Windows 10 covertly sends your disk-encryption keys to Microsoft

We’ll all end in hell.

There are at least two mutually exclusive religions that doom all their nonadherents to hell. Hence, that.

2 Likes

unless they’ve changed it since i installed, the word you’re looking for is “overtly”, not “covertly”. it specifically says it will store the keys on your MS cloud drive. it really couldn’t be more clear about it, from what i saw when installing 10.

when people say 10 is doing “keylogging” they’re talking about the cloud-based spell-checking/autocorrect… which still isn’t keylogging.

Does it count as “sending one’s keystrokes to a third party [over a possibly poorly secured line]”?

No, they’re actually referring to a genuine, full-blown, record-everything-you-type keylogger. And it actually did exist - if you happened to be one of the minuscule percentage of people who were helping Microsoft test Windows 10 before its release, by using the Windows 10 Technical Preview version. And Microsoft didn’t make any secret of it. Like an airplane’s black box, the keylogger was essential in figuring out what a user may have been doing when an error occurred.

The keylogger does not exist in any of the production versions of Windows 10, and no one should still be running the Windows 10 Technical Preview version anymore.

2 Likes

Word. Seriously. Microsoft Word. You speak the truth, a word Microsoft hasn’t sodomized yet.

3 Likes

Has anybody discovered a reason to want Win10?

1 Like

It’s better than 8…

1 Like

What if you weren’t foolish enough to run 8?

Well, ummm

2 Likes

Next week, on BoingBoing:

“BREAKING: LINUX FOUND TO LOG ALL COMMAND LINE INPUT BY DEFAULT, USERS NEVER TOLD”

“I don’t know man, I just didn’t know. And then I found this .bash_history file, and it had EVERYTHING! I feel so betrayed! It wasn’t even encrypted, it’s just all plaintext! I THOUGHT LINUX WAS SECURE, YOU FUCKED ME OVER, TORVALDS!”

In all seriousness, the whole backing up your crypto key isn’t even new, or a windows 10 Feature. It’s present in 8.1 since 2013, and RT for even longer.

In fact, most of the telemetry shit people are freaking out about in windows 10 isn’t new - It’s called Application Insights, there’s reams and reams of documentation online about how it works and what it collects. And apparently, most of the anti-windows 10 freakout people missed the memo about it getting patched into Win7 and 8, so refusing to upgrade does precisely jack shit to protect them from this insidious program that they’ve published a library’s worth of documentation about online. The stuff that isn’t part of insights? Windows update has been collecting that since XP, and they’ve not exactly kept that a secret, either.

They’re not even alone on collecting data. Every large tech company collects data on you, Apple, google, Amazon, Facebook, Twitter, Instagram, the list goes on. While everyone else is going “Well, don’t you worry your pretty little head about what we’re collecting, we super duper promise we won’t use it and you won’t even notice”, MS goes “Well, we’re collecting this data, Here’s how, Here’s why, here’s what we do with it.”

But because they’re open about what they do, it makes it real easy for people to write scarebait articles to pull in those who don’t know what they’re doing, especially the subset of those people who think they do.

And that’s how 2015 ended - With me drunk, and yelling at people about computer security. Happy New Year, ya filthy animals.

6 Likes

It’s possible to avoid (or uninstall) the telemetry “updates”. I recommend it.

Windows 7 isn’t my ideal OS but, if and when I must use Windows, it’s as modern as I’m willing to go.

I don’t find using Linux a joy, but Microsoft has provided me with enormous motivation to keep trying :slight_smile:

Good luck with your 0days and botnet when MS quits shipping security updates for it.

2 Likes

Over time less and less of my personal life is on Windows to be pwned, so it should be no big deal when that day comes.

Then again, Steam is apparently already insecure :smile:

Linux does have a bit of a learning curve but distros like Mint are going to work well enough for most people.
I use windows cause that is what work uses and what I support. 8 had a lot of good things under the hood that tempted me but the whole UI was way too annoying for me. 10 has been actually quite nice and as long as you don’t link to a microsoft cloud account they don’t get any more data than they did before. Also the telemetry stuff they collect IF YOU ALLOW IT is also the same kind of telemetry stuff even Ubuntu tries to collect. This is part of how they figure out what does and doesn’t work in the wild as no matter how much in house testing you do there will still be little annoyances and bugs that they never thought about or caught when there are a several magnitudes more users plugging away at the OS.

1 Like

Mint?

If people don’t know Linux, why not just point them to Ubuntu?

I like the default desktops with Mint over Ubuntu and Mint if you ‘promise you are not in the USA’ will install all the stuff for playing media by default.

3 Likes

Cool man, your machine, but don’t be upset if as various commercial software stops working right, as more an more developers start heavily leveraging insights.

Just to make sure you know, though - developers can already get that data if they so desire, without your permission, intervention, or knowlege regardless of your OS. And that many popular linux distros try to get the same telemetry data, because it’s really, really fucking useful data to have if you’re developing software.

Personally, here’s what I suggest - Go read up about Insights. Or if you don’t have the time, knowledge, or frankly willingness(wouldn’t blame you for the last one, tech documentation is rarely counted among more popular page turners), get someone familiar with it to fill you in about the whys are wherefores of Insights. It’s a lot less scary when you know what they’re actually doing, collecting, and what they’re using it for, and if you still find it scary, at least you’re making an informed decision rather than one driven by scarebait. They put that documentation out there for a reason, shit man, might as well use the resources you have to find what you want to know.

2 Likes

Ubuntu is too weird these days. Mint seems more straightforward.

1 Like

This topic was automatically closed after 5 days. New replies are no longer allowed.