Aug 18, 2015 15:00:00

It turns out that Windows 10 is sending data to Microsoft's server even if the privacy setting is turned off

In Windows 10, which was viewed as a problem

that a lot of personal information was shared with Microsoft if the settings were left as they were at the time of installation, even if the privacy setting was turned off, it communicated with Microsoft's server and sent data. This was revealed by an independent survey by IT-related media Ars Technica.

Even when told not to, Windows 10 just can't stop talking to Microsoft | Ars Technica
http://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/

Windows 10's privacy settings include a general menu with a wide range of settings, location, camera, typing, calendar, and many other options that users can turn on or off. . However, when Ars Technica actually turned off certain functions and investigated traffic, it was found that user information was being sent to Microsoft even with the functions turned off.

For example, after turning off the privacy settings of the voice assistant function 'Cortana' and 'Web search from the start menu', if you enter a word in the search box of the start menu and perform a search, it will be assumed that Cortana is using it. A request is sent to 'www.bing.com' for a file called 'threshold.appcache' that is The submitted file request contained a random machine ID that persisted across reboots. This behavior indicates that even with Cortana's privacy settings turned off, some information about Cortana is being sent to Microsoft.

A traffic study also revealed that it periodically sends data to a Microsoft server named 'ssw.live.com'. The server ssw.live.com is believed to be used for Microsoft's cloud storage service 'OneDrive' and other services of the company, but even with OneDrive turned off, you can log in with an account unrelated to Microsoft. It seems that the data is being sent even in the state of

Some of the traffic we investigated shows that Windows 10 requests two URLs when connecting to a new network: 'www.msftncsi.com/ncsi.txt' and 'ipv6.msftncsi.com/ncsi.txt'. I found something, but this is to check if the network is connected to the internet or through a captive portal, no machine ID or other important data was sent, especially large It seems that there is no problem.

Other traffic was determined to not be sent even though we could not confirm any major privacy issues. The Windows 10 start menu has a live tile function that allows users to freely customize it, such as pinning application tiles.

However, Ars Technica's research shows that Windows 10 regularly uses live tiles over unencrypted HTTP connections, even if you don't pin anything to the live tiles, i.e. don't put live tiles in the start menu. It turns out that you are downloading the . Ars Technica explains, 'This request does not contain personal information, but I do not understand why a request to download a new tile is sent without the tile being placed.'

Ars Technica asked Microsoft based on the contents of the investigation, 'Is there a way to prevent data from being sent even if the privacy function is turned off?' However, Bing search may receive updates in the future that include features such as layouts, styles, search codes, etc. However, data used in queries and searches will still be shared with Microsoft based on customer-selected privacy settings. Nothing is sent, and this also applies to offline searches for apps, files, device settings, etc.'

It is clear that Microsoft's explanation is inconsistent with Ars Technica's investigation, and I am very concerned about what kind of response Microsoft will take in the future. To switch the privacy settings of Windows 10, open the start menu and click 'Settings'.

Click 'Privacy Location, Camera'.

Below is the privacy setting screen, where you can change the privacy settings corresponding to the menus on the left.