Windows 10 – Is it worth upgrading? Check out its Privacy Settings before you do..

Many people have asked me my opinion on Windows 10 so I’ve set it up in an Oracle Virtual Machine, activated it and explored it to some extent.

My first impression is that it is leaps and bounds over Windows 8 / 8.1 .. Microsoft have finally come to their senses and replaced the Start button to (somewhat) behave the way it used to behave in Windows 7 – a bone of contention with tens of thousands of users.

While Windows 10 still has a few bugs – remember it’s a relatively new operating system with many changes and additions, so Microsoft need time to figure out how to fix those bugs with the millions of different computer configurations. So unless you have a pressing reason to upgrade from Windows 7 or Windows 8, wait a few months for a Service Pack or two to be released that addresses those bugs.

Privacy concerns

One thing that doesn’t impress me about Windows 10 is the default settings which spy on your use of the Web, Email and a host of other things like the free Apps that are available for the new operating system.

For example, let’s look at WIFI..

With the launch of Windows 10, anyone who walks into your house and gets your Wi-Fi password for their PC could potentially let all their friends onto your network, thanks to a new feature that has ignited controversy online.

Called Wi-Fi Sense, the feature is designed to make it easier for people to get Internet access for their devices while they’re on the go by automatically logging them into wireless hotspots. It does so with a two-pronged approach: by logging users into select open networks and also by allowing them to share secured connections with their friends (and vice versa). Perhaps unsurprisingly, that has drawn the ire of people who care about wireless security.

The Wi-Fi Sense settings screen in Windows 10.

 

 

If someone with a Windows 10 device logs on to a new network, they can check a box to share that access with their contacts, who could include their Facebook friends, Outlook.com contacts and people on their Skype contact list. This isn’t exactly a new feature—Microsoft introduced it with Windows Phone 8.1 last year, but it didn’t make much of a splash at the time because not that many people use Windows Phone.

Craig Mathias, a principal at the Farpoint Group who specializes in wireless technology, said in an email that the feature was “a cheap hack.” He went on to say that the Wi-Fi Alliance’s Passpoint technology, which makes it possible for some devices to connect securely to wireless networks without going through a login process, is “more important.”

“And no one should ever leave Wi-Fi access wide open,” he said.

To hear Microsoft pitch Wi-Fi Sense, it’s a security feature, not a flaw. Using the new technology, people can let their friends access their home network without having to provide them with the password, which cuts down on those annoying conversations that take place when someone is trying to get Internet access. What’s more, contacts who are able to log into a network only using Wi-Fi Sense don’t actually see the password.

According to a FAQ about the feature, a user who shares network access sends the password through an encrypted connection to a Microsoft server, where it’s stored in an encrypted form before being handed off securely to any of their friends who needs it based on location data from their device. Microsoft says that someone who gets access through Wi-Fi Sense will only have access to the Internet and won’t be able to get to any other computers or other devices on the network.

Of course, all that relies on the feature working as intended. While it’s not clear exactly how Microsoft is storing passwords on a client device, it’s possible that someone sufficiently motivated would be able to find and extract the wireless password for a network they get access to thanks to their friends. An attacker could also friend people on Facebook in order to get access to networks using Wi-Fi Sense. All of this relies on the Microsoft database storing wireless network information remaining secure, to boot.

Wi-Fi Sense doesn’t work with networks secured using 802.1X, which is often used by enterprises to keep their networks on lockdown, so that should give some small comfort to network administrators.

Ultimately, people who want to make sure that their Wi-Fi network is unavailable to Wi-Fi Sense users can rename it to include “_optout” at the end of the SSID. For example, a network called “foobar_optout” would be ineligible for sharing through Wi-Fi Sense, while one that’s just called “foobar” would be usable with Microsoft’s sharing feature.

If you don’t want to change your network’s name, Microsoft suggests that you manually enter the network’s password for your guests and make sure the checkbox to share the network is turned off.

What you should turn OFF – Upon installation, Windows 10 defaults to some pretty serious privacy invasions. Here are some steps you can take to keep your personal data private.

Since the July 29 release of Windows 10, the tech world has been talking about the latest OS update from Microsoft. A mere 24 hours after its release, more than 14 million users had downloaded Windows 10.

The quick ramp up was due, in part, to Microsoft releasing the update as a free download for existing Windows users. Windows 10 also came with a new service model as Windows will be releasing service packs every few months to users.

The model itself got some backlash, especially from organizations that don’t want to upgrade their system that frequently. More recently, though, some criticism has arisen over privacy concerns brought on by the new OS.

The first issue is that Windows 10 automatically assigns an advertising ID to each user on a device tied to the email address that’s on file. Using that ID, the company can tailor ads for web-browsing and using certain applications.

The next concern is that much of users’ personal data is synced with Microsoft’s servers. Some of this information, like your Wi-Fi password, can then be encrypted and shared with your contacts, using a feature called Wi-Fi sense. Although, some have argued that this isn’t a security risk, because the user must choose to share the network.

Additionally, Microsoft’s personal assistant, Cortana, must collect data as well to provide the kind of service it does, but it is likely not better or worse than its Apple and Google contemporaries.

One of the biggest worries, though, is Microsoft’s policy on disclosing or sharing your personal information. The following is an excerpt from the privacy policy:

“We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to protect our customers or enforce the terms governing the use of the services.”

The problem is that many users want personalized services, but it’s difficult to draw the line at what data should be collected. Forrester’s Tyler Shields said that instead of making these features default, Microsoft could have allowed users to opt-in later if they wanted to enable them.

“This is more of a privacy-friendly stance that may have been palatable to the general public,” Shields said. “However, Microsoft would have had less adoption to its value added services had it made them opt-in, thus lessening the potential success of the Windows 10 launch.”

So, how do you protect yourself from these issues? Here are some steps you can take to opt-on or disable some of the problematic features.

The first thing to note is that, if you haven’t yet installed Windows 10 but you plan on doing so, make sure you that you do a custom install so you’ll be able to pick and choose what is enabled at the onset. But, if you installed Windows 10 using Express settings, you can still disable some of the default privacy settings.

From the start button, click “Settings” and then click “Privacy” and click the “General” tab on the left sidebar. Under that tab you’ll see a few sliders where you can toggle certain features on or off.

The top toggle button is the most important as it disables the advertising ID for each user. But, if you want to cover your bases, you should go ahead disable the rest of the options as well.

 

After turning off the options under the general tab, you can jump down to the next tab down, “Location,” and turn off location data for all apps or specific ones. That’s not necessarily new to WIndows 10, but it’s something that many security-conscious folks like to do.

Next, you’ll want to head down to the tab labeled “Speech, inking, and typing.” Here you can disable Cortana from gathering information about you by clicking the “Stop getting to know me” button towards the middle of the screen.

Keep in mind, clicking this will also disable Cortana and dictation.

 

 

Moving on, click the “Other devices” tab at the bottom of the list. Under this tab you’ll be able to turn off the “Sync with devices” feature. In the example given by Microsoft, this could be used for connecting with beacons, which are typically used for advertising purposes.

If you want to kill this feature, slide the first button to the off position. If you want, you can also turn off syncing for trusted devices as well.

Now, back out to the general settings and click “Network and internet.” In that window click “Manage Wi-Fi settings” toward the middle of the screen.

Here you’ll be able to customize your setting for the Wi-Fi Sense feature. If you want to keep everything private, click all the sliders until the read “off” and uncheck the boxes on the page. If not, you can select which features to turn off individually.

One of the final security checks you can do is to opt out of the personalized ads while browsing in Microsoft Edge. Click the following link or paste it into your browser: https://choice.microsoft.com/en-gb/opt-out

Click the Xs next to the options to turn off “Personalised ads in this browser” and “Personalised ads wherever I use my Microsoft account.”

This isn’t a comprehensive security checklist, but hopefully it helps you take care of some of the potential privacy issues in Windows 10.

Conclusion

So there you have it.. A few things to be aware of and quite a number of other things yet to be discovered. If you’re keen on getting the latest and greatest and can’t wait, then go for it, just be aware of some of the gotcha’s you’ve learned here and perhaps some that you haven’t been made aware of.

With regards to stability, in my limited testing, I’ve found Windows 10 to be quite stable overall.. Time will tell just how stable it will become.

Cheers..

NB: With thanks to TechRebpublic website for much of the content of this news item..

 

 

 

Leave A Comment

You must be logged in to post a comment.