Microsoft spies on all your Windows 8 installs – badly encrypted

Posted 24 August 2012 15:41 CET by Jan Willem Aldershoff

Nadim Kobeissi, developer of an encrypted instant messaging application has discovered that during the installation of every application in Windows 8 the Microsoft servers are contacted. While Microsoft’s idea behind this seems good and is meant to protect you against malware, the way the feature has been implemented causes possibly security and privacy breaches. The feature, called Windows SmartScreen is turned on by default and sends an encrypted string to a Microsoft server containing information about any software you are trying to install, and like with all internet communication also your IP address is revealed to the Microsoft servers.

According to Kobeissi this is a problem as he writes on his blog, “The big problem is that Windows 8 is configured to immediately tell Microsoft about every app you download and install. This is a very serious privacy problem, specifically because Microsoft is the central point of authority and data collection/retention here and therefore becomes vulnerable to being served judicial subpoenas or National Security Letters intended to monitor targeted users.” He goes on to write, ” This situation is exacerbated when Windows 8 is deployed in countries experiencing political turmoil or repressive political situations.”

This means that in some countries the government  could make efforts to intercept traffic from the user to the Microsoft servers and then would be able to track installations of e.g. the Tor network used by dissidents in countries like Iran to securely transfer information about sensitive subjects. Even worse, the servers collecting the information are running an insecurely configured web server. If you don’t want to be tracked, but then also are unprotected by Windows SmartScreen, you can turn it off, however Windows will continuously nag you to put it on again.

Discuss this in our Windows 8 Forum.


Related content