Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

microsoft has access to my harddrive?


  • Please log in to reply
13 replies to this topic

#1 daimonion

daimonion

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:58 PM

Posted 16 June 2016 - 11:20 AM

 

I don't like the sound of this. Is this true, and is there anything I can do about it?

 

Especially this post was worrying: "Encryption will NOT WORK, because not only does Bitlocker give the key to MSFT but if you will look in the EULA it says they get access to what you type which means when you type in the key to access the folder? You have just sent it to MSFT. The only known way (and even then not 100%) is to go into GPedit (which if you have Windows Home you are boned) and disable the tracking AND go into HOSTS and disable more than 30 entries (you read that right, more than 30 websites get called by a typical Win 10 install) in HOSTS so they can't phone home.."

 

 

Edit: This link too: https://www.reddit.com/r/Windows10/comments/3f69pi/does_windows_10_really_allow_microsoft_to_access/


Edited by daimonion, 16 June 2016 - 11:42 AM.
Moved from W10 Support to W10 Discussion - Hamluis.


BC AdBot (Login to Remove)

 


#2 TheJokerz

TheJokerz

  • Members
  • 287 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:02:58 PM

Posted 16 June 2016 - 11:22 AM

Stop using the internet


pa9d6f-4.png


#3 Rocky Bennett

Rocky Bennett

  • Members
  • 2,954 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:New Mexico, USA
  • Local time:12:58 PM

Posted 16 June 2016 - 12:14 PM

I agree with TheJokerz. Otherwise, don't worry about it.


594965_zpsp5exvyzm.png


#4 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 9,356 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:02:58 PM

Posted 16 June 2016 - 12:45 PM

More BS from a crowd who simply does not understand, nor care to understand, what Windows 10 actually does and collects.

 

Anyone stupid enough to think that Microsoft is collecting encryption passwords really is dumb as a box of rocks.  No company wants the legal liability of knowing passwords and I know of none, including Microsoft, that actually knows your own for your Microsoft account, as it's sent encrypted and stored encrypted and only you know how to enter the unencrypted version that's then encrypted to verify against.

 

Of course Microsoft "has access to your hard drive" in terms of Windows Update, OneDrive if you use it [which isn't your hard drive, but their cloud storage].  Also, law enforcement can't demand a third party grant access to anything without having a warrant to do so.  Look at the whole recent iPhone incident with the California shooters.

 

This is the worst kind of pure garbage speculation of the type that conspiracy theorists traffic in.  Also, anyone who thinks that open source encryption (which is excellent, don't get me wrong) isn't "breakable" by those who know encryption and can spend the time actually examining the software in-depth is also fooling themselves.  Again, look at the recent iPhone incident where the government did break encryption without Apple's assistance.

 

This guy is just plain willing to traffic in wild speculation with nothing but his own wild ideas to back it up.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1809, Build 17763 

     Presenting the willfully ignorant with facts is the very definition of casting pearls before swine.

             ~ Brian Vogel

 

 

 

              

 


#5 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Members
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:02:58 PM

Posted 16 June 2016 - 01:07 PM

If Microsoft wants access to my hard drive they can ask me for that access.
I'll gladly give it to them.

The only things they will find out is what programs I have installed, that I frequent certain websites on a daily basis, I am currently tracking a Fed Ex shipment and if they want to print coupons for Chuck E Cheese or Ruby Tuesday's they are welcome to do so and use them before they expire.

Access my email and they will mostly see mails I receive from my favorite restaurants or notifications for another forum I participate in.

Maybe they will laugh at the pictures I have in folders called Cartoons and Funny Pics and Southern. They can look at the pictures of my dogs and grandchildren, then tell me they like my dogs and that my grandchildren or adorable.

Look at My Music, Microsoft. You might see a song you really like. Go ahead and listen to it.
Do please note that ALL the songs on my computer I have collected for years on CD's and spent a lot of time copying them to my music folder. Also note that I have just about everything Pink Floyd and Lynyrd Skynyrd did. I am sure there is something there that they, whoever they are, will like.

Microsoft would think my life is very dull if they judged me by what is on my computer.

Edited by Queen-Evie, 16 June 2016 - 01:14 PM.


#6 Niweg

Niweg

  • Members
  • 802 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US of A
  • Local time:02:58 PM

Posted 16 June 2016 - 01:20 PM

 By default Onedrive will copy your Documents and Pictures folders to their cloud.  This means that they have every bit and byte you have in these two folders unless you go into Onedrive and turn these off.  This is not the same as in the Privacy settings, this is separate and apart from that.  They do not tell you nor ask you about doing that, they just do it by default unless you turn it off.

 

 To turn that feature of Onedrive off, go to Start -> All apps -> Onedrive.  Then right-click Onedrive and click "Choose Onedrive folders to sync".  

 

 Good luck. 


Make regular full system backups or you'll be sorry sooner or later.


#7 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 9,356 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:02:58 PM

Posted 16 June 2016 - 02:46 PM

 By default Onedrive will copy your Documents and Pictures folders to their cloud.  This means that they have every bit and byte you have in these two folders unless you go into Onedrive and turn these off.  This is not the same as in the Privacy settings, this is separate and apart from that.  They do not tell you nor ask you about doing that, they just do it by default unless you turn it off.

 

 To turn that feature of Onedrive off, go to Start -> All apps -> Onedrive.  Then right-click Onedrive and click "Choose Onedrive folders to sync".  

 

 Good luck. 

 

Yes, they do, and yes, I have.  I would think that anyone who uses cloud storage of any type, whether OneDrive or otherwise, has to know that or at least should.

 

OneDrive has been turned on by default since Windows 8.1, and they make very clear that OneDrive is actually the default location for your files and pictures, not your local drive, at Windows installation/setup.  I really don't feel that this is hidden, at all, if you actually pay attention to what you're being told, in icons and in writing, during the process of installing Windows from scratch or doing a Windows 10 upgrade.  Whether or not people understand what cloud storage implies is an entirely different ball of wax, and hardly limited to OneDrive.

 

It is impossible to adequately warn and educate those who either just don't care or who see a notification, scratch their heads, and don't bother to do a moment or two of checking before pressing the button that affirms their consent.

 

I disabled this as the default promptly for my computer and my partner's.  OneDrive is off entirely on my computer and on his it will only sync those things he chooses, and I don't think that's been anything so far.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1809, Build 17763 

     Presenting the willfully ignorant with facts is the very definition of casting pearls before swine.

             ~ Brian Vogel

 

 

 

              

 


#8 JohnC_21

JohnC_21

  • Members
  • 24,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:58 PM

Posted 16 June 2016 - 03:06 PM

Brian, I agree with you except for the part about encryption. Using Veracrypt and three factor encryption. AES > Twofish > Serpent >  with a strong 7 word passphrase I believe is not breakable at this moment.

AES-Twofish-Serpent

Three ciphers in a cascade [15, 16] operating in XTS mode (see the section Modes of Operation). Each 128-bit block is first encrypted with Serpent (256-bit key) in XTS mode, then with Twofish (256-bit key) in XTS mode, and finally with AES (256-bit key) in XTS mode. Each of the cascaded ciphers uses its own key. All encryption keys are mutually independent (note that header keys are independent too, even though they are derived from a single password – see the section Header Key Derivation, Salt, and Iteration Count). See above for information on the individual cascaded ciphers.

 

 

 

https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/

 

 

In other words, if an attacker knows that you are using a seven-word Diceware passphrase, and they pick seven random words from the Diceware word list to guess, there is a one in 1,719,070,799,748,422,591,028,658,176 chance that they’ll pick your passphrase each try.

At one trillion guesses per second — per Edward Snowden’s January 2013 warning — it would take an average of 27 million years to guess this passphrase

 

 



#9 Guest_GNULINUX_*

Guest_GNULINUX_*

  • Guests
  • OFFLINE
  •  

Posted 16 June 2016 - 04:01 PM

Microsoft has access to my harddrive?

YES, full access on Windows 10... If you trust M$ that's not a problem, is(n't) it?

 

Queen-Evie:

Can I have all your usernames and passwords please? I promise to do nothing evil!

I said please and I didn't make you agree to anything binding, that makes me more trustworthy than M$...

 

JohnC_21:

And what happens if you mount that super encrypted drive/volume in Windows 10?

 

Greets!  :wink:



#10 JohnC_21

JohnC_21

  • Members
  • 24,670 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 16 June 2016 - 04:14 PM

 

JohnC_21:

And what happens if you mount that super encrypted drive/volume in Windows 10?

 

Greets!  :wink:

My Veracrypt container is only opened in Ubuntu.  :)



#11 Guest_GNULINUX_*

Guest_GNULINUX_*

  • Guests
  • OFFLINE
  •  

Posted 16 June 2016 - 04:41 PM

^ That says it all...  :wink:



#12 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 9,356 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:02:58 PM

Posted 16 June 2016 - 04:52 PM

If it seems to be too good to be true it probably is;

If it seems too bad to be true it probably isn't.

 

I really don't believe, for one second, that Microsoft, Apple, or any other software and hardware maker is willing to take on legal exposure that it really doesn't need to have.  It makes no sense, business or otherwise.  I don't know why people persist in believing, genuinely believing, things that make so little sense.

 

Any encryption is, ultimately, breakable, but it's getting harder and harder to break it.  I neither need nor want encryption on my files because it adds yet another layer of processing and potential failure for things that aren't secret in any meaningful sense and that I don't have any reason to believe that anyone is monitoring on a constant basis.  There's a reason that the CBS show, Person of Interest, still falls into the realm of fiction.


Edited by britechguy, 16 June 2016 - 04:53 PM.

Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1809, Build 17763 

     Presenting the willfully ignorant with facts is the very definition of casting pearls before swine.

             ~ Brian Vogel

 

 

 

              

 


#13 Chris Cosgrove

Chris Cosgrove

  • Moderator
  • 7,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland

Posted 16 June 2016 - 05:34 PM

I have to say I am inclined to agree with Brian on this one - companies like MS, Apple and so on do not want the burden of knowing your passwords and encryption keys. If I understood it correctly, that was the core of the Apple v FBI case recently - Apple couldn't decrypt the phone because they didn't have the key. Or, to put it another way.

 

My on-line banking account gets hacked and I can prove to my bank's satisfaction that I was using sufficiently strong and unique log-in credentials. If MS are logging my credentials who do you think the bank are going to sue ?  And banks generally can afford to sue !

 

More personally, I teach computing as a volunteer to a mainly older audience, some of whom have never used a computer before. This often involves me in helping them to set up email accounts and passwords, which I often help them generate. I go to some lengths to ensure that I do not have a note of their passwords on my computers and I do my best to forget these passwords after they have started using them for exactly the reasons Brian puts forward - I don't want the responsibility of knowing them.

 

Chris Cosgrove



#14 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:58 PM

Posted 16 June 2016 - 05:50 PM

Can I have all your usernames and passwords please? I promise to do nothing evil!


Will you gives yours to me? I like Linux and I run it on some VMs, you can trust me you know.

Edited by Aura, 16 June 2016 - 05:50 PM.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users