One of the many criteria for a connected device to be considered secure is that one must be able to log, account for, and understand all data leaving the device.
With most Linux distributions, this is easy. You can capture and record every packet being sent over the internet using simple hardware, and then compare those packets to the processes running on the Linux device. Since Linux is open-source, you can account for every byte being sent, and understand its exact purpose.
Using similar methodology, this can also likely be achieved with Microsoft’s Windows 7 operating system (although not with its default settings). Although it is closed-source, it appears that it likely can be configured to never transmit any mystery data. (The qualifiers “appears” and “likely” need to be employed because, in theory, it could potentially have one or more payloads that have so far gone undetected, or are triggered by events that have yet to occur.)
With Microsoft’s Windows 10 operating system (Home and Pro), I’m trying to determine if this is possible. Although Microsoft has finally published documents stating what type of data they claim to transmit from Windows 10 devices, that’s akin to “the fox watching the hen house”. (Remember how another mega-corporation, Google, drove around with vehicles collecting everybody’s WiFi traffic, and then claimed they didn’t even know they were collecting it?)
Given that Windows 10 is closed-source, no one can verify Microsoft’s claims by examining the code. Also, to my knowledge, no one has reverse engineered a sufficient amount of Windows 10 executables to verify those claims.
Despite much searching, I have been unable to find any documents sufficient to allow a person to verify Microsoft’s claims. From what I can tell, Microsoft has not publicly documented the structure of the data that Windows 10 transmits so that researchers can verify Microsoft’s claims.
Do such documents exist for the public to view? If not, how can any internet-connected Windows 10 device be considered even somewhat secure unless it employs a narrow hardware-based IP whitelist?
A little of the reading I performed before posting this question:
Continue reading Without implementing a restrictive hardware IP whitelist, can an internet-connected Windows 10 device be considered secure?→