A lot has been made of Windows 10 and the way the platform gathers data. What Microsoft calls gathering telemetry to ensure the smooth running of the OS, others would call spying. Either way, the company has attempted to reassure customers with more privacy controls. However, a security expert says Windows 10 is not going far enough.
Mark Burnett, a seven-time Microsoft MVP, noted security analyst, and former Windows developer conducted a study on Windows 10 Enterprise and found it to be wanting.
If you are familiar with your Windows 10 versions, you will know Enterprise Edition is supposedly the most closed. The version comes with the greatest controls over privacy as it is for IT admins and organizations. However, Burnett notes even this version of the OS has confusing settings.
To put the privacy options to the test, he installed Windows 10 on a PC running VirtualBox virtual machine (CentOS host) with no network adapter. Next Burnett selected the Windows Restricted Traffic Limited Functionality Baseline.
This Microsoft feature turns off most of the tracking functions built within Windows 10. It is the setting configuration that is recommended by numerous compliance groups to avoid personal privacy violations.
Burnett turned off the virtual machine and applied NIC tracking running through a night. The results showed that Windows 10 (Enterprise) did indeed cut back on data tracking traffic, not everything was turned off.
“You are opted in to just about everything by default and have to set hundreds of settings to opt out, even on an Enterprise Windows system. Sometimes multiple settings for the same feature. Most Microsoft documentation discourages opting out and warns of a less optimal experience. It's almost like they don't want you to opt out,” Burnett says.
Windows 10 was still gathering telemetry data, following which programs were run, Microsoft Office and Mail access, app diagnostics, and Windows DRM. Additionally, it also allowed the OneDrive splash ads to show, despite the storage service being turned off.
It is not all bad news. As mentioned, Windows 10 did close a lot of telemetry, which Windows Updates are disabled. Burnett adds that Windows was acting as if not connected to the internet and now driver updates would have been available.
Considering Enterprise is most shored up version, Home and Professional users are likely to be even more open to “spying”. Burnett says that most users do not even play with their settings to change defaults.
He says Microsoft needs to fix the issue and adds, “If we can't fix it, then we ditch Windows.”