Windows 10 Privacy - Keylogger

By +LogicalApex
in Microsoft (Windows)

 Share

Recommended Posts

Grand Master

+LogicalApex MVC

Posted
  • MVC
Posted (edited)

I know this was an issue that came up many times during the Insider Preview stage and it was swatted down as a "Beta only" deal from Microsoft. This was widely touted as not sticking around for RTM.

I obtained the RTM build from MSDN to install a tester VM and I am greeted with the same reality in Windows 10 RTM. Why is Microsoft recording typed text by default? This is a major privacy drop for Windows. This coupled with automatic BitLocker key backups to OneDrive and you're left wondering if MS has any care left for privacy and security in Windows.

I'm not wanting a flame filled topic, but a clear discussion of this forward march for Windows. Easy access to your BitLocker recovery key can greatly aid state actors in accessing your data even when you've used Window's Built In encryption. This is, essentially, a sharing of your encryption key. A major problem. Additionally, enabling the recording of text and speech by default is very troubling. I could understand if MS enabled features limited to Cortana when you've enabled Cortana with a clear explanation of what is being collected and why, but this is at the install screen for the entire OS. Additionally, I'm not a Windows Insider and I'm using the MSDN provided RTM ISO shared by MS directly.

 

For the privacy focused like myself I can't help but see Windows 10 as a major step in the wrong direction.

 

Windows 10 RTM Tester - Install Shot 2.PNG

Windows 10 RTM Tester - Install Shot 3.PNG

Edited by LogicalApex
  • f0rk_b0mb, +Asmodai and Kelxin
  • Like 3
Link to comment
https://www.neowin.net/forum/topic/1266376-windows-10-privacy-keylogger/
Share on other sites
Enthusiast

ryokurin

Posted
Posted

Android does the same thing.  It's used to improve suggestions. This includes Audio.  As for bitlocker, it tells you this.  Windows 8 did it also. There has to be a way of recourse to get data back for consumers.  Join a domain, or don't use a microsoft account if it bothers you. 

  • Eric, +ekoht and corrosive23
  • Like 3
Grand Master

trag3dy

Posted
Posted

Maybe I just wasn't paying attention but I thought it was more or less like googles analytics that would help tailor searches (and other things) to your interests when using Cortana?

In any case you can turn both of those options off during the installation process as it clearly shows in the OPs screen shots.

Proficient

purrcher

Posted
Posted

A reddit post a few months back might be useful to you:https://www.reddit.com/r/Windows10/comments/31rxsv/disable_keylogger_windows_10/

Not sure if I agree with it or not, but when I tried it on a system last time nothing seemed to break (but i don't use the modern apps or cortana so it might effect those things).

  • +Audioboxer and +LogicalApex
  • Like 2
Veteran

1337ish

Posted
Posted (edited)

Did you post this from Chrome lol?

Joking aside this is actually really common on every platform now, Apple lets you store your keychain stuff on their servers, Chrome backs up your saved passwords and reports address bar key entry etc. As long as its optional its no biggie tbh.

Grand Master

Ian W

Posted
Posted

That BitLocker can store backup keys in the cloud is not new; even Windows Vista could optionally backup BitLocker keys (and EFS recovery certificates) in a user's Digital Locker at Windows Marketplace if a user had the Secure Online Key Backup update installed.

I assume that if a user does not want BitLocker to automatically archive keys, that said user should use a local account and should not link to a Microsoft Account or OneDrive.

Grand Master

Ian W

Posted
Posted

Note also that options to collect personalization information are not new as similar services have existed in prior versions of Windows. The Tablet PC Input Panel, for example, could optionally send handwriting samples to Microsoft, and Windows Speech Recognition included an option for a user to allow it to analyze documents and e-mail to improve accuracy of the local recognizer, and as of Windows 7, includes an option to submit speech information to Microsoft to improve future versions of the feature.

Grand Master

Torolol

Posted
Posted

yes its has been improved, before it was app specific keypress collection, and now it OS wide operations.

will your typed passwords and login info recorded by it? absolutely. Especially if Microsoft decided that you must accept patches that will not honor your choice to the Turn Off the services.

Grand Master

+LogicalApex MVC

Posted
  • Author
  • MVC
Posted

this is different than a keylogger though

How so? A Keylogger is a program that captures key-presses...

Keystroke logging has become an established research method to study writing processes.[6][7] Different programs have been developed to collect online process data of writing activities,[8] including Inputlog, Scriptlog, and Translog.

In terms of legitimate uses, Keystroke logging can be a suitable research instrument in a number of writing contexts. These include studies on cognitive writing processes, description of writing strategies, the writing development of children with and without writing difficulties, spelling, first and second language writing, and specialist skill areas such as translation and subtitling. Keystroke logging be used in research specifically on writing, it can also be integrated in educational domains for second language learning, programming skills, and typing skills.

Source: https://en.wikipedia.org/wiki/Keystroke_logging

turn the feature off and quit complaining, it is NOT a "keylogger" stop spreading FUD it's pathetic 

It is a keylogger... Obviously, I don't think Microsoft aims to log into you bank account using the data, but it is an important thing to discuss at any rate... From a privacy perspective it is worthy of a question.

..... What a waste of a thread. 

I'd disagree... Discussing the loss of privacy and the implications of a keylogger in the OS is valid. Especially with the extent and frequency of recent data breaches. It is a valid discussion. How does Microsoft limit its data collection? Do they tie it to user accounts? What do they do to limit capturing of passwords and usernames and the like. Again, worthy of a discussion as this is a major shift for the computing industry...

But I do understand that discussions can often be hard to have. Judging by the lack of one here. I'll just conclude that privacy is a non-issue. At least among the crowd here...

Grand Master

Dot Matrix

Posted
Posted

Well, obviously Microsoft is the evil ones here, even though Apple and Google do it. But that's ok, because they're the darling childs of the market. They can do no wrong.

 

^ Pretty much what I've gotten from this thread.

Grand Master

+Eternal Tempest MVC

Posted
  • MVC
Posted (edited)

Well, obviously Microsoft is the evil ones here, even though Apple and Google do it. But that's ok, because they're the darling childs of the market. They can do no wrong.

 

^ Pretty much what I've gotten from this thread.

The past fanboy level of enthusiasm of Ms is better then X, due to not doing X,Y,Z arguments tend to invoke a strong counter response when MS is starting to do what the other's have been. I've already disabled the options in Privacy, and what apps can access on Win10 on the laptop.

Grand Master

+LogicalApex MVC

Posted
  • Author
  • MVC
Posted

Well, obviously Microsoft is the evil ones here, even though Apple and Google do it. But that's ok, because they're the darling childs of the market. They can do no wrong.

 

^ Pretty much what I've gotten from this thread.

What does Google and Apple have to do with this? Obviously, if they do so then it is a problem for them as well... The topic is Windows 10, which is obviously a MS product, but that doesn't mean I think this is a good practice if anyone else does it.

But for some reason we can't have discussions anymore. It is always reduced to brand loyalty as a way to deflect or minimize.

Microsoft spent years branding against this practice with its Scroogled campaign...

Grand Master

Osiris

Posted
Posted

I agree with Logical Apex its a worthy discussion, and a bad sign that asking such questions is met with responses like 'stop complaining' or ''abcd' do it too so its all good'

I was unaware inking was also sent also thought this was only applicable to the insider program, very surprised it's in the final release.

Clearly a lot of people aren't concerned with these topics and that's fine but i'd definitely like more information from MS on what is collected, how it is secured and if its tied to personal id.  Even basic things like how does it differentiate between collecting data regularly and not collecting your bank information?  Is inprivate mode a contradiction, what privacy do you have if its collecting data when in this mode?

  • +LogicalApex and Ian W
  • Like 2
Grand Master

+Eternal Tempest MVC

Posted
  • MVC
Posted

What does Google and Apple have to do with this? Obviously, if they do so then it is a problem for them as well... The topic is Windows 10, which is obviously a MS product, but that doesn't mean I think this is a good practice if anyone else does it.

But for some reason we can't have discussions anymore. It is always reduced to brand loyalty as a way to deflect or minimize.

Microsoft spent years branding against this practice with its Scroogled campaign...

I also have concerns about changes in a computer OS to have the constant monitor, identification.

Especially enabled by default, now MS goals may be authentic about customer, privacy, but the face if a hacker, or state agency can gain access pass the protection.

Grand Master

neo1911

Posted
Posted

Nothing to see here, move along.

People have liked your ignorant post. Hats off to them.

But a simple reg trick will disable telemetry and keyboard logger.

 

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection]
"AllowTelemetry"=dword:00000000

 

Save this as txt file and rename the txt extension to reg.

Then run that reg file and install the key.

cayR8f6.png

reeb6my.png

All sending of data and keystroke settings are greyed out and disabled.

  • +Asmodai, Steven P. and Osiris
  • Like 3
Rising Star

DemonicHawk

Posted
Posted

People have liked your ignorant post. Hats off to them.

But a simple reg trick will disable telemetry and keyboard logger.

 

...

Actually, there's no indication that that registry trick does anything at all. There's a group policy setting with the exact same name and setting it to 0 gives the same effects.

The description however clearly indicates that a value of 0 is only applicable to enterprise versions.

 

win10telemetry.png

Grand Master

Osiris

Posted
Posted

Why single out Windows?

By virtue of the forum the topic is in and the specific Windows 10 settings being discussed? 

The ability to limit it to one OS, which the user is using doesn't preclude a civil discussion on it without resorting to what apple and google are doing.

  • +LogicalApex
  • Like 1
This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • DWARF mini review: the world's smallest smart telescope for night and day sky captures

      By Malisk · Posted

      I think it depends on what you're looking for to do, and the time you have to spare. With my Dwarf 3, I easily spend 3-4 hour sessions; half an hour driving to an un-light polluted place, another half hour unpacking and setting up the smart scope + tripod for equatorial tracking, then 15 more minutes mucking around with settings and shooting calibration frames, spending a few hours shooting, merging with past photo sessions, etc. It's crazy how time flies and I often get home later than I expected. It's something I still need to set aside a good part of an evening to do, all in all. For one session, where you often need like four for best results when it comes to deep space objects. Even with a smart scope like Dwarf 3, regular non-astro photography is still way more approachable to people getting into photography. I find this is a time consuming niche no matter how I go about it. With practice, I can probably begin cutting time here but I think where smart scopes find their home is among people who love to shoot the night sky but don't have the spare time to go deep with the "navigator level" attunement to the night sky itself in addition to everything else. Having said this, _if_ you have even more time to spend on this hobby, it will probably be even more rewarding to do it more by hand and learn the skies and the details of how it all works.
    • Microsoft confirms a new, useful Teams' app is coming very soon

      By Malisk · Posted

      I misread the title and thought Teams itself would be redesigned. Imagine having this one as a native WinUI app.
    • Dell, HP PCs ran into endless reboot, BitLocker recovery loops but Windows 11 isn't to blame

      By hellowalkman · Posted

      Dell, HP PCs ran into endless reboot, BitLocker recovery loops but Windows 11 isn't to blame by Sayan Sen Last month Neowin reported on a major issue on Dell systems wherein a bug in its official support tool was leading to endless blue screen of death (BSOD) and restarts. Following our report, Dell officially acknowledged its SupportAssist-related crash issue, confirming that the culprit is not Microsoft's operating system but rather a faulty version of its own remediation software. In a newly published support advisory, Dell stated that version 5.5.16.0 of Dell SupportAssist Remediation and Alienware SupportAssist Remediation can trigger blue screen errors and unexpected system restarts. The company notes that the problematic component operates independently of the main SupportAssist application, meaning users should not remove the primary SupportAssist software when troubleshooting the issue. According to Dell, the crashes are linked specifically to the SupportAssist Remediation service, which is bundled with SupportAssist OS Recovery Tools, and as such it has since released an updated version, 5.5.16.1, which is said to resolve the problem. Affected users are advised to first verify whether version 5.5.16.0 is installed by checking the Installed Apps section in Windows Settings. If so, Dell recommends updating SupportAssist OS Recovery Tools through either SupportAssist's "Update Software" feature or Dell Command Update. Dell also advises users to back up important data before performing the update and to ensure systems remain connected to power throughout the installation process. If you are still having issues though make sure to report to the Dell support forum. As it turns out though Dell is not the only PC maker currently dealing with update-related headaches as HP is also facing a separate but probably equally frustrating issue involving recent Windows Secure Boot updates that were released with recent Windows 11 Patch Tuesdays. Similar to Dell, HP also put up its own support article where it explains the issue. The company says that affected devices could hit a brick wall when booting as they run into a BitLocker recovery loop after the April 2026 updates. The problem appears to affect systems wherein the new UEFI Secure Boot CA 2023 certificates fail to apply properly. As such affected users will find themselves entering their recovery key over and over again despite the system otherwise functioning normally. HP says such PCs should be updated to the latest available BIOS version and configured with the necessary Secure Boot certificates before installing Microsoft's Windows 11 Patch Tuesday updates. Systems that are already experiencing the problem may require BIOS configuration changes to restore normal boot behavior. Admins can find information regarding that in the support article here on HP's official website.
    • Ninja Theory's new Hellblade game is action-focused and set in Purgatory

      By Case_f · Posted

      Getting further away from the artistic study of mental disease that was the first game... (which never needed any sequels to begin with) But I get it, a company has to make money. And the second was at least visually impressive, if not in any other way.
    • Halo: Campaign Evolved is out next month with new prequel missions

      By mcloum · Posted

      If its the devs fault you would think Unreal would help M$ take full advantage of Unreal and work with them to fix the performance issues. Otherwise they are catching unwarranted bad press.

  • Recent Achievements

    • One Month Later
      DJC50PLUS earned a badge
      One Month Later
    • Week One Done
      DJC50PLUS earned a badge
      Week One Done
    • Proficient
      Eric Biran went up a rank
      Proficient
    • Dedicated
      Conjor earned a badge
      Dedicated
    • Week One Done
      Windows Guy earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      493
    2. 2
      PsYcHoKiLLa
      246
    3. 3
      Steven P.
      72
    4. 4
      +Edouard
      69
    5. 5
      neufuse
      68
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!