Attempting to answer whether MS is snooping

Susan Bradley

Microsoft has recently released updates to Windows 7 that allow it to gather more information about our PCs.

But is the company really tracking what we do on our systems? And can this data gathering be turned off?

Sending system stats back to ground control

During the development of a new OS, it’s common for the beta software to include code that records system activity. That information is then use to find bugs, compatibility issues, and performance problems so they can be fixed before the OS is officially released. In fact, many forms of shipped software — productivity suites, browsers, utilities, and so forth — on PCs, Macs, and Android devices continue to send back crash reports for bug fixes.

For many years, Windows has included a feedback system — once called Dr. Watson — for automated troubleshooting. The system is a two-way connection; when appropriate, fixes can be automatically sent back to PCs.

But in 2013, security vendor Websense took Microsoft’s reporting system to task. It noted in a blog post that the recorded data was sent in the clear — and that hackers could steal personal information by snooping the transmissions between PCs and Microsoft. That leaked information could be used to attack systems.

Websense strongly recommended that system tracking be turned off.

That recommendation might have been a bit excessive. Stealing telemetry data would require a “man in the middle” attack, which would mean that the hackers already had a foothold on the target networks or Internet connections.



This article is part of our premium content. Join Now.

Already a paid subscriber? Click here to login.



= Paid content

All Windows Secrets articles posted on 2015-10-01:

Susan Bradley

About Susan Bradley

Susan Bradley is a Small Business Server and Security MVP, a title awarded by Microsoft to independent experts who do not work for the company. She's also a partner in a California CPA firm.