• United States



Windows 10 security, privacy and manageability features

Oct 05, 20144 mins
Data and Information SecurityMicrosoftSecurity

A detailed look at some of the security, privacy, and manageability features in Windows 10 was published and then deleted. Here are some of the Windows 10 'under the cover' highlights.

Too many people claimed that Microsoft didn’t listen to users’ feedback at all when it came to flavors of Windows 8, but joining the Windows Insider Program means Technical Preview users are supposed to give feedback to Microsoft engineers; now some folks say Microsoft is collecting too much feedback from users who install the Windows 10 Technical Preview.

According to ZDNet’s Mary Jo Foley, “Microsoft built a new real-time telemetry system codenamed ‘Asimov’ that lets the OS team see in near real-time what’s happening on users’ machines.”

WinBeta pointed out that the Insider Program allows Microsoft to collect a lot of data in order to provide feedback. The Privacy Policy for Windows 10 Technical Preview states that examples of data collected include “your name, email address, preferences and interests; browsing, search and file history; phone call and SMS data; device configuration and sensor data; and application usage.” If you enter text, Microsoft said it might “collect typed characters and use them for purposes such as improving autocomplete and spellcheck features.” If you use “voice input features like speech-to-text,” then Microsoft might “collect voice information and use it for purposes such as improving speech processing.”

The Hacker News suggested Windows 10 preview includes “a keylogger to watch your every move,” which might be why Microsoft suggested not installing the Technical Preview on the machine you use every day. Of course, it could be because the software is a pre-release that is bound to include bugs; Microsoft made it clear that accepting the Windows Insider Program Terms of Use and Privacy Statement means users agree not to hold Microsoft response for “crashes, security vulnerabilities, data loss or damage to your device.”

Microsoft’s feedback collection system will not be part of the official Windows 10 once it launches.

When it comes to counting keystrokes, regarding the Start Screen versus the Start Menu, Microsoft Principal Application Development Manager Oliver Niehus revealed, “If you counted the number of required clicks or keystrokes to start a program in Windows 7, you will see you won’t need more rather less clicks when using Windows 10.” He was discussing the evolution of Windows and new features in Windows 10.

Niehus published, then poofed a detailed “under the covers” article about the security, privacy, usability, and manageability of Windows 10 Technical Preview. Some of the “quick facts about security investments in Windows 10” included:

After hearing about “challenges with Windows 8 and Microsoft Accounts,” Microsoft made “Azure Active Directory a first class citizen,” meaning “you can use Azure AD identities to log in to your device so users get the same benefits as using an MSA such as store access, settings sync, and live tiles. Organizations can now use their existing AD, federated in the cloud with Azure AD, to do everything they need. No Microsoft Account needed.”

Windows 10 “includes next generation user credentials,” making “password alternatives easy to deploy.” Server Side Includes (SSI) everywhere is enabled, and it “supports Enterprise authentication scenarios as well as consumer authentication scenarios like logging on to a website.”

Niehus added, “Threshold builds data protection into the natural flow” and “integrates data protection at the platform level.” It supports “per-application VPN,” meaning only specific apps will be allowed to be on a VPN. “Administrators can restrict remote access to specific application, and/or with specific port/IP address.”

With Windows 10, Microsoft will “create a new volume purchasing program that enables organizations to purchase apps in bulk, deploy those apps using a variety of scenarios, and manage the licenses (reclaiming and reusing, e.g. when an employee leaves the company). You will also be able to create your own organizational store, basically a store within the public Windows Store where you can put a fully-curated list of public and line-of-business apps. Of course to make all this work, we will support using Azure Active Directory accounts for acquiring organizational apps (while still using Microsoft Accounts for personal apps).”

It’s unclear why the post would be deleted as it goes into some great details about Windows 10 as a whole, instead of just the Technical Preview or the Enterprise Technical Preview. “Nothing shows ‘One Windows’ more than the way our platforms are converging, a journey which ends with Windows 10,” he wrote. “Windows 10 brings EVERYTHING together, the foundation is the same, kernel, drivers etc. – from PCs to phones, to IoT (Internet of Things) devices. And the application platform is the same across all of these devices. One Windows means one universal app platform, one security model, one management system, one deployment approach and one familiar experience.”

I’ll leave you with a summary of new features within Windows 10 Technical Preview. Keep in mind that Niehus emphasized this was only a preview and would be continued.

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.