Windows 10 Privacy - Keylogger

By +LogicalApex
in Microsoft (Windows)

 Share

Recommended Posts

Grand Master

+LogicalApex MVC

Posted
  • MVC
Posted (edited)

I know this was an issue that came up many times during the Insider Preview stage and it was swatted down as a "Beta only" deal from Microsoft. This was widely touted as not sticking around for RTM.

I obtained the RTM build from MSDN to install a tester VM and I am greeted with the same reality in Windows 10 RTM. Why is Microsoft recording typed text by default? This is a major privacy drop for Windows. This coupled with automatic BitLocker key backups to OneDrive and you're left wondering if MS has any care left for privacy and security in Windows.

I'm not wanting a flame filled topic, but a clear discussion of this forward march for Windows. Easy access to your BitLocker recovery key can greatly aid state actors in accessing your data even when you've used Window's Built In encryption. This is, essentially, a sharing of your encryption key. A major problem. Additionally, enabling the recording of text and speech by default is very troubling. I could understand if MS enabled features limited to Cortana when you've enabled Cortana with a clear explanation of what is being collected and why, but this is at the install screen for the entire OS. Additionally, I'm not a Windows Insider and I'm using the MSDN provided RTM ISO shared by MS directly.

 

For the privacy focused like myself I can't help but see Windows 10 as a major step in the wrong direction.

 

Windows 10 RTM Tester - Install Shot 2.PNG

Windows 10 RTM Tester - Install Shot 3.PNG

Edited by LogicalApex
  • Kelxin, +Asmodai and f0rk_b0mb
  • Like 3
Link to comment
https://www.neowin.net/forum/topic/1266376-windows-10-privacy-keylogger/
Share on other sites
Enthusiast

ryokurin

Posted
Posted

Android does the same thing.  It's used to improve suggestions. This includes Audio.  As for bitlocker, it tells you this.  Windows 8 did it also. There has to be a way of recourse to get data back for consumers.  Join a domain, or don't use a microsoft account if it bothers you. 

  • corrosive23, Eric and +ekoht
  • Like 3
Grand Master

trag3dy

Posted
Posted

Maybe I just wasn't paying attention but I thought it was more or less like googles analytics that would help tailor searches (and other things) to your interests when using Cortana?

In any case you can turn both of those options off during the installation process as it clearly shows in the OPs screen shots.

Proficient

purrcher

Posted
Posted

A reddit post a few months back might be useful to you:https://www.reddit.com/r/Windows10/comments/31rxsv/disable_keylogger_windows_10/

Not sure if I agree with it or not, but when I tried it on a system last time nothing seemed to break (but i don't use the modern apps or cortana so it might effect those things).

  • +Audioboxer and +LogicalApex
  • Like 2
Veteran

1337ish

Posted
Posted (edited)

Did you post this from Chrome lol?

Joking aside this is actually really common on every platform now, Apple lets you store your keychain stuff on their servers, Chrome backs up your saved passwords and reports address bar key entry etc. As long as its optional its no biggie tbh.

Grand Master

Ian W

Posted
Posted

That BitLocker can store backup keys in the cloud is not new; even Windows Vista could optionally backup BitLocker keys (and EFS recovery certificates) in a user's Digital Locker at Windows Marketplace if a user had the Secure Online Key Backup update installed.

I assume that if a user does not want BitLocker to automatically archive keys, that said user should use a local account and should not link to a Microsoft Account or OneDrive.

Grand Master

Ian W

Posted
Posted

Note also that options to collect personalization information are not new as similar services have existed in prior versions of Windows. The Tablet PC Input Panel, for example, could optionally send handwriting samples to Microsoft, and Windows Speech Recognition included an option for a user to allow it to analyze documents and e-mail to improve accuracy of the local recognizer, and as of Windows 7, includes an option to submit speech information to Microsoft to improve future versions of the feature.

Grand Master

Torolol

Posted
Posted

yes its has been improved, before it was app specific keypress collection, and now it OS wide operations.

will your typed passwords and login info recorded by it? absolutely. Especially if Microsoft decided that you must accept patches that will not honor your choice to the Turn Off the services.

Grand Master

+LogicalApex MVC

Posted
  • Author
  • MVC
Posted

this is different than a keylogger though

How so? A Keylogger is a program that captures key-presses...

Keystroke logging has become an established research method to study writing processes.[6][7] Different programs have been developed to collect online process data of writing activities,[8] including Inputlog, Scriptlog, and Translog.

In terms of legitimate uses, Keystroke logging can be a suitable research instrument in a number of writing contexts. These include studies on cognitive writing processes, description of writing strategies, the writing development of children with and without writing difficulties, spelling, first and second language writing, and specialist skill areas such as translation and subtitling. Keystroke logging be used in research specifically on writing, it can also be integrated in educational domains for second language learning, programming skills, and typing skills.

Source: https://en.wikipedia.org/wiki/Keystroke_logging

turn the feature off and quit complaining, it is NOT a "keylogger" stop spreading FUD it's pathetic 

It is a keylogger... Obviously, I don't think Microsoft aims to log into you bank account using the data, but it is an important thing to discuss at any rate... From a privacy perspective it is worthy of a question.

..... What a waste of a thread. 

I'd disagree... Discussing the loss of privacy and the implications of a keylogger in the OS is valid. Especially with the extent and frequency of recent data breaches. It is a valid discussion. How does Microsoft limit its data collection? Do they tie it to user accounts? What do they do to limit capturing of passwords and usernames and the like. Again, worthy of a discussion as this is a major shift for the computing industry...

But I do understand that discussions can often be hard to have. Judging by the lack of one here. I'll just conclude that privacy is a non-issue. At least among the crowd here...

Grand Master

Dot Matrix

Posted
Posted

Well, obviously Microsoft is the evil ones here, even though Apple and Google do it. But that's ok, because they're the darling childs of the market. They can do no wrong.

 

^ Pretty much what I've gotten from this thread.

Grand Master

+Eternal Tempest MVC

Posted
  • MVC
Posted (edited)

Well, obviously Microsoft is the evil ones here, even though Apple and Google do it. But that's ok, because they're the darling childs of the market. They can do no wrong.

 

^ Pretty much what I've gotten from this thread.

The past fanboy level of enthusiasm of Ms is better then X, due to not doing X,Y,Z arguments tend to invoke a strong counter response when MS is starting to do what the other's have been. I've already disabled the options in Privacy, and what apps can access on Win10 on the laptop.

Grand Master

+LogicalApex MVC

Posted
  • Author
  • MVC
Posted

Well, obviously Microsoft is the evil ones here, even though Apple and Google do it. But that's ok, because they're the darling childs of the market. They can do no wrong.

 

^ Pretty much what I've gotten from this thread.

What does Google and Apple have to do with this? Obviously, if they do so then it is a problem for them as well... The topic is Windows 10, which is obviously a MS product, but that doesn't mean I think this is a good practice if anyone else does it.

But for some reason we can't have discussions anymore. It is always reduced to brand loyalty as a way to deflect or minimize.

Microsoft spent years branding against this practice with its Scroogled campaign...

Grand Master

Osiris

Posted
Posted

I agree with Logical Apex its a worthy discussion, and a bad sign that asking such questions is met with responses like 'stop complaining' or ''abcd' do it too so its all good'

I was unaware inking was also sent also thought this was only applicable to the insider program, very surprised it's in the final release.

Clearly a lot of people aren't concerned with these topics and that's fine but i'd definitely like more information from MS on what is collected, how it is secured and if its tied to personal id.  Even basic things like how does it differentiate between collecting data regularly and not collecting your bank information?  Is inprivate mode a contradiction, what privacy do you have if its collecting data when in this mode?

  • Ian W and +LogicalApex
  • Like 2
Grand Master

+Eternal Tempest MVC

Posted
  • MVC
Posted

What does Google and Apple have to do with this? Obviously, if they do so then it is a problem for them as well... The topic is Windows 10, which is obviously a MS product, but that doesn't mean I think this is a good practice if anyone else does it.

But for some reason we can't have discussions anymore. It is always reduced to brand loyalty as a way to deflect or minimize.

Microsoft spent years branding against this practice with its Scroogled campaign...

I also have concerns about changes in a computer OS to have the constant monitor, identification.

Especially enabled by default, now MS goals may be authentic about customer, privacy, but the face if a hacker, or state agency can gain access pass the protection.

Grand Master

neo1911

Posted
Posted

Nothing to see here, move along.

People have liked your ignorant post. Hats off to them.

But a simple reg trick will disable telemetry and keyboard logger.

 

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection]
"AllowTelemetry"=dword:00000000

 

Save this as txt file and rename the txt extension to reg.

Then run that reg file and install the key.

cayR8f6.png

reeb6my.png

All sending of data and keystroke settings are greyed out and disabled.

  • +Asmodai, Steven P. and Osiris
  • Like 3
Rising Star

DemonicHawk

Posted
Posted

People have liked your ignorant post. Hats off to them.

But a simple reg trick will disable telemetry and keyboard logger.

 

...

Actually, there's no indication that that registry trick does anything at all. There's a group policy setting with the exact same name and setting it to 0 gives the same effects.

The description however clearly indicates that a value of 0 is only applicable to enterprise versions.

 

win10telemetry.png

Grand Master

Osiris

Posted
Posted

Why single out Windows?

By virtue of the forum the topic is in and the specific Windows 10 settings being discussed? 

The ability to limit it to one OS, which the user is using doesn't preclude a civil discussion on it without resorting to what apple and google are doing.

  • +LogicalApex
  • Like 1
This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • "CRAZIER than ever!" Crazy Taxi: World Tour is officially coming soon

      By margrave · Posted

      YES!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    • Apple's AI smart glasses and Vision headset plans reportedly delayed, again

      By AnalystDan · Posted

      Apple are scared of their customers! They have built a brand over the years of "it just works out of the box", but that slows innovation. Samsung's master stroke was the Galaxy Ultra: "Let's cram everything into one handset, make it so stupid only real nerds will love it, some of the features will work, some won't, but the audience will have such a high tolerance they won't care". Apple has no such device and so they are constantly worrying these days about the fallout of creating a new experience that customers might not like. I know it is often cited the reason they don't build a touchscreen Mac Book is they don't want to cannibalise the the iPad market, but I think it's equally cold feet after the criticism Microsoft receive trying to make a touch compatible desktop OS
    • HandBrake 1.11.2

      By Copernic · Posted

      HandBrake 1.11.2 by Razvan Serea HandBrake is an open-source, GPL-licensed, multiplatform, multithreaded video transcoder, available for MacOS X, Linux and Windows. Handbrake can process most common multimedia files and any DVD or BluRay sources that do not contain any kind of copy protection. Here is a detailed breakdown of HandBrake’s features: Built-in Device Presets—Get started with HandBrake in seconds by choosing a profile optimized for your device, or choose a universal profile for standard or high quality conversions. Simple, easy, fast. For those that want more choice, tweak many basic and advanced options to improve your encodes. Supported Input Sources—Handbrake can process most common multimedia files and any DVD or Blu-ray sources that do not contain any kind of copy protection. Outputs: File Containers: .MP4(.M4V) and .MKV Video Encoders: H.265 (x265 and QuickSync), H.264(x264 and QuickSync), H.265 MPEG-4 and MPEG-2, VP8 and Theora Audio Encoders: AAC / HE-AAC, MP3, Flac, AC3, or Vorbis Audio Pass-thru: AC-3, E-AC3, DTS, DTS-HD, TrueHD, AAC and MP3 tracks Additional features: Title/ Chapter Selection Queue up Multiple Encodes Chapter Markers Subtitles (VobSub, Closed Captions CEA-608, SSA, SRT) Constant Quality or Average BitRate Video Encoding Support for VFR, CFR and VFR Video Filters—Deinterlacing, Decomb, Detelecine, Deblock, Grayscale, Cropping and Scaling Live Video Preview HandBrake 1.11.2 changelog: All platforms Video Fixed a crash that happened when doing a 2-pass lossless x265 encode Fixed a memory leak that happened when doing a 2-pass MPEG-4/MPEG-2/VP9/FFV1 encode Audio Updated the list of supported dithers and encoders combinations Fixed the Core Audio AAC encoder 7.1 channel layout Subtitles Fixed the VobSub palette creation in the MP4 container Build system Improved build system compatibility with older build tools Third-party libraries FFmpeg 8.0.2 (decoding and filters) SVT-AV1 4.1.0 (AV1 video encoding) Linux Added WebM MIME type to the list of the supported formats Mac Improved handling of unsupported presets Updated Sparkle automatic update library Windows Improved handling of unsupported presets Improved queue low space pause behaviour Fixed the automatic audio track name generation Fixed the summary description of HDR video Download: HandBrake 64-bit | Portable 64-bit | ~30.0 (Open Source) Download: HandBrake ARM64 | Portable Links: HandBrake Website | Other Operating Systems | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Dell, HP PCs ran into endless reboot, BitLocker recovery loops but Windows 11 isn't to blame

      By grunger106 · Posted

      So, an article that has nothing to do with Windows 11, still gets Windows 11 in the title and a build number as the picture? Dell have a buggy build of Support Assist HP have UEFI settings that need unlocking for the secureboot cert upgrade to take place.
    • I Can't Wrap My Head Around This Number - Google to buy computing from SpaceX at $920 million per month

      By Nick H. · Posted

      What I can't seem to understand is that Google are paying SpaceX? Surely it would be the other way round, with SpaceX needing Google's datacenters etc.? Oh well, this level of money and power is way outside of my comprehension at the best of times.

  • Recent Achievements

    • One Month Later
      DJC50PLUS earned a badge
      One Month Later
    • Week One Done
      DJC50PLUS earned a badge
      Week One Done
    • Proficient
      Eric Biran went up a rank
      Proficient
    • Dedicated
      Conjor earned a badge
      Dedicated
    • Week One Done
      Windows Guy earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      493
    2. 2
      PsYcHoKiLLa
      242
    3. 3
      Steven P.
      71
    4. 4
      neufuse
      67
    5. 5
      ATLien_0
      67
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!