If you still don’t think that Windows 10 is a privacy disaster in the making, then this latest detective work might. At least, if you actually subscribe to it. According to Czech website aeronet.cz, Windows 10 has been doing some rather dubious communication with Microsoft servers in places and instances where it doesn’t make sense to do so. In short, even if you have disabled all possible privacy-infringing settings, the OS will still be sending some of your private data, without your knowledge and definitely without your consent.
Windows 10 has already been knocked by many reviews for its less than ideal default privacy settings, all of which default to “yes, I want to send Microsoft my data”. Given very few users are aware of such situations, they are unlikely to change it, if they even know where to look. Now to add insult to injury, it seems that turning those off will be futile anyway.
Analyzing data traffic coming from Windows 10 computers, the Czech website claims that all keyboard input is stored in temporary files and then sent over to Microsoft telemetry servers. In short, a built-in keylogger. This is rather strange if you factor in that there is no autocorrect functionality in Windows 10. Plus, the logging and sending of data happens even when a non-Microsoft Account is used to log into the desktop. Keyboard input, both from hardware and onscreen, include phone numbers and even passwords.
Keyboards aren’t the only input that’s being secretly recorded. Allegedly, when the microphone is enabled, all voice input is also recorded and sent to Microsoft servers. When a camera is enabled, the first 35 MB of data similarly gets sent to Microsoft. All of these even when, for example, Cortana is disabled, which negates the need for sending analytics over to some remote server.
Naturally, the claim is that all these information are being used to build up a database of users that Microsoft can then easily identify and potentially target with ads. There’s also the likelihood that Microsoft will be using data for its anti-piracy operations. And then there’s the fear that this could also be used by certain agencies that need only a flimsy subpoena to gain access. The one sliver of hope in all these is that some are claiming that the Czech tech site is rather dubious in their articles, though none have yet stepped up to offer counter evidence.