the online zone


4: Home security: turn off spyware in Windows 10


Jump to other security pages: 

Please rate how useful you found the help on this page:




Remember the tactics they tried and dupe you with


Windows 10 was a free upgrade until the end of July 2016 if you were running a computer with Windows 7 or 8. It was so very free that you were hardly able to refuse it: in most cases, a "get Windows 10" icon sat next to the clock at the bottom of your screen, and you might even have found the upgrade happened automatically the next time you started your computer.

Periodic messages began interrupting you, urging the upgrade. The March 2016 Internet Explorer security patch for Windows 7 and 8 also included a 'new tab' advertisement pushing you in the direction of the new Windows. In the final month of the "free" offer, cancelling the upgrade popup by clicking the red X in the corner of the window (normally how one ends any process in Windows) would start the update, as if permission had been given. Several highly publicised incidents happened on live TV, where a presenter turned to their sports score/weather display and found - instead of their desired graphics on the computer - a noxious "Get Windows 10" message awaiting.

It is troubling that all of this arrived on computers through regular monthly Windows security updates. When Microsoft tells you that an update is necessary to "resolve problems in Windows" you take it on trust (or did before mid-2016) that said download will help your computer be more secure and run better. But that exact text accompanied "updates" that did nothing except prepare your computer to download Windows 10 and then nag you about it.

Even if you did not wish to accept the upgrade, your computer would still harbour up to 4GB of hidden files, downloaded without your consent, in readiness for the upgrade.

All of these tactics show Microsoft having transformed itself from a fairly trustworthy software developer into a company with little respect for users (be they private or business) and quite ready to pull a ruse to reach their business target. Quite why Windows 10 was pushed so aggressively at consumers (many of whom simply switched off updates rather than risk another round of heckling to upgrade) is at present unclear. Based on Microsoft's tactics, though, and the fact that the new operating system gives much less control for users to decline "updates", many have suggested that the future belongs to MS moving into advertising and selling customer data.

Windows 10 is richly loaded with processes which monitor you


peepers

Even Microsoft themselves make no effort to hide the harvesting of your data in their privacy statement relating to Windows 10:

Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary..."


I'm no legal expert, but it seems to me that this statement offers no 'privacy' whatever. Essentially, with Windows 10 Microsoft can do what they like with your data, whenever they want to. Let's not forget that Microsoft is a participant in the PRISM programme run by the American NSA with cooperation from the "five eyes" national intelligence organisations in the US, UK, Canada, Australia and New Zealand.

If you look deeper, Microsoft uses the term 'telemetry' to describe some of the monitoring processes running on a Windows 10 system. On the surface, however, you will find many of these processes with more jovial names such as "customer experience". It all happens without consent from you over what you disclose and you are not able to turn most of it off. MS says the telemetry is sent to their servers to help diagnose system crashes and improve Windows 10, which seems to be a constant work in progress. We have no way of observing the nature of the data being sent, as it is encrypted. I found these connections identified with 'telemetry' established on my Windows 10 system before I moved to block them:

df.telemetry.microsoft.com;
oca.telemetry.microsoft.com;
oca.telemetry.microsoft.com.nsatc.net;
sqm.df.telemetry.microsoft.com;
sqm.telemetry.microsoft.com;
sqm.telemetry.microsoft.com.nsatc.net;
telecommand.telemetry.microsoft.com;
telecommand.telemetry.microsoft.com.nsatc.net;
telemetry.appex.bing.net;
telemetry.microsoft.com;
telemetry.urs.microsoft.com;
watson.ppe.telemetry.microsoft.com;
watson.telemetry.microsoft.com;
watson.telemetry.microsoft.com.nsatc.net;
wes.df.telemetry.microsoft.com.

Suspicious connections made to Microsoft servers are more numerous than those containing the keyword 'telemetry' - in fact nearly 190 domains show if you look hard enough. Even when nothing is happening on my computer, there is a constant babble shown through Wireshark, communicating with Microsoft servers. If it walks like a duck and quacks like a duck...


Make a few small changes to increase privacy


These next two actions will sharpen your privacy on Windows 10 considerably. You should perform them together, as you will not be able to use Cortana after dumping a Microsoft account to sign in to your computer. Both actions are reversible, however, if you change your mind about where you want to stand on the convenience versus privacy line in the future.

1) Switch to a local account to log on to your computer.

When you set up your new Windows 10 system you were prompted to create a user account, and chances are you used a Microsoft (or MSN, hotmail, webtv or live.com...) email account to do this (a Microsoft account). Or perhaps the computer you upgraded to Windows 10 from was already signing in using a Microsoft account. This means all that you do on your computer is integrated with the identity of that email account.

For preserving privacy, it is better to disconnect your computer from this online logon requirement. The computer will also load your profile faster and be easier to manage, although you will lose easy access to One Drive cloud storage and will not be able to use the Windows Store.

Here is how to restore your logon to a simple user name and password sign-in.

2) Throw Cortana under a bus

Cutie search assistant Cortana is an implementation of voice recognition technology which may seem like fun, but is fairly slow for serious searching (compared with using manual search) and carries significant privacy implications. The apparent smartness of Cortana comes from her connections to the cloud. Your current location, calendar details, email, frends, search history and personal data are sent to Microsoft servers and processed there before search results are returned. Your data persists not only for the search session, but is stored, and a profile of you emerges quite quickly by associating the pieces of information. Microsoft says this "improves the user experience with Cortana".

Did you know that Cortana in Windows 10 gets her name from the Halo video game character? Haloed Cortana's specialities include "hacking alien computer systems and decoding transmissions" (source, Wikipaedia). Seems like she's had little new to learn for her Windows 10 incarnation, then. I feel it's best to be as brutal with the sweet-talking search assitant as she is with your privacy. Remove Cortana (or at least as much as you are able to) with the information on this page.

Take out as much of the snoopware as you can


Switching to a local account and disabling Cortana are a couple of things which remove some of the tracking in Windows 10. You'll need to expend a little more effort to choke off the many snooping processes in Windows 10, however. For example, you are being profiled each time you browse news in the News App, or indeed use any of the Apps in Windows 10. The files you store on OneDrive, the appointments you enter in Calendar, the email messages you send, the places you check on the Maps App, the Money, Movies and TV... It's as well to remind yourself of Microsoft's Absence Of Security policy:

"we will access, disclose and preserve personal data..."

There are three programs which will enhance the privacy you began clawing back. I have presented them in what I consider their order of functionality and user control. There is absolutely no reason why you cannot use all three (although not running at the same time) on one machine - the setting each modifies will not adversely interact with another's.

However, even if you opt for all of the privacy choices offered by these programs, the beast that is Windows 10 is still not entirely free of observable packets sent to the mothership. To get to the point of zero data collection may be impossible, but at the least requires you to browse forums (here would be a useful starting point) and meddle with registry, hosts file and firewall setups. Also, don't forget the in-place upgrades Microsoft will unleash on your computer at least twice a year, when your personalised changes will be reset by el Presidente.

1) W10Privacy

win10 privacy

This is a free download and requires no installation on your machine. It can be used after you have completed the first stages in the process detailed above. The program disables tracking and spying on the operating system and its new Edge browser through a very detailed, tabbed interface. By marking the options in three colours, you gain a rapid overview of the safe (green), slightly involved (yellow) and more involved or risky (red) choices available. Each selection is explained by a very complete description in a tooltip (see the screenshot above, which explains an option for disabling telemetry). Going beyond privacy, you are also presented with useful tweaks and visual adjustments (for example, removing arrows on shortcut icons) for the new operating system.

Download W10 Privacy here (1.5MB). The program is regularly updated.

2) ShutUp10

This application requires no installation and offers almost as much fine, granular control over which tracking features you disable in the operating system as W10Privacy. It is also free, and from the respected German software house O&O. What I found slightly less than reassuring was a banner on the download page, proclaiming O&O proudly as a "Microsoft Partner" with a glib introductory sentence, Windows 10 wants to give users the easiest possible daily experience... Does it? If the 'easiest daily user experience' includes slicing functionality away (from the dumbed-down updates installer in Win 10, for instance) then Microsoft's new OS probably appeals mainly to users who think the 'easiest daily living experience' is always believing what the TV news tells them.

shut-up windows 10

Your mileage (or daily user experience) may vary, so here is the link for the free and tiny (200kB) O&O ShutUp10 application download.


3) AntiSpy for Windows 10

Another German software house, Ashampoo, has provided their antispy program for free as well. It very usefully offers to set a restore point when started, and is able to use "suggested settings" for those beginning their steps in Windows 10.

It does, however, offer far fewer disabling options than the other two applications, and very flagrantly offers a paid, 'full' version as an upgrade.

antispy

Download the free version of AntiSpy for Windows 10 (280kB) here.

All your privacy efforts may be undone!


While Windows 10 could be a rather useful operation system (if a little insipid visually - those opaque, flat Window surrounds are hard to select when stacked above one another) with some of the privacy clawed back, there is one single "feature" which would never persuade me to install it on anything but a test setup. That is the way that updates are handled. Windows Update (by which you receive security patches and fixes) used to have three settings: OFF, NOTIFY and DOWNLOAD & INSTALL. The middle option - to be notified of updates and be able to select the ones you wish to use - has been taken away. Now you either have to refuse updates point blank or accept all of them, whether they be for security or for updating and refining the spying capacity of your own computer. Neither are you able to decline driver updates, which have always been risky to perform through Windows Update (better to find drivers for your hardware on the original manufacturer's site) and can lead to an unusable computer, printer or webcam.

Effectively, updates take place in the background, which is a great relief if you know nothing about computers, but by being offered no choice in the matter, more experienced (and more concerned over privacy) users are being herded into the same sheep pen. Updates or driver downloads which crashed the computer the first time cannot be avoided with this Microsoft knows what you need approach.

Windows is being delivered as a "service", not something you install from a CD and then update now and then. Given that Microsoft are treating Windows 10 as a work in progress and have said that the complete system will be subject to an "in-place upgrade" two or three times a year, the lack of user control over the updating feature is dire news for privacy advocates. All of your tweaks and fixes may (and probably will) be removed or reset at the next upgrade, the timing of which you have no control over. The November 2015 upgrade - when an entirely new build of Windows 10 was downloaded and installed - did exactly this, even removing innocuous programs such as Classic Shell. The "Anniversary Update" in 2016 broke users' webcams, and some found their wi-fi connection no longer worked. It is even more important to use one-click sanitisers such as "W10 Privacy" so you can rebuild your privacy each month, if necessary.

Tread carefully. Something relentlessly pushed at you as free might just be obliging you to pay for it repeatedly by harvesting your personal information.

Go to the first Online Zone page 1 | Go to the previous Online Zone - page 3

Send this page to a friend

Creative Commons License

Do you have any suggestions about these tips? Use the online feedback to help me improve them.
 

Jump to another zone: