Windows 10 covertly sends your disk-encryption keys to Microsoft

Why not ask @Doctorow by name if you want an answer?

1 Like

Yeah I know but I so rarely take the 17" beast out of the house… I should look into something of an encryption solution for it.

Forwarding of encryption keys is not “a keylogger”. Keyloggers are when a buffer of whatever users type is saved to a file somewhere. That’s not what this article is about.

2 Likes

There’s so much FUD and scaremongering here and I don’t even know where to start except to say this: Apple does the same thing with FileVault. Where’s the outrage?

1 Like

You might try reading the original post I was commenting on, and you’ll see the false claims about a secret keylogger in Windows 10:

Windows 10 has many unprecedented anti-user features: a remote killswitch that lets it disable your hardware; keylogging and browser-history logging that, by default, sends it all to Microsoft, and a deceptive “privacy mode” that continues to exfiltrate your data, even when you turn it on.

And in an attempt to back this up, he links back to the same Boing Boing article that got it wrong in the first place.

Yeah that was the other thing about the earlier posts from him about win10, this was the same info that Apple, Google, etc collect if you used their cloud/online/services/whatevers but where was all the outrage for them?
Keylogging of some sort I just can’t see how you can get around for things like -start button-start typing name of application- are so damn nice and it isn’t going to work unless the machine is recording your input. Same with google autocomplete which can be fun at times…

So yeah for cortana to actually do it’s job it needs to log keystrokes. It was kinda skeezy it was sent back to the mothership for future usability by default but was easily turned off and still no worse than what apple/android does.

1 Like

I don’t run Siri.

1 Like

though you can (and should) ask Microsoft to forget the keys later.

Yeah, AFTER they forwarded the keys to the No Such Agency first.

2 Likes

Forwarding of encryption keys is not “a keylogger”. Keyloggers are when a buffer of whatever users type is saved to a file somewhere. That’s not what this article is about.

This, plus that there’s no way in hell that I’m going to trust any claim that there aren’t any keyloggers in Windows. Just as much as you can’t prove that Bertrand didn’t leave any teapot in an orbit around the sun between the Earth and Mars.

1 Like

So, now that I’ve looked this over, it seems like this is an enterprise-support friendly policy more than anything else and it just makes Windows’ Encryption useless for people who want to keep their data secure from external sources.

Honestly, my thinking is that if you’re going to be security-conscious then you’re going to want to use a third party tool anyway, right?

So with Truecrypt defunct wouldn’t not using windows and using Veracrypt or another similar tool be the way to go anyway?

I’m not seeing this as OMGZWINDOWZISAWFUL (windows 10 is actually a nice step up IMHO), just as ‘we shouldn’t have been relying on Windows Encryption anyway’

No, I know you don’t.

Right away, Al!

Yeah I have cortana turned off as well just cause I am old and get off my lawn kinda thing.

3 Likes

I have it off because despite my efforts to use it, I really don’t know how to use the damn thing and I just don’t find any value in it. I keep hearing of all of this cool stuff you can do with it but I can’t seem to figure out how to, well, do any of it. It’s all so obtuse – like it supposedly gets all this data about you to personalize itself to you, but other than the “Notebook” stuff I have no idea how it actually does this. I find it really aggravating.

Screw it. I’d rather just open a browser.

3 Likes

You do realize that Bertrand was demonstrating the utter foolishness of just the sort of argument you’re proposing - the stupidity of believing in something just because it can’t be disproved - right? Or do you spend your days believing in all of the world’s religions, as none of them can be disproved? Hey, here’s one - when you die, you’re reborn on another planet, but as a rutabaga. Since it can’t be disproved, you need to start believing it right away.

4 Likes

He was making a point about currently unprovable propositions, certainly, but I am not sure about your gloss.

We’ll all end in hell.

There are at least two mutually exclusive religions that doom all their nonadherents to hell. Hence, that.

2 Likes

unless they’ve changed it since i installed, the word you’re looking for is “overtly”, not “covertly”. it specifically says it will store the keys on your MS cloud drive. it really couldn’t be more clear about it, from what i saw when installing 10.

when people say 10 is doing “keylogging” they’re talking about the cloud-based spell-checking/autocorrect… which still isn’t keylogging.

Does it count as “sending one’s keystrokes to a third party [over a possibly poorly secured line]”?

No, they’re actually referring to a genuine, full-blown, record-everything-you-type keylogger. And it actually did exist - if you happened to be one of the minuscule percentage of people who were helping Microsoft test Windows 10 before its release, by using the Windows 10 Technical Preview version. And Microsoft didn’t make any secret of it. Like an airplane’s black box, the keylogger was essential in figuring out what a user may have been doing when an error occurred.

The keylogger does not exist in any of the production versions of Windows 10, and no one should still be running the Windows 10 Technical Preview version anymore.

2 Likes