Why is Windows considered to have a lack of privacy?

Discussion in 'privacy problems' started by DesuMaiden, Mar 31, 2014.

Thread Status:
Not open for further replies.
  1. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    I don't quite understand why people say that a Windows OS lacks in privacy compared to Linux. I think it has something to do with being closed-source, which means developers can put privacy-compromising backdoors into the source code without you knowing. On the other hand, an open-source OS cannot hide privacy-compromising backdoors in its source code. Is that why a closed-source OS is generally considered to have worse privacy features than an open-source OS?

    Please explain in lay-man terms, because I'm no security expert.
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Yes, that's the key point.

    Right. But of course, there's no guarantee, for any given code, that anyone knowledgeable enough has actually looked hard enough to find backdoors etc.

    Well, a lot more could be said to explain in detail, but that's the basic issue.

    It's rather like you're part of a Microsoft botnet. Maybe it's a benign botnet, that just helps keep you safe. But how can you tell?
     
  3. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    The easiest way to see the answer to that question is to pick up a copy of Privazer and run it. Then take a look at the records it finds of how Windows has logged every app you've used including those that were removed years ago, every folder and flash drive you've ever opened and when you opened it last, and all the records it stores on your internet activities.
     
  4. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    Which versions of Win does this apply to noone? XP as well as 7 and 8? I know 8 is a lost cause (I won't touch it or anything after that).
     
  5. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    It applies to all versions of Windows starting with the 9X versions. Each stores more than its predecessor. On the 9X systems, the logging was limited to a few registry locations and folders, both easily cleaned. XP logs much more than most people realize. I'm not positive but I think SP1 introduced some of the worst logging in XP. Much of it is done by services. Apps like Privazer can clear those records. Preventing them requires disabling services and changing permissions on registry keys. Finding them all is the hard part, as is making certain that updates to Windows don't change the settings back or that they don't re-enable services that were shut down. From Vista onwards it keeps getting worse. See these threads for more detailed information.
    LastActivityView reveals too much
    PrivaZer Discussion Thread
    The Privazer thread is quite revealing in regards to how hard it's been to find and access all the new locations that store usage tracks. It leaves me asking if they've actually found them all. New updates and service packs can add more such logging at any time.
     
  6. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,599
    Another issue for me is that M$ is such a large target because it has so much influence in the computer marketplace. The Gov is going to go to them and lean on or pressure them to make sure that when needed THEY have access. Remarkably this will be under the "umbrella" of dire needs to protect citizens from the bad guys! Encryption software like Truecrypt cannot be beaten with a "level playing field". So what is their solution? To update the windows OS to capture passwords in a place where specified commands will reveal them, or possibly send them along silently when you go online. Scoffers, feel free to assume I am wrong. I hope I am.

    Consider this situation and answer for yourself: You have to bet your "bacon" against a three letter agency. Would you rather have your computer with full disk BIT LOCKER encryption, or one that is fully encrypted with Linux LVM/LUKS/DmCrypt as your stop gap?

    If you didn't pick BIT LOCKER then you know why you didn't, and its because of the very thread title being addressed here. Based upon BIT LOCKER casting the spotlight to answer this thread's theme, why would anyone think the windows OS is different?
     
  7. WideAwakeinAmerica

    WideAwakeinAmerica Registered Member

    Joined:
    Apr 1, 2014
    Posts:
    2
    If you had any idea as to how a default installation of Windows 7 is setup you wouldn't have the need to ask that question. It's wide open and is my opinion that it is little more than a direct link to the NSA, CIA, and all of the other alphabet bandits.

    After a fresh installation just look at the tasks in Task Scheduler that are set to run when you connect to your network and Internet.

    Look at the services that are set to run automatically and look at what they do.

    I recommend that if you run Windows 7 Home Premium that you look at this guide and follow the recommendations in it.

    ~Link removed for review~

    The previous poster who mentioned that the updates capture passwords, etc. is correct. The updates will revert or disable almost all of the security measures you put in place to protect what little bit of privacy you have left. I've seen it with my own two eyes.

    I also have evidence that the Google Android kernel has a backdoor to the NSA through the DoD Network Information Center in Columbus, Ohio. I'll post this evidence in another thread or post under a thread I saw relating to that subject.

    Proprietary operating systems are not secure. They are data mining programs and your private documents and files are not secure if you use them and are connected to the Internet.
     
    Last edited by a moderator: Apr 1, 2014
  8. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    lets take this further. Starting with XP, online activation is necessary to use it. Care to bet that this process doesn't include creating and sending a unique fingerprint and that it doesn't include logging when and where it was activated?
     
  9. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Right. And there's probably a money trail from the product key to your credit card etc :(
     
  10. WideAwakeinAmerica

    WideAwakeinAmerica Registered Member

    Joined:
    Apr 1, 2014
    Posts:
    2
    If you're using Windows 7 and haven't browsed the Task Scheduler you should do so now.

    Task Scheduler ---> Task Scheduler Library ---> Microsoft ----> Windows

    Expand that Windows folder and exam each and every one of those scheduled tasks and note carefully what they say. There are several that collect (unknown) data and send it to God only knows where if one has "opted-in" to the Customer Experience Improvement Program. Doesn't that program sound so benign and sweet?

    Note the scheduled item labeled "Location." "Description: Location Activity." <--- Tracking your use of your own computer where you use it.

    It's safe to say that any data that is collected and sent to a server whose name and address you're not certain of is not good. In fact, I characterize it as EVIL. What is being collected? At what intervals? Where is it sent? Who exams it? What is done with it? Is it put in a database somewhere? Who has access to that database?

    Scroll down the list. Exam it carefully and after doing so come back and answer your question you posted in the OP.

    I suggest you delete almost all of those tasks unless you know they will break the system or make it inoperable. I haven't deleted the registry backup schedule item but have most all of the other items. Those I'm not sure about I disable and will research later to determine whether I can safely delete them or whether the OS needs them to operate.
     
    Last edited: Apr 1, 2014
  11. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    Very interesting stuff. Thanks...
     
  12. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    As everybody else here said. It's closed sourced and you are most likely part of a botnet/data mining.
     
  13. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I wouldn't expect to win against a 3 letter agency, but if I was in a position that forced me to try, I wouldn't choose either of those options. I wouldn't trust Bitlocker and the operating systems that use it. My understanding of linux is limited. I don't know it well enough to properly harden it. I'd also expect that they've found ways around some of the linux encryption, either by compromising random number generators or finding other ways to infiltrate the system and get the passwords.

    I'd use an old OS like the one I have, as stripped and hardened as I can make it. For the encryption itself, I'd use Scramdisk 3.01. It predates most of their efforts at compromising and backdooring encryption. It supports strong algorithms like Blowfish which has never been broken. It can encrypt containers and partitions. It accepts passwords or phrases in 4 lines, 39 characters each, 156 characters total. Passwords can be cleared with a single click and on a timer. It only runs on 9X systems, no NT compatibility at all so it's rarely used.

    It was recommended to me years ago by a retired individual who served as a Colonel in the signal core during the cold war. Intelligence and encryption was his job and his livelihood afterwards.
     
  14. Wroll

    Wroll Registered Member

    Joined:
    Nov 29, 2011
    Posts:
    549
    Location:
    Italy
    Because of Microsoft. There are lots of applications out there who gather data from your computer, but they're not villainized like them because of their history.
     
  15. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Unless you do this ;)

    I've reinstalled @ least twice since i've had XP on different comps, such as when i built a new one. I didn't have to register online, i just phoned an MS # in the UK, shown onscreen, & input the code/s they gave me into my comp when prompted. I dialed from a landline with my # blocked. But i could have used a cash prepay mobile phone with the # blocked. No personal details at ALL were requested or given !

    Sure if "someone", not MS, wanted to discover the landline # & location etc, they could do. But with the mobile phone registration as above it would be different. Especially if you cash bought a very cheap MP & used it only for the registration, then carefully disposed of it.

    I realise that not many people would do that, or think of doing it, but the option does exist :)

    *********

    Scramdisk sounds cool :thumb:
     
  16. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    There's no comparison. Individual applications don't log every application you ever installed and removed, every folder and external drive you've opened, every site you've been to, etc, and hide them all over the operating system. No individual application has a history like Microsoft where each new release is more invasive, more controlling, and more able to monitor everything the user does. Applications that log user activities anything close to what Windows does are labelled spyware or trojans.
    Interesting approach. I've never tried activation over the phone. Every XP unit I've had was either payment for other work or was bought at a garage sale. I did manage to activate a virtual XP through Tor using SocksCap2. I'm still surprised that they didn't block it.
     
  17. Nanobot

    Nanobot Registered Member

    Joined:
    Jun 23, 2010
    Posts:
    238
    Location:
    Neo Tokyo

    And rightly so

     
  18. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,055
    Location:
    The Netherlands
    To be honest, on Win 8, I did notice the outbound connections being made to Microsoft servers. :thumbd:

    Why is M$ doing this? On Win XP I never saw these connections. :rolleyes:
     
  19. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Microsoft has been engaging in this behavior for nearly 20 years. No other application has a history that can compare. No application has attempted to pass off an equivalent of WGA as a security fix. What other application makes you prove that you didn't pirate it every time you make a significant hardware change?
    Very. 14 years ago it had many of the features current encryption apps are marketing now. It doesn't use the registry. The app consists of 3 files, a driver, a configuration file, and the executable itself. Combined, they use barely half a megabyte of disk space. It has an emergency "brutal close" feature that forces a dismount and a wiping of the password no matter what else is happening, which can be triggered from a user defined keyboard shortcut. It adds mouse clicks and movements along with keystrokes to random data collected from the machine for entropy when creating encrypted containers or partitions. It can wipe the swap file. It can uninstall itself with a click on the file menu. It has provisions to defeat screen capture programs. As far as I know, no one has managed to defeat it save for brute forcing extremely weak passwords. Because of its age and the fact that it only works on 9X systems, I doubt that the NSA has put much effort into cracking it.
     
  20. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    On XP and earlier systems, one could prevent all calling home with hosts file entries. I'd bet this won't work on Win 8. I doubt it would work on Win 7.
     
  21. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,089
    Microsoft publishes some information about its products/services and their features/behaviors which have an impact on privacy...
    https://www.wilderssecurity.com/showpost.php?p=2336933&postcount=2
     
  22. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    With a perimeter router/firewall running pfSense, you could block whatever hosts you like.

    Maybe there's a blacklist somewhere for Microsoft-associated IPs.
     
  23. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    True, but an external firewall wasn't necessary to prevent calling home on XP or older versions of Windows. It wasn't necessary to use a router or firewall to block access to ports that couldn't be closed either. A software firewall or host file entries was sufficient for both tasks. On 9X systems, even that wasn't necessary. The few open ports were easily closed and all components of the OS respected the hosts file. The fact that it requires external hardware to get the same level of control shows the attitude behind Windows design, specifically that the user will no longer be allowed to control the behavior of Windows and MS software in general. Users who started on XP and never really worked with the 9X systems don't realize how much control that was available natively has been lost since then.
     
  24. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Addendum to my Post # 15

    When i phoned MS to activate my XP, it was an automated service. No human on the other end.

    @ noone_particular

    Scramdisk sounds even more cooler :thumb:
     
  25. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I've never bought a new PC. Microsoft hasn't made a dime from me. My XP units were all obtained used, either with cash or by trade. My name wasn't associated with any of them. I didn't want to create a link back to my phone so I opted not to try it. I built it offline and tried keys that were on the different cases until I found one that worked. I installed SSM, Kerio, Sockscap, and an older copy of Tor. After rebooting, XP attempted to start the registration process again. SSM intercepted the attempt and gave me the specific command being passed to it. I configured SocksCap to use Tor's socks port, used it to "socksify" the registration process, msoobe.exe /a , then launched it manually. The good thing about Sockscap is that any child processes launched by a socksified process are also socksified. As far as MS knows, the PC is in Germany. It's never connected out without going through Tor. I'm pretty sure this would work the same on virtual and physical units as long they're built offline and the firewall that's used can control localhost connections. It still surprises me that they don't block registration through exit nodes, at least they didn't as of last December. I wonder if they'll make it impossible to activate XP after support completely ends.
     
Loading...
Thread Status:
Not open for further replies.