Your forum username:
Do you already have an account?
Forgot your password?
  • Log in or Sign up


    Welcome to Sky User - The Unofficial Support Forum for everything Sky! - Proudly helping over 65k members.


    Advertisement

    Results 1 to 4 of 4
    Like Tree1Likes
    • 1 Post By BurnIT

    Microsoft ordered to fix 'excessively intrusive, insecure' Windows 10

    This is a discussion on Microsoft ordered to fix 'excessively intrusive, insecure' Windows 10 within the General Computing and Internet forums, part of the Community channel category; Microsoft ordered to fix 'excessively intrusive, insecure' Windows 10 Vous avez trois mois, Nadella Updated A French regulator has issued ...

    1. #1
      Scubbie's Avatar
      Scubbie is offline Sky User Moderator
      Exchange: 02392
      Broadband ISP: Sky Fibre Unlimited
      Router: Sky Q Hub ER110
      Sky TV: Sky+HD box
      Join Date
      Mar 2010
      Location
      Near Portsmouth
      Posts
      28,200
      Thanks
      842
      Thanked 2,223 Times in 2,092 Posts

      Microsoft ordered to fix 'excessively intrusive, insecure' Windows 10

      Microsoft ordered to fix 'excessively intrusive, insecure' Windows 10
      Vous avez trois mois, Nadella


      Updated A French regulator has issued Microsoft a formal warning over Windows 10, saying the operating system collects excessive amounts of personal data, ships that information illegally out of the EU, and has lousy security.

      The warning comes from the Commission Nationale de l'Informatique et des Libertés (CNIL), an independent data privacy watchdog with the power to levy fines against companies. The CNIL has been investigating Windows 10 since its launch and has now drawn up a damning list of criticisms.

      "The CNIL has decided to issue a formal notice to Microsoft Corporation to comply with the Act within three months," said the group on Wednesday.

      "The purpose of the notice is not to prohibit any advertising on the company's services but, rather, to enable users to make their choice freely, having been properly informed of their rights. It has been decided to make the formal notice public due to, among other reasons, the seriousness of the breaches and the number of individuals concerned."

      Chief among the regulator's concerns is the amount of information Windows 10 slurps up about its users and sends back to Microsoft's servers. While all recent flavors of Windows send some information back to Redmond, Windows 10 harvests much more and the CNIL considers this intrusive and also not needed to run the OS.

      It could also be breaking the law. The collapse of the Safe Harbor agreement last year didn't stop this flow of data from French users back to the US, and the CNIL is concerned that Microsoft made no attempt to comply with the law. The watchdog estimates that there are at least 10 million Windows users in the Euro nation.

      Enabling this data collection by default is unfair to users, the CNIL opines, and it complains there is very little information from Microsoft on how to limit the amount of data the operating system collects.

      Finally the agency excoriates Windows 10 for its poor security. People can use a four-digit pin to log in and purchase apps, and the CNIL notes that there's no limit to the number of times a PIN can be tried. This means that the account is not "secure or confidential," although there are other ways to lock down an account.

      Microsoft has three months to come up with proposals for changes to its software that will satisfy the CNIL – although no one at Redmond is going to be too worried. The French bureaucrats move slowly and failure to comply will merely trigger the possibility of an internal investigator being hired to dig deeper into the operating system. The CNIL ultimately has the power to fine organizations if laws are broken, though.

      Updated to add

      "We built strong privacy protections into Windows 10, and we welcome feedback as we continually work to enhance those protections," David Heiner, deputy general counsel at Microsoft, told El Reg this afternoon.

      "We will work closely with the CNIL over the next few months to understand the agency’s concerns fully and to work toward solutions that it will find acceptable."

      Heiner said Microsoft was a strong advocate of the Safe Harbor rules and had worked hard to set up the Privacy Shield replacement scheme for transatlantic data traffic. In the meantime it had adhered to the old Safe Harbor rules despite the agreement being struck down.

      "Microsoft will release an updated privacy statement next month, and that will say Microsoft intends to adopt the Privacy Shield. We are working now toward meeting the requirements of the Privacy Shield," he added.
      Comment: Why can't the UK Government do something similar?


    2. Advertisement
    3. #2
      Isitme's Avatar
      Isitme is offline Sky User Moderator
      Exchange: Bannockburn
      Broadband ISP: Sky Fibre Unlimited
      Router: Sky Hub SR102
      Sky TV: Sky+ HD
      Join Date
      Dec 2006
      Location
      Central Scotland
      Posts
      34,256
      Thanks
      65
      Thanked 1,655 Times in 1,616 Posts

      Re: Microsoft ordered to fix 'excessively intrusive, insecure' Windows 10

      People can use a four-digit pin to log in and purchase apps, and the CNIL notes that there's no limit to the number of times a PIN can be tried. This means that the account is not "secure or confidential," although there are other ways to lock down an account.
      That's a bit unfair as the PIN log in is an option to make it easier for users to log into a private machine. It has to be specifically selected and is not a default. As for the privacy issues which are the default setting, they are easy enough to disable.

      I think I smell the EU setting up MS for a big fine to swell their coffers.

      TomD


      Please note the views and recommendations in my posts are my own and in no way reflect the views of SkyUser.


      Useful Utilites

      http://www.nirsoft.net/utils/wifi_information_view.html/ TCPOptimiser /Test Socket

      Note - When downloading always select the Custom install or you will end up with stuff you don't want.





    4. #3
      speedyrite's Avatar
      speedyrite is offline Sky User Member
      Exchange: MYHGT
      Broadband ISP: NOW Broadband
      Router: NOW TV Hub Two
      Sky TV: NOW TV
      Join Date
      Sep 2006
      Posts
      2,355
      Thanks
      375
      Thanked 160 Times in 154 Posts
      Blog Entries
      1
      Quote Originally Posted by Isitme View Post
      I think I smell the EU setting up MS for a big fine to swell their coffers.
      Maybe so, as there is likely to be a big hole in their budget in a couple of years time by the look of things!
      ++ speedyrite ... powered by NOW Broadband from June 2018 ++
      (previously powered by Sky Broadband from July 2007)

    5. #4
      BurnIT's Avatar
      BurnIT is offline Sky User Member
      Exchange: 01827
      Broadband ISP: Sky Broadband Unlimited
      Router: Sagem F@ST 2504n
      Sky TV: Sky+HD box
      Join Date
      Mar 2012
      Location
      Polesworth
      Posts
      239
      Thanks
      5
      Thanked 3 Times in 3 Posts

      Re: Microsoft ordered to fix 'excessively intrusive, insecure' Windows 10

      Those privacy settings, or lack of, should NOT be default, but fully explained options that are set on (at least first) use by any new account.
      No data at all should be allowed to be collected without informing the user what it is and what it is going to be used for. That data should also not be "sold on". Local governments have a nasty habit of selling on data.

      We the public need to turn round to the companies that collect and sell on data and CHARGE THEM for use of our data.
      Scubbie likes this.

     

     

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •  
    SkyUser - Copyright © 2006-2017. SatDish and NewsreadeR | SkyUser is in no way affiliated with Sky Broadband / BSkyB
    RIPA NOTICE: NO CONSENT IS GIVEN FOR INTERCEPTION OF PAGE TRANSMISSION