Microsoft has been allowing surveillance through it's products. Allegedly, Microsoft made a secret agreement to allow surveillance by US government in exchange for USA allowing Microsoft's monopoly tactics to remain unchallenged.[1] Windows crash reports is under surveillance by NSA[2]

NSA KEY[edit | edit source]

_NSAKEY is the oldest known example of suspecting Microsoft to allow surveillance. _NSAKEY is a cryptographic key named after the NSA, and thus suggests that it allows the NSA to access any devices where this key is installed.[3] Microsoft has denied that this key is part of key escrow,[4] which was required by US Government.[5] The key can be edited, and then be used to load self-signed cryptographic security modules.[6]

UEFI Secure Boot[edit | edit source]

TPM UEFI Secure boot (when enabled) limits the choice of operating system to only those signed with a key that must be recognized by the UEFI. Every Windows 8 and 10 device ships with UEFI Secure Boot. This UEFI Secure Boot feature cannot be turned off in Windows 8 RT devices, and manufacturers may choose not to give users an option to turn it off in Windows 10 devices.[7] The Free Software Foundation labels this feature as UEFI "Restricted Boot",[8] since any operating system has to be signed (approved) by Microsoft before it can run on such devices.[9][10] Hispalinux, led by lawyer José María Lancho, filed a complaint with the European Commission against Microsoft for this anti-competitive behavior:[11]

Microsoft, as the sole owner of the private key, which matches up with the public key held in the memory of computers running Windows 8, is the only party that can authorise (sign) the software components in UEFI, the only party that can sign the boot of the operating system, and the only party that can sign the communications between the operating system and UEFI.

Due to bugs in the Intel UEFI, and Microsoft's implementation of those bugs in Secure Boot, it is possible to fully monitor the device from within the OS, and crash the system as desired.[12] Secure boot's alledged surveillance backdoors[13] can be used as vulnerabilities:[14]

Windows 8 has introduced an API that allows accessing this UEFI interface from a privileged userland process. Vulnerabilities in this interface can potentially allow a privileged userland process to escalate its privileges from ring 3 all the way up to that of the platform firmware, which attains permanent control of the very-powerful System Management Mode.

Windows 10[edit | edit source]

Windows 10 is considered spyware[15][16] by most privacy and open source enthusiasts.[17] Windows 10 (installation file) sneaks into your computer,[18] (after installation) uploads your private & confidential data to Microsoft and site,[19] and uploads itself to other devices,[20] all without your explicit permission or knowledge. Microsoft collects information through email clients, Internet Browsers, Skype, and a key logger on Windows 10.[21] Windows 10 reports back to Microsoft and external sites,[19] regardless of user choice.[22] Modifying the Windows Registry can disable this communication to Microsoft, and applications are being developed by third parties to make this registry change easier.[23]

Windows 10 reports back to Microsoft and site,[19]

I don’t want a back door... I want a front door.

Michael S. Rogers (NSA Boss)[24])

Windows 10 forced updates is a front door for govt malware and spying.

developer of GNU Telephony[25])

Some have even criticized Windows 10 as 'Big Brother (Nineteen Eighty-Four)':[26][27]

Windows 10 is watching - and logging and sharing - everything users do... and we mean everything.

Torrent trackers have started banning Windows 10[28] citing the following Microsoft policy,[29] through a YouTube Video.[30]

we(Microsoft) will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to: 1.comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies; 2.protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or serious injury of anyone; 3.operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or 4.protect the rights or property of Microsoft, including enforcing the terms governing the use of the services – however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Microsoft, we will not inspect a customer’s private content ourselves, but we may refer the matter to law enforcement.

This specific policy is now available in Microsoft mobile privacy policy,[31] which may apply to Windows Tablet, 2-in-1, MiniPC, HDMI Dongle, etc.

After the release of Windows 10, there are now multiple (optional) updates to Windows 7, 8, and 8.1,[32] to backport Windows 10's mandatory regular[33] reporting of telemetry data[34][35]

NSA Prism & Online tracking[edit | edit source]

Microsoft has denied all spying allegations,[36] including working together with NSA/CSS, for the PRISM (surveillance program) which was leaked by Edward Snowden.[37]

We(Microsoft) provide customer data only when we receive a legally binding order or subpoena to do so, and never on a voluntary basis. In addition we only ever comply with orders for requests about specific accounts or identifiers. If the government has a broader voluntary national security program to gather customer data we don’t participate in it.

But, in line with PRISM, Microsoft's cloud software, like Hotmail,, Skydrive(OneDrive) and Skype are under surveillance by the NSA.[38] In the case of, Microsoft reportedly worked with the FBI[39] to help NSA get around Microsoft's own data-scrambling scheme, or as Microsoft has put it, "legal obligations" forced its hands.[40]

Skype surveillance seems to have started long before Microsoft bought Skype,[41] and now Microsoft's implementation of its Patent on VoIP snooping[42] may have made it easier.[43][44]

Microsoft apparently indirectly informs the NSA of bugs in all Microsoft software before fixing them,[45] and this information about 0-day backdoors gets forwarded to Private contractors working with the Government.[46]

Windows crash reports are reported to have been intercepted by NSA,[2] enabling the NSA to gain "passive access" to a machine without the user's or Microsoft's knowledge.

After PRISM disclosures Caspar Bowden, a former Microsoft chief privacy adviser, criticized PRISM, stating he had suspected the existence of the project during his time at Microsoft, although he had not known it by name. He also said "I don’t trust Microsoft now",[47] and advocated the use of open source software where the source code can be examined.[48]

Microsoft´s excuse for all this surveillance is that now you can spy on your children[49] Even if you believe Microsoft, the next question is would you hire a stalker to spy on your children (for free) ?

References[edit | edit source]

  1. Free Yourself from Microsoft and the NSA by David Spring, ASIN: B00FDXSAS8
  2. 2.0 2.1 Windows error messages let NSA spy on people: Crash reports are a 'neat way' of gaining access to machines
  3. Windows 'back door' security alert
  4. Gates, Gerstner helped NSA snoop –US Congressman
  5. Evolution of US Government restrictions on using and exporting Encryption Technologies
  6. How NSA access was built into Windows
  7. Microsoft tightens Windows 10's Secure Boot screws: Where does that leave Linux?
  8. Support the FSF: Help us stop Restricted Boot
  9. How to Boot and Install Linux on a UEFI PC With Secure Boot
  10. Microsoft to stop Linux, older Windows, from running on Windows 8 PCs
  11. Lawyer hopeful of success with secure boot complaint
  12. Windows 8 and Intel UEFI: the NSA front door
  13. Hacking Team's malware uses UEFI rootkit to survive OS reinstalls
  14. Presentation: Extreme Privilege Escalation On Windows 8/UEFI Systems
  15. Windows 10 is Spyware
  16. Windows 10 is possibly the worst spyware ever made
  17. The FSF's statement on Windows 10
  18. Microsoft is forcing Windows 10 on users’ machines without consent
  19. 19.0 19.1 19.2 A Traffic Analysis of Windows 10
  20. How to stop Windows 10 from using your PC's bandwidth to update strangers' systems
  21. Windows 10 spies on emails, images, credit cards, more
  22. Even when told not to, Windows 10 just can’t stop talking to Microsoft
  23. Comparison of Windows 10 Privacy tools
  24. As encryption spreads, U.S. grapples with clash between privacy, security
  25. Vista 10 (Windows 10) Has NSA Back Doors and Front Doors
  26. The Surveillance State Goes Mainstream: Windows 10 Is Watching (& Logging) Everything
  27. Using Windows 10? Microsoft Is Watching
  28. Microsoft Wants to Block Pirated Content? Pirate Sites Ban Windows 10 Instead
  29. Windows 10 is spying on almost everything you do – here’s how to opt out
  30. YouTube Video: Windows 10 is a Tool to Spy on Everything You Do
  31. Microsoft Mobile Devices Privacy policy
  32. New Windows 7/8/8.1 updates spy on you just like Windows 10
  33. KB 2952664 triggers daily telemetry run in Windows 7 -- and may be snooping on users
  34. Microsoft Increases Secrecy; Expands Spyware to Windows 7 and 8
  35. A Traffic Analysis of Windows 10
  36. Microsoft denies Windows spy-hole allegations
  37. US, British intelligence mining data from nine US Internet companies in broad secret program
  38. NSA's access to Microsoft's services detailed
  39. Snowden leak: Microsoft added backdoor for Feds
  40. Statement from Microsoft about response to government demands for customer data
  41. Project Chess spied on you long before Microsoft acquired Skype
  42. US Patent 20110153809
  43. Will Microsoft's Changes To The Architecture Of Skype Make It Easier To Snoop?
  44. NSA leaks hint Microsoft may have lied about Skype security
  45. How Can Any Company Ever Trust Microsoft Again?
  46. U.S. Agencies Said to Swap Data With Thousands of Firms
  47. Ex-Microsoft privacy adviser: I don't trust company
  48. Outspoken privacy campaigner Caspar Bowden dies after battle with cancer
  49. Windows 10 automatically sends parents detailed dossier of their children's internet history and computer use

External Links[edit | edit source]

Community content is available under CC-BY-SA unless otherwise noted.