Author Archives: RockPaperLizard

One of the many criteria for a connected device to be considered secure is that one must be able to log, account for, and understand all data leaving the device.

With most Linux distributions, this is easy. You can capture and record every packet being sent over the internet using simple hardware, and then compare those packets to the processes running on the Linux device. Since Linux is open-source, you can account for every byte being sent, and understand its exact purpose.

Using similar methodology, this can also likely be achieved with Microsoft’s Windows 7 operating system (although not with its default settings). Although it is closed-source, it appears that it likely can be configured to never transmit any mystery data. (The qualifiers “appears” and “likely” need to be employed because, in theory, it could potentially have one or more payloads that have so far gone undetected, or are triggered by events that have yet to occur.)

With Microsoft’s Windows 10 operating system (Home and Pro), I’m trying to determine if this is possible. Although Microsoft has finally published documents stating what type of data they claim to transmit from Windows 10 devices, that’s akin to “the fox watching the hen house”. (Remember how another mega-corporation, Google, drove around with vehicles collecting everybody’s WiFi traffic, and then claimed they didn’t even know they were collecting it?)

Given that Windows 10 is closed-source, no one can verify Microsoft’s claims by examining the code. Also, to my knowledge, no one has reverse engineered a sufficient amount of Windows 10 executables to verify those claims.

Despite much searching, I have been unable to find any documents sufficient to allow a person to verify Microsoft’s claims. From what I can tell, Microsoft has not publicly documented the structure of the data that Windows 10 transmits so that researchers can verify Microsoft’s claims.

Do such documents exist for the public to view? If not, how can any internet-connected Windows 10 device be considered even somewhat secure unless it employs a narrow hardware-based IP whitelist?

A little of the reading I performed before posting this question:

• How can I prevent all Windows 10 Telemetry?
• Information collected by Windows 10 at maximum privacy configuration
• How does Windows 10 allow Microsoft to spy on you?
• Does Windows 10’s telemetry include sending *.doc files if Word crashed?
• https://www.extremetech.com/computing/247311-microsoft-finally-reveals-exactly-telemetry-windows-10-collects-pc
• What are the privacy and security implications of Windows Telemetry
• https://www.zdnet.com/article/windows-10-telemetry-secrets/
• https://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/
• Is there evidence to proof that Windows is spying us ? Are the anti-spy programs works and are they trustable?
• https://www.cbsnews.com/news/hiybbprqag-how-google-tripped-up-microsoft/

Continue reading Without implementing a restrictive hardware IP whitelist, can an internet-connected Windows 10 device be considered secure?→