Friday, 11 December 2015

How Secure Is Windows 10?

How Secure Is Windows 10

Microsoft’s new Windows 10 operating system contains several features that can threaten your system’s security and data protection. In this article, we will show you what to watch out for

It’s not very often that users eagerly await the arrival of Microsoft’s Windows operating system as much as Windows 10. According to an analysis by Statcounter, three percent of PC users installed the new system during the release weekend itself. The web service registered the hits on over three million websites and analysed the system information contained in them. Soon after, a large chunk of Windows users around the world were recorded to have moved on to the new Windows 10 operating system, not at all different compared to the pick-up rate when users shifted to Windows 7 from Windows XP and Windows Vista.


Not only that, people were jumping from Windows 7 and 8.1 to Windows 10 because Microsoft, for the first time is offering a version leap for free, if the upgrade is installed within the first year. If you are one of those who are still using Windows 7, Microsoft’s free offer will no doubt entice you to jump over too.

That being said, making the switch to Windows 10 might be a bit weird for some as the operating system is so strongly linked with internet-based services, which is very similar to how mobile operating systems work.

This affects the system’s security and does not always benefit the user. An example of the change is the digital assistant, Cortana. Once activated, it analyses the behaviour of the user and based on this, makes suggestions on what could be of interest to him. To do this, Cortana needs access to your contacts, browser  history, system search and the calendar. Similar to Siri in iOS, Cortana only works when it monitors the user behaviour and sends this information to the Microsoft Cloud.

The age-old argument of ‘‘privacy vs functionality” can be commonly seen throughout the operating system’s settings options, and in the end, the user should always decide on how much data they want and need to reveal. While it is almost impossible to stop all of Windows 10’s snooping features, we take a look at some of the things you can do to reduce this.

System Snoopers And Virus Guards


Even Microsoft’s own Defender antivirus software can’t be properly used without doing an analysis in the cloud. We will outline the security functions it brings with it in one of the latter pages. Microsoft has changed its update function even more radically. It is seen that in the long run that this may have repercussions on system stability, with risks for the user’s PC. Not all is doom and gloom as the data security features contained in Windows have been traditionally proven to be successful. We will also tell you if you need a separate backup security program just in case.

Maximise Data Security


Microsoft has interconnected Windows 10 strongly with its cloud-based services. If this is a problem for you, you can disable it without too much effort

75 million installations in a span of four weeks clearly shows how much Windows users have been waiting for Windows 10. In that vein, the public outcry has been very loud due to excessive data snooping by the new operating system.

Two institutions such as the data protection official of Switzerland and the Russian Attorney General are examining the legality of these Windows settings in their respective countries.

The most drastic rumour going around right now is that Windows 10 will lock pirated games from being played on the operating system, although according to Boris Schneider-Johne, product manager for Windows 10 at Microsoft Deutschland, the section only pertains to the use of Xbox Live. Nevertheless, certain popular torrent trackers have banned Windows 10 users from their peer-to-peer file-sharing sites in which these games circulate.

When Windows 10 Becomes Too Personal


Windows 10 certainly sends a lot of data to Microsoft when the user is tracked by the express settings upon installation. If you created an online profile, use the Cloud memory OneDrive and activates Cortana, the data traffic to the Microsoft servers will increase further. The user must be aware here that iOS and Android offer a similarly strong interconnection between online services and system functions - this is nothing new, but rather a part of the Windows modernisation. This also means that Microsoft displays personalised advertisements on the browser or online account.

Windows 7 doesn’t have a clean slate either and sends data to Microsoft. This mainly pertains to security features such as the SmartScreen and the automatically-activated participation in Microsoft’s SpyNet. This refers to a function of the malware protection, Defender, which sends suspicious samples to the Microsoft Cloud. The SmartScreen checks websites and EXE files loaded from the web in order to warn the user of phishing attacks in time. In order to do this, the Windows feature accesses a database, which contains information of over 1 billion Windows installations. Similar to Windows 7 and 8, both features are also active in Windows 10, but can be deactivated later.

In Windows 10, go to ‘‘Settings > Privacy” and click on ‘‘Privacy Policy” to see which information Microsoft has its hands on. This isn’t just a little information. Even the ‘‘Privacy” menu is impressive with the number of functions that can be disabled. And yet, by no means can you find all the buttons in order to shift Windows to an ‘‘offline mode”. The feature, Windows Customer Experience Improvement Program (CEIP) under ‘‘Feedback and diagnostics”, incidentally also a part of Windows 7, also collects and sends data to Microsoft via the software currently running – with the aim of optimising its interaction with Windows. CEIP can be disabled in Windows 7 and 8 – by calling up and turning off the search function ‘‘CEIP”.

This is option is missing in Windows 10. To enable it, the only way is via extremely complicated manual work, such as creating new registry entries plus disabling the currently running system services – or using an Anti-Spy tool.

Some functions seem problematic, but turn out to be relatively harmless upon closer examination. In the ‘‘System settings”, under “Network and security > WLAN > Manage WLAN settings”, WiFi Sense, known from the Windows Phone, enables the exchange of WLAN accesses with friends from social networks and contacts. This is more harmless than it sounds, since the exchanging doesn’t pass on the WLAN password, and your friends only have web access in the home network. Unfortunately, in the Windows menu, you can choose to enable either all or none of your Facebook friends and Skype and Outlook contacts, which is a security issue.

Windows Sends Data To Microsoft Regularly


In an experiment, we examined the outgoing data stream that Windows sends to Microsoft. This is relatively uncomplicated, since FritzBox, via packet recording, enables the data traffic to be captured. The tool Wireshark can then be used to analyse the recording. We have only recorded the Windows start, the first minute of operation, the opening of the start menu with the live tiles and a click into the Windows search. With an activated online profile and the help of the Windows settings, out of the box, around 200 connections to Microsoft services including update servers, Live Login, SpyNet, OneDrive and Bing were cleared out. In the second attempt, we enabled the ‘‘Privacy” settings, disabled Cortana and created an offline profile. With this, the number of connections was halved to roughly 100. In the process, Windows unnecessarily contacted the Live Login in spite of the online profile. It is therefore not enough to merely disable the services provided by the system. Microsoft says that Windows 10 establishes the connections in order to install updates and new features.

In the course of the whole spying affair, a series of AntiSpy freeware was released for Windows 10. The tools provide access to transmitting functions that you can’t just disable like that. We chose O&O ShutUp10 and enabled everything there – even options that the tool doesn’t recommend. Additionally, we uninstalled all the Microsoft apps that come with the system. This way, we managed to reduce the number of connections to eight, but we also had to turn off useful services such as Defender and SmartScreen. You must eventually decide for yourself whether and to what extent you want to use an AntiSpy tool. We recommend mostly programs that also undo all the settings. Moreover, you should create a system backup in advance in case something goes wrong. And not every tool is unproblematic. For example, DoNotSpy10 also recommends that you install the adware OpenCandy. You must watch out here and remove this tick, or else the anti-spyware will install its own spyware.

All in all, Windows 10 is an operating system that was launched at a time in which digital assistants monitor and analyse user behaviour. The good thing is that Microsoft is open about it and in its privacy policy, lists the kind of personal information that the system collects. All the same, Microsoft could have made it easier for its users. At the moment, it is still a couple of dozen clicks before a user can be as certain of his privacy as with Windows 7. Windows 10 would do well to have one button for a private mode, like the AntiSpy tools basically offer the user.

Protection From Malware


Sooner or later, Windows 10 will be the main target for a number of malware attacks. Unfortunately, not much has been done to improve its built-in anti-virus software

The dilemma is a familiar one: nine times out of ten, the system’s own Security Essentials in Windows 7 or the Defender in 8 rank last in security suite tests. According to Andreas Marx, CEO of antivirus laboratory, AV-Test, this isn’t going to be any better with Windows 10: ‘‘We already conducted a few tests in the last few weeks to determine whether the protection of Windows Defender in Windows 10 has been optimised. But the performance remains the same, there are no measurable differences.” Defender blocked approximately 90 percent of a three-digit number of malicious samples. These were zero day attacks, i.e. malware that was so far unknown, including malicious websites and infested e-mails. ‘‘The result,” declares Marx, ‘‘is significantly below the industry average.”

Security Software Compatible In Many Aspects


AV-Test has also tried all the usual antivirus solutions for private users under Windows 10. The conclusion: the core functions work smoothly as long as the user has the latest updates. ‘‘But an installation test can scarcely clarify how well the software is working,” says Marx. “Only a long-term test will reveal this.” A considerable number of protective program manufacturers are reluctant on the issue of compatibility. They deplore the short lead time from the release to publishing of Windows 10. Certain changes to the interfaces are also bothering them. The new Edge Browser too is a tough nut: since it still doesn’t allow plug-ins, the software can monitor it only with difficulty if the HTTPS connections are encrypted. But Marx gives the all-clear here: “The protective programs tested regularly by us detect malware when Edge is used just as well as they do in other browsers in Windows 7 or 8.”

One of the new interfaces in Windows 10 is the Anti-Malware Scan Interface (AMSI). With the help of AMSI, any program can send a suspicious code that it receives from the web, and discovers in its working memory area, to the malware scanner. If the user hasn’t installed an external security solution, Defender steps in. AMSI helps in detecting malicious scripts for which there is no signature, because virus guards have problems with detecting packed or encrypted malware scripts when they are downloaded from the web. Their malignancy is revealed only when they are unpacked and loaded on to the RAM.

Malware requires security gaps in order to remove the protective measures of Windows. Microsoft has made improvements here and updated its Bug Bounty program at the same time as it released Windows 10: hackers or security researchers who detect a loophole and send it exclusively to Microsoft will receive premiums two times higher. Whether and the extent to which this measure is successful cannot be answered, but one can hope that more gaps are now communicated to Microsoft in advance.

Automatic Updates


Forced updates keeps Windows 10 constantly up to date, But this also means that in case update errors occur, it is possible that the users will be left with a broken operating system

Windows 10 distributes system functions updates immediately, not only on Patch Tuesday. Moreover, the redesigned update function has done away with the  division into security patches and optional updates. Nothing is optional from now; the update option cannot be turned off in the ‘‘Settings” via ‘‘Updates and security”. The user can choose here whether the system performs them automatically in the background or informs him if a restart is required. In theory, it makes sense, since new updates are installed immediately on all computers. But in practice, several users have had bad experiences with the update function. Only last year, Microsoft delivered a series of faulty patches, which sent quite a few PCs into an infinite reboot loop, which the users had to repair with Windows’ Safe Mode. Admittedly, the flood of errors receded somewhat in 2015, but in May, two faulty driver patches for displaying fonts brought Windows 7 to its knees again. With Windows 10, you’re betting that in the future, Microsoft will come to grips with such problems. To be precise, the ones betting are those who have installed Windows 10 Home – the majority of private computers. In the Home version, only the compulsory automatic driver update in the control panel can be disabled: an option that Windows 7 already had. The less-distributed Pro versions allow the user to postpone the function updates by four months. Security patches are installed promptly as usual. Versions installed in companies can extend the time period to twelve months. Whether Pro users should make use of it or not is debatable because they then do away with useful Windows improvements. AntiSpy tools, in addition, offer to disable the update feature completely. At the same time, they will give you a warning before disabling, since they also block security patches.

Trust Towards Windows Is A Must


Microsoft has hidden another new feature in the ‘‘Advanced options” of the update menu, under ‘‘Choose how updates are delivered”. By default, the option enabled is that Windows 10 doesn’t receive updates only from Microsoft servers, but also from other computers surfing the Internet – a single, large peer-to-peer network that distributes updates. This is also a bet on the future, since a security gap here can cause major damage. If you want to avoid this scenario, you should disable the function. Microsoft has also been criticised with respect to its new update policy that it hardly ever gives information on which faults the patches fix. Microsoft has responded with the following: even Home users can see, for instance, which modules an update is installed for. Before long, users will be able to disable even the compulsory updates of the installed Microsoft apps via the Store Account. But this will do nothing to change Microsoft’s unwavering stance on compulsory updates.