08-Aug-2019
Windows sends so-called telemetry data to Microsoft. In a first step, telemetry components in Windows 10, version 1607, 64 bit, German, from the Long-Term Servicing Branch (LTSB) were analyzed. By default, the operating system transfers this data in Windows 10 to the software manufacturer. To this end, it should be known that the BSI examines an ideal-typical variant, which standard functions of Windows 10 Enterprise or Windows 10 Pro do not contain and is hardly used by companies and private users.
Nevertheless, in winter of 2018 the BSI already officially announced: "A prevention of the acquisition and transmission of telemetry data by Windows is technically possible, but for the simple user difficult to implement. In addition, applications installed on the computer, such as Internet Explorer and Microsoft® Office™, have the ability to acquire telemetry data and transmit it to the manufacturer without the operating system's central telemetry service."
„Event Tracing for Windows“
From a user’s perspective, it is theoretically possible to set different levels of detection. Thereby, the lowest setting, "Security", is only accessible for enterprise users. Depending on the level, a different number of "events" is used for data logging. The operating system uses the term "Event Tracing for Windows" here.
However, Windows sends the reports independent of the telemetry setting, as it does not allow restrictions on ETW providers, transferred amount and content of the data. Several times per hour, the telemetry service loads configuration data – thus, independent of the level set by the user, dynamic allocations take place.
If applications such as Microsoft® Office™ or Internet Explorer are used – often already pre-installed on the computer – telemetry data is collected and sent to the manufacturer, even without a central service.
In addition, an extensive collection would have to be carried out after every feature update or cumulative update package to verify the persistence of the deactivations made. In addition, no forecast about future developments can be made.
In its analysis, the BSI has not taken into account that authorities and companies as well as private users continue to rely on Windows 7 and that there has already been an update, which in effect ensures that even under Windows 7 telemetry data is sent. If data economy is a reason, it will become obsolete at the next security update. On January 14, 2020, support for Windows 7 will end. To ensure system security, these users must close a so-called Extended Support Updates (ESU) contract. This price list illustrates costs per client then due.
How users protect themselves – secure Windows 10 and Microsoft® Office ™ usage
R&S®Browser in the Box protects your system against data leakage through telemetry data in Microsoft® Office™ and Windows 10. Because of the Internet intranet separation, the Microsoft services responsible for sending telemetry data no longer reach their counterparts on the Internet, while R&S®Browser in the Box allows the user to continue enjoying unrestricted and secure Internet access for their daily work.
Unlike Windows-side modifications, the R&S®Browser in the Box approach is proactively blocking all telemetry services. Should Microsoft or other suppliers introduce new services, new URLs or the like, sensitive corporate and government data will remain in your own network.
Originally, by order of the BSI, R&S®Browser in the Box was developed specifically for use in federal agencies.
The advantages of R&S®Browser in the Box for terminal protection summarized:
1. At the network level, access to the Internet is separated from the intranet. Memory and kernels are not shared with the rest of the Windows operating system.
2. Users can securely use Windows 10 because they are proactively protected against telemetry data leakage.
3. Due to the strict separation of the Internet on Windows 7 systems, an expensive Extended Support Update contract can be waived depending on the application.
4. R&S®Browser in the Box runs on both Windows 7 and Windows 10, so it can be used any time after migration to Windows 10.