News that Microsoft has included a keylogger in its Windows 10 Technical Preview release, which is available under its ‘Insider Program’ to software developers and brave souls / Microsoft groupie early adopters for beta testing, has caused something of a stink on the internet.
According to its Privacy Statement,
‘Microsoft collects information about you, your devices, applications and networks, and your use of those devices, applications and networks. Examples of data we collect include your name, email address, preferences and interests; browsing, search and file history; phone call and SMS data; device configuration and sensor data; and application usage.’
This doesn’t sound too bad, but it is the next bit that has got people riled up,
‘We may collect information about your device and applications and use it for purposes such as determining or improving compatibility… For example, when you:
- install the Program, we may collect information about your device and applications and use it for purposes such as determining or improving compatibility;
- use voice input features, such as speech-to-text, we may collect voice information and use it for purposes such as improving speech processing;
- open a file, we may collect information about the file, the application used to open the file and how long it takes and use it for purposes such as improving performance; or
- enter text, we may collect typed characters and use them for purposes such as improving auto-complete and spell check features.
This does indeed sound very bad, but it should be remembered that the Technical Preview is just that, and Microsoft can gain a deal of insight into bugs and other technical issues by collecting this kind of information.
Windows 10 Technical Preview is not ready for standard use as an operating system, is nowhere recommended as replacement for a consumer-ready OS, and certainly should not be considered ‘secure’. It exists to be tested, and those volunteering to test it should be aware of that fact.
According to Mary Jo Foley of ZDNet, this feedback is collected using a ‘new real-time telemetry system codenamed “Asimov” (yes, another Halo-influenced codename) that lets the OS team see in near real-time what’s happening on users’ machines. This is how Microsoft may be able to measure how successful the features it “flights” with different user groups are. One of my contacts said Asimov is a system that the Xbox team originally built and used during its development process.’
Once the Technical Preview period has finished, Microsoft will stop collecting feedback, and will remove both all data collected, and the (e.g. keylogging) software used to collect it. As Microsoft told WinBeta,
‘The Windows 10 Technical Preview is a pre-release build of the OS designed for testing, evaluation and feedback. We use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use or disclosure. For example, all data sent from the Windows 10 Technical Preview to Microsoft is encrypted in transit and we store the personal information you provide on computer systems that have limited access and are in controlled facilities.
Once you download Tech Preview and become a member of the Windows Insider Program, you provide information about how you use the product, including what devices you use it with, along with your detailed feedback to make adjustments before we launch the product.’