20% Faster & [Windows] 10% Less Secure
Privacy & Security By Ed Holden | Posted on August 25, 2015
Microsoft’s latest operating system Windows 10 has been making waves in the tech world. With an estimated adoption rate of 20.1% in the first 12 months it is a safe bet to say that Windows 10 will be coming soon to a desktop, laptop or tablet near you. While the speed and efficiency benefits of Windows 10 are evident, we must ask ourselves what security implications this brings?
Technology companies such as Google have made headlines time and time again over their shady security practices and the large amount of data they collect about users. Microsoft seems to have taken a lesson from the likes of Google with Windows 10. In this article we will discuss a handful of “features” which are included in Windows 10 and enabled by default and how they compromise our everyday security. As consumers we have the right to privacy and that includes privacy about our daily activities and browsing activities. These are facts about our lives and how we spend our time which we should share only should we find it necessary and not something we should be obligated to share for the profit of another company.
Windows 10 by default takes the very friendly choice of automatically going through most of your personal data including contacts, calendar, mail and messages with the guise of improving your Windows experience. Information collected from the Operating System is linked with an individualized ID (“Advertising ID”) assigned to you. This information is then uploaded to the Microsoft servers where it is used for the purpose of making your Windows experience better and your operating system smarter.
Smarter means more involved. If you decide security is for you and encrypt your hard drive then Windows automatically stores that data on One Drive which opens up its own set of security issues. The security violations mentioned above go further as Microsoft’s own security policy (See here: http://www.microsoft.com/en-us/privacystatement/default.aspx) state that Microsoft can scan and analyze all information that passes through their services (including outlook, MSN and live) in addition to information obtained from Cortona (enabled by default in Windows 10) - including but not limited to searches, reminders, notes and actions. Your location is also recorded via GPS hardware or Wi-Fi location data if available.
Should you allow the default settings when installing Windows 10 or during an upgrade you will be consenting to all of the above. The good news is that there is something you can do about it. You can protect your privacy with a few easy steps which we will discuss below.
Privacy Settings
- Search for Privacy from the start menu
- Turn off the following options:
- “Send Microsoft information about how I write”
- “Let apps use my Advertising ID”
- “Location”
Advertising ID
- Search for advertising
- Open the “Choose if apps can use my advertising ID” option
- Disable the advertising ID
We also suggest disabling Windows 10’s new “Wi-Fi Sense” feature which in essence uploads your Wi-Fi passwords to the cloud and then shares them with all of your contacts so that they can “borrow” your Wi-Fi networks. While this may seem like a handy feature you must consider the security risks that this poses. Protecting your Wi-Fi network can be a crucial part of your regular security regimen and we suggest you disable this feature. Please read on to find out how.
Disable Wi-Fi Sense
- Open the Settings pane in Windows 10
- Locate “Change Wi-Fi Settings”
- Scroll down past your list of Wi-Fi networks
- Locate and Disable “Wi-Fi Sense”
While disabling the above options will make Windows 10 “dumber” and disable many of its “learning” abilities it will also make Windows 10 a lot more secure. Everything comes at a price and smarter electronics often come at the price of less security. In modern electronics security should be the priority and not an option, unfortunately that is not the choice of many major tech companies.
At IVPN we value your security. We do not store personal information about our clients, we do not keep logs and we do not assume that security is secondary to “software intelligence”. If you care about your privacy you can follow the simple steps above to make Windows 10 more secure. We also suggest using a high quality security focused VPN such as IVPN.
We have a live chat team available for inquiries anytime. Happy surfing and stay safe.
-IVPN Team
Suggest an edit on GitHub.
3 Comments
Ind
27.08.2015
Michael
27.08.2015
Very interesting post thanks!
I’ll pass it on to some friends.
I still cringe when people ask why I run Linux DD-WRT and VPN, yet they are busting at the seams for this next Windoze Edition and actually still trust Microshaft.
Keep up the excellent work IVPN….and of course these excellent blogs :)
Tim
27.09.2015
Alzo do not think using a proxy at the os level will stop that data nack to MS as I and others have proven the OS has a cal home ceature that overixes the OS proxy config and goes direct instead. So yes indeed it will take some very specific firewall configs and frankly I would also dou le heck it does not also bypasss the vpn client config in the same way it does the proxy confif we tested. The answer here would be foe home use to config your router vpn to ivpn thus taking control from the pc os layer. MS is one to learn wht works and win 10 is straight out of Google’s play book. By offering the os free they are offering as a service and thus in return they get your data. You will notice the enterprise pro editions ha e real security features as no corp is going to allow its data to go back to ms.
The share your Wi-Fi creds is the sthpidezt things ever thought of. Seeing how outlook etc auto add to your contacts. Not everyone you email is a close friend and very well can be an adversary or worse and now you are givi g the free untethered access to your home possibly work networks ans what if gou tend to reuse the same passwords. Consider that your home is full of comm devices all hooked to Wi-Fi. That means with little know how they can listen and watch you thru a xbox kinect or that noce samsung tv wih built in mic and video.
But yeh lets share your password creds with your entire contact list. It seems MS has decided you really did not make a user/password for any secuorty reaso at all so shard it with everyone to take care of that inconvenience. I guess thats the new ms strategy higher safer securoty thru no secuirty.. Sounds like someone was doing lsd while reading Art of war