Tor, who are regularly targeted in this fashion.
- ↑ https://en.wikipedia.org/wiki/MD5#cite_note-11
- ↑ https://arstechnica.com/security/2012/06/flame-crypto-breakthrough/
- ↑
https://www.chip.de/downloads/Firefox-64-Bit_85086969.html
- ↑
In 2019,
chip.debegan enforcing HTTPS across its entire website. - ↑ https://www.schneier.com/blog/archives/2017/01/class_breaks.html
- ↑
https://answers.microsoft.com is mostly user-to-user discussion. It is difficult to find posts by Microsoft employees, and interaction is generally low. A volunteer moderator is not a developer.
There is also https://techcommunity.microsoft.com.
- ↑
Evidence that Microsoft maintains an internal issue tracker: https://www.engadget.com/2017-10-17-microsoft-bug-database-hacked-in-2013.html
- ↑
Example quote:
I doubt microsoft is telling everything, im sticking with W7 indefinitely.
Example quotes
:
Hmm, guess I'm going back to Windows 7.
This is why I went from using the beta build as my primary OS back to Windows 8.1.
And now myself and everyone in my family will be staying with their current OS (Windows XP, Vista, 7 and 8.1).
- ↑ Broken link: https://cmitsolutions.com/hartford/the-tyranny-of-the-default
- ↑
- ↑ Because a previous update was a prerequisite for retrieving the next update.
A secure by default operating system with the latest security research in place.
At
Kicksecure we value freedom and trust, supporting Open Source and Freedom Software
2012-
2025 ENCRYPTED SUPPORT LLC
We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!