Read more.Windows 8/10 file might include scribbled down passwords, emails, and Office texts.
Read more.Windows 8/10 file might include scribbled down passwords, emails, and Office texts.
Well,
I have a desktop, and this feature is turned on!
But, couldn't found the file (even in the hidden files). Is this something Microsoft already addressed?
The more you live, less you die. More you play, more you die. Isn't it great.
Not to belittle the information but that has been known about for a very long time, am I being a little tin-foil hat when he is "Seeking job opportunities in Australia for Jan 2019"?
Well, my antipathy to W10 is no secret, and that antipathy started with W8, so I'll put that out there in the interests of full disclosure.
What probably isn't so much of a '"no secret", as in harder to remember, is why my suspicion and antipathy started with W10, which centred around a series of MS 'decisions', and corporate announcements, all of which in my opinion spoke volumes about MS's full-blown centrism on what was right for them, and a complete disregard for the best interests of users, and this speaks volumes, whether old news or not.
Who in their right mind, and I mean what complete and utter moron of a developer/team, thought that in any universe, it was a good idea to indulge in this kind of 'secret' data capture without, at an absolute minimum, a very clear, plainly worded and explicit warning to users whenever anything was done that activates this.
I mean, the vast majority of users aren't security experts and most are barely computer-literate, and this presents an enormous, whopping-great security risk, which is pnly conceivably excusable if MS clearly warned users.
The fact that this file is required to somehow train and improve handwriting capture is no excuse for such a potentially dsnaging security risk, and such a pathetic reason for potentially exposing millions of users in order to help their feature improve tells me all I need to know about how much consideration MS give to their users.
Each time I mention my very considerable scepticism about putting our entire lives on electronic devices, I get called, jn various manners usually involving tinfoil and headwear, paranoid. Is it really paranoia if you are being followed tracked, digitised and databased?
I've pointed out before thatcI have a whole network of machines that are not net-connected. Instead, they're air-gapped. Why? Because I don't know enough, or have enough time, to ensure stuff I put on a machince cannot be compromised. But if it is completely air-gapped, it does at least restrict any hacker to requiring physical access. And if, as in my case, data is at least thorougjly encrupted (as mine is) and in the case of very sensitive dwta, stored or removablw media that are only inserted when I need them, and otherwise securely locked away, it is reasonably secure even against someone with physical access.
As time goes on, all I see is greater and greater risk of data being compromised, if not on your machine then on systems of someone you've given it to be it bank, phone provider, online shop or even HMRC.
So, when I recently recently had a request from a solicitor to email some information they needed, including name, address, DOB, etc, and proof of ID including copies of driving licence, birth cert, passport, and utility bills I laughed at the notion of emailing such copies. Hell, no. I'll bring 'em in and they can examine whatever they need, but they're not, under sny circumstances, getting what amounts to an identity thief's wet dream of a theft starter kit by email.
Maybe I am paranoid, but if I'm not extremely careful, it's 100% certain nobody else is going to do it for me.
Which is why, whstever their supposed excuse, MS sneaking around behind user's backs doing this kind of thing is utterly inexcusable and a gross breach of trust.
And you lot wonder why I'm not trusting?
This sort of covert data gathering isn’t new. Index.dat files gathe web browsing behaviour (and other things) and those files can be very persistent. And the have been around since Windows 95.
(\__/)
(='.'=)
(")_(")
Been helped or just 'Like' a post? Use the Thanks button!
My broadband speed - 750 Meganibbles/minute
Unless it's not on windows 10 pro I don't see the file either and I have written input enabled (for when I have my graphics tablet in), the thing is that when it's enabled the VERY first thing I do (actually think it's during install) is disable the bits which send data back to Microsoft (not that I really think they'd do anything nefarious with it but I see no reason for it) which supposedly help 'improve' the way it works etc.
It's literally called Text Harvester, that's fantastic! Someone in the Microsoft dev department went "how can we call a keylogger without actually calling it a keylogger?"..."How about text Harvester?" *cookies all round*.
May as well have called it "Keylogger" and be done with it.
Generic snooping, yes. But I'd say there's a marked qualitative difference between browsing behaviour, and whole blocks of potentially private text data. If index.dat is a baby's stumbling first steps, this sounds more like a cross between an Olympic marathoner and Usain Bolt's speed.
But would disabling telemetry help?
Unless I misread this, it isn't necessarily being "phoned home", but merely recorded locally, without the user's knowledge. The risk is that anyone snooping, either locally or via remote access, could access data that should not have been surreptioudly (and aithout any security) recorded in the first place.
I feel like that is a liberal application of semantics. Sure it doesn't capture all keys but it is still serving the same purpose. With a security hat, this is a keylogger, plain and simple and what is even worse is the contents aren't even encrypted or hashed, it's plaintext.
Last edited by Tabbykatze; 25-09-2018 at 08:20 AM.
(\__/)
(='.'=)
(")_(")
Been helped or just 'Like' a post? Use the Thanks button!
My broadband speed - 750 Meganibbles/minute
There are currently 1 users browsing this thread. (0 members and 1 guests)