Telemetry Data recorded by windows 10 shares your data with third parties
Telemetry data recorded by Windows 10 is, in a nutshell, just technical information about the device the OS is on, and how Windows and any installed software is performing, but it can occasionally include personal information. If you’re worried about that, the news that Microsoft is sharing telemetry data with third parties might concern you.
How does windows 10 collect our private information?
By default, when signing into Windows with a Microsoft account, Windows syncs some of your settings and data with Microsoft servers, for example “web browser history, favorites, and websites you have open” as well as “saved app, website, mobile hotspot, and Wi-Fi network names and passwords”. Users can however deactivate this transfer to the Microsoft servers by changing their settings.
More problematic from a data protection perspective is however the fact that Windows generates a unique advertising ID for each user on a device. This advertising ID can be used by third parties, such as app developers and advertising networks for profiling purposes.
Also, when device encryption is on, Windows automatically encrypts the drive Windows is installed on and generates a recovery key. The BitLocker recovery key for the user’s device is automatically backed up online in the Microsoft OneDrive account.
What does Microsoft say about this?
Microsoft’s updated terms also state that they collect basic information “from you and your devices, including for example “app use data for apps that run on Windows” and “data about the networks you connect to.”
Users who chose to enable Microsoft’s personal assistant software “Cortana” have to live with the following invasion to their privacy: “To enable Cortana to provide personalized experiences and relevant suggestions,
Whats the deal of collecting your data?
In past few years, Artificial Intelligence and Machine Learning had made a name for itself in the field of cyber security, helping IT and security professionals more efficiently and quickly identify risks and anticipate problems before they occur.
The good news is that if you are a Windows 10 user, Microsoft will now offer you a machine learning based threat intelligence feature via its inbuilt Windows security service, which will improve the security capabilities available on Windows 10 devices.
Microsoft struck a deal with security company FireEye recently according to a report on Australian news magazin Arn which gives FireEye access to all Windows 10 Telemetry data.
The report states that FireEye in return will provide Microsoft with the company’s iSIGHT Intelligence software for Windows Defender Advanced Threat Protection on Windows 10 devices.
FireEye iSIGHT Intelligence is a proactive, forward-looking means of qualifying threats poised to disrupt business based on the intents, tools and tactics of the attacker.
Windows Defender is built-in to Windows 10 and enabled by default unless other security software is recognized by the operating system.
Pro and Enterprise customers may upgrade to Windows Defender Advanced Threat Protection featuring endpoint behavioral sensors, cloud security analysis and threat intelligence.
The news article suggests that the partnership benefits Microsoft, and specifically the reputation and credibility of the commercial version of Windows Defender.
A press release by FireEye on November 3, 2016 provides additional details on the deal. The company’s iSIGHT Intelligence software is available through Windows Defender Advanced Threat Protection (WDATP) but not the free version of Windows Defender.
WDATP customers gain access to several technical indicators that are provided by the software. These include the main motivation of the attacker, related tools, information about target sectors and geographies, and a description of the actor and operation.
Microsoft recently struck a deal with security firm FireEye to provide access to Windows 10 telemetry data, in exchange for having FireEye’s iSIGHT Threat Intelligence technology included in its Windows Defender Advanced Threat Protection service. WDATP is an enterprise security product that helps enterprises detect, investigate, and respond to advanced attacks on their networks and is different from the free version of Windows Defender.
The upsides of the deal are obvious for both Microsoft and FireEye, and enterprise customers will certainly benefit from the partnership.
To check and change which telemetry level your copy of Windows 10 is set to, open Settings, search for “feedback” and open Feedback privacy settings. You can change the level under Diagnostic and usage data and also set the Feedback frequency to Never if you simply want to opt out.