The story broke before the weekend as reported among others by the Hacker News about Windows 10 Preview having a keylogger to spy on your activities. It seems that Microsoft may be taking its technical preview to the next level of spying and “anonymous statistics” compared to previous technical previews released. Apparently Microsoft is collecting keystrokes within the technical preview according to the “terms of service” and “privacy agreements.”
As the article from THN mentions most of us do not read the license agreements to these Technical Preview type installs for the most part, we all buzz right through them without reading the “fine print.” Among the other data that Microsoft is collecting is text to speech information using the technical preview.
Of course this “functionality” is said to be eventually taken out when the RTM release hits the market, it still makes us all think about the kind of information that may be captured from all of us especially system administrators who are eager to try out the newest software releases and operating system versions from our favorite companies. These big companies more and more these days are harvesting data from all of us to perfect products and introduce functionality in apps and software, etc.
It is a bit unnerving to think about the huge database of information being collected when the public utilizes these technical previews and other beta software. As THN makes the case, not that the companies who are producing the software and collecting the information are using this information maliciously, however, it is certainly a honeypot of information for someone who might break in and steal this information. It really makes you wonder how secure this “collected” information is from these software vendors. Is it transmitted with encryption? Is it encrypted while stored?
My opinion is that system administrators should not join Windows 10 to the network and use DOMAIN credentials to do so especially since these and other text input is being captured by Microsoft and we do not know in what way they are being transmitted.
As posted on The Hacker News