Global Security, Privacy, & Risk Management

CyberGhost Guest Post- “5 easy steps to increase privacy on Windows 10” August 6, 2015

Below is a guest post from CyberGhost  on how to increase privacy on Windows 10. This is very timely and great advice!.  I have upgraded to Windows 10 and really think it is a huge upgrade over Windows 8/8.1 but (there is always a but) there are some serious privacy concerns. (SERIOUS) Thanks to CyberGhost’s Silvana Demeter for providing this valuable info! BTW…I am very familiar with CyberGhost really like their products.  Check them out!

“On July 29, Microsoft has released its new operating system, Windows 10, available globally in 190 countries. The new version offers new features and completes different gaps. Windows 10 is fluid and fast and its new browser Microsoft Edge might win back a lot of users being super-fast.

Some privacy related concerns appear though, one possible problem being that data such as contacts, calendar, mail, messages are transferred to Microsoft’s servers, creating a more detailed user’s profile. Another feature that is infringing one’s privacy is the advertising ID assigned to individuals that are later targeted with specifically tailored ads. Even encrypting the hard drive won’t make an improvement to the privacy since the keys are stored by default on OneDrive. These new settings and features are aimed at increasing productivity, as they make apps and operating system smarter.

In order to improve the future experience of its users, Microsoft uploads data on their servers. As stated in the Terms of Service, Microsoft has the right to share this data whenever it “has a good faith belief doing so is necessary to: 1.comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies; 2.protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or serious injury of anyone; 3.operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or 4.protect the rights or property of Microsoft, including enforcing the terms governing the use of the services.”

In addition, all these settings are ON by default and will remain enabled if not unchecked while installing or upgrading to Windows 10.

All the data used by the Microsoft account (@live.com, @outlook.com, @msn.com – necessary for most of the new features) is scanned by Microsoft’s services. The location or even the talks with Cortana (searches, reminders, notes, and actions) are also processed by Microsoft’s services: “We also share data with Microsoft-controlled affiliates and subsidiaries; with vendors working on our behalf; when required by law or to respond to legal process; to protect our customers; to protect lives; to maintain the security of our services; and to protect the rights or property of Microsoft.”

How to increase privacy on Windows 10

The Privacy settings can be managed by searching the term privacy in the start menu and most of the modules that send data to Microsoft can be disabled.

Below are some important features that can be changed to obtain more privacy:

• Disable advertiser ID: open the settings and search for “advertising;” open “Choose if apps can use your advertising ID” and disable the first option: “Let apps use my advertising ID for experiences across apps”
• Disable “…info about how I write” so that the text one types and writes with a stylus is not sent to Microsoft servers
• Disabling the Advertising ID in the “Privacy Settings.”

o    “Let apps use my Advertising ID…” -> OFF

o    “Send Microsoft info about how I write..” -> OFF

o    “Location” -> OFF

• Speech, Inking, & typing: If all options are cleared, Cortana will also be disabled

Another new feature introduced by Windows 10 is “Wi-Fi Sense” – a feature that syncs all Wi-Fi passwords to the cloud and shares them with the contact list. Through this functionality, the PC will be able to exchange passwords and automatically connect to WIFI, even to unprotected hotspots. The “Wi-Fi Sense” feature can be disabled by accessing Settings, “Wi-Fi” and then “Change Wi-Fi Settings.” Lucian Crisan, Head of Support and QA at CyberGhost VPN and former Microsoft employee recommends this change in order to avoid man-in-the-middle attacks and phishing attempts.”