Does Windows 10's telemetry include sending *.doc files if Word crashed?What are the privacy and security...
Find the number of ways to express 1050 as sum of consecutive integers
How would an AI self awareness kill switch work?
Why do neural networks need so many training examples to perform?
Word to be used for "standing with your toes pointing out"
Am I a Rude Number?
How to properly claim credit for peer review?
Called into a meeting and told we are being made redundant (laid off) and "not to share outside". Can I tell my partner?
Do commercial flights continue with an engine out?
Auto Insert date into Notepad
What's the rationale behind the objections to these measures against human trafficking?
What do you call a fact that doesn't match the settings?
Connecting top and bottom of adjacent circles
Finishing chicken thighs under broiler
Can a person refuse a presidential pardon?
I am on the US no-fly list. What can I do in order to be allowed on flights which go through US airspace?
What does "keynote company" mean?
Making an empty box next to text
Meaning of ご休憩一時間コース
Vacuum of space
What is better: yes / no radio, or simple checkbox?
ip vs ifconfig commands pros and cons
What kind of hardware implements Fourier transform?
Do authors have to be politically correct in article-writing?
Quenching swords in dragon blood; why?
Does Windows 10's telemetry include sending *.doc files if Word crashed?
What are the privacy and security implications of Windows TelemetryDoes Windows 10 leak information about your IP address?LastPass Secure Notes Leak? - Is Spell Check and Typing Telemetry of LP Secure Notes a Significant Leak in Windows 10 Edge ExtensionWhere does Windows 10 save Keyboard input?Blocking Windows 10 telemetry destinations with Windows FirewallHow can I prevent all Windows 10 Telemetry?Stopping, editing, then sending packets in Windows 10Does Windows Subsystem for Linux provide additional security (VM-like isolation) over running native Windows programs?Does Windows Update modify Hosts file?How does Windows knows a particular software is an AV?
I'm reading through the extensive description on which data is acquired by Microsoft's telemetry 1 including the following paragraph:
User generated files -- files that are indicated as a potential cause for a crash or hang. For example, .doc, .ppt, .csv files
I was wondering whether Microsoft actually gathers data from a Word document, in case word crashes (hope on being wrong on this one).
Is Microsoft getting the 'whole' file, only a paragraph or am I misreading that part of the documentation?
data-leakage windows-10
edited 2 days ago
Peter Mortensen
69849
asked 2 days ago
VoodooCodeVoodooCode
458126
New contributor
VoodooCode is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I'm reading through the extensive description on which data is acquired by Microsoft's telemetry 1 including the following paragraph:
User generated files -- files that are indicated as a potential cause for a crash or hang. For example, .doc, .ppt, .csv files
I was wondering whether Microsoft actually gathers data from a Word document, in case word crashes (hope on being wrong on this one).
Is Microsoft getting the 'whole' file, only a paragraph or am I misreading that part of the documentation?
data-leakage windows-10
edited 2 days ago
Peter Mortensen
69849
asked 2 days ago
VoodooCodeVoodooCode
458126
New contributor
VoodooCode is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
3
I don't think .doc files are very common these days. Isn't it a 1990s thing? (.docx today?)
– Peter Mortensen
2 days ago
8
Note that this document is specific to what may be gathered for full-level diagnostic data. If you've set your diagnostic data level to basic, this data is not subject to being gathered by telemetry. docs.microsoft.com/en-us/windows/privacy/…
– Xander
2 days ago
2
Do not forget about malware scanners, they normally explicitely ask to transfer suspicious content if cloud scanning/intelligence is activated.
– eckes
yesterday
add a comment |
I'm reading through the extensive description on which data is acquired by Microsoft's telemetry 1 including the following paragraph:
User generated files -- files that are indicated as a potential cause for a crash or hang. For example, .doc, .ppt, .csv files
I was wondering whether Microsoft actually gathers data from a Word document, in case word crashes (hope on being wrong on this one).
Is Microsoft getting the 'whole' file, only a paragraph or am I misreading that part of the documentation?
data-leakage windows-10
edited 2 days ago
Peter Mortensen
69849
asked 2 days ago
VoodooCodeVoodooCode
458126
New contributor
VoodooCode is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I'm reading through the extensive description on which data is acquired by Microsoft's telemetry 1 including the following paragraph:
User generated files -- files that are indicated as a potential cause for a crash or hang. For example, .doc, .ppt, .csv files
I was wondering whether Microsoft actually gathers data from a Word document, in case word crashes (hope on being wrong on this one).
Is Microsoft getting the 'whole' file, only a paragraph or am I misreading that part of the documentation?
data-leakage windows-10
data-leakage windows-10
edited 2 days ago
Peter Mortensen
69849
asked 2 days ago
VoodooCodeVoodooCode
458126
New contributor
VoodooCode is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 2 days ago
Peter Mortensen
69849
asked 2 days ago
VoodooCodeVoodooCode
458126
New contributor
VoodooCode is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 2 days ago
Peter Mortensen
69849
edited 2 days ago
Peter Mortensen
69849
edited 2 days ago
Peter Mortensen
69849
69849
asked 2 days ago
VoodooCodeVoodooCode
458126
New contributor
VoodooCode is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 2 days ago
VoodooCodeVoodooCode
458126
asked 2 days ago
VoodooCodeVoodooCode
458126
458126
New contributor
VoodooCode is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
VoodooCode is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
VoodooCode is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
3
I don't think .doc files are very common these days. Isn't it a 1990s thing? (.docx today?)
– Peter Mortensen
2 days ago
8
Note that this document is specific to what may be gathered for full-level diagnostic data. If you've set your diagnostic data level to basic, this data is not subject to being gathered by telemetry. docs.microsoft.com/en-us/windows/privacy/…
– Xander
2 days ago
2
Do not forget about malware scanners, they normally explicitely ask to transfer suspicious content if cloud scanning/intelligence is activated.
– eckes
yesterday
add a comment |
3
I don't think .doc files are very common these days. Isn't it a 1990s thing? (.docx today?)
– Peter Mortensen
2 days ago
8
Note that this document is specific to what may be gathered for full-level diagnostic data. If you've set your diagnostic data level to basic, this data is not subject to being gathered by telemetry. docs.microsoft.com/en-us/windows/privacy/…
– Xander
2 days ago
2
Do not forget about malware scanners, they normally explicitely ask to transfer suspicious content if cloud scanning/intelligence is activated.
– eckes
yesterday
3
3
I don't think .doc files are very common these days. Isn't it a 1990s thing? (.docx today?)
– Peter Mortensen
2 days ago
I don't think .doc files are very common these days. Isn't it a 1990s thing? (.docx today?)
– Peter Mortensen
2 days ago
8
8
Note that this document is specific to what may be gathered for full-level diagnostic data. If you've set your diagnostic data level to basic, this data is not subject to being gathered by telemetry. docs.microsoft.com/en-us/windows/privacy/…
– Xander
2 days ago
Note that this document is specific to what may be gathered for full-level diagnostic data. If you've set your diagnostic data level to basic, this data is not subject to being gathered by telemetry. docs.microsoft.com/en-us/windows/privacy/…
– Xander
2 days ago
2
2
Do not forget about malware scanners, they normally explicitely ask to transfer suspicious content if cloud scanning/intelligence is activated.
– eckes
yesterday
Do not forget about malware scanners, they normally explicitely ask to transfer suspicious content if cloud scanning/intelligence is activated.
– eckes
yesterday
add a comment |
2 Answers
2
active
oldest
votes
Here is what they spy on, finally officially admitted after being proved again and again by different independent sources. That should make a pretty good idea on what actually is transmitted.
To actually see what's being reported you can give yourself permissions for
%ProgramData%MicrosoftDiagnosis directory and look what's in there, but the file are encrypted which is a very suspicious thing.
What you can look at in the newer version is the Diagnostic Data Viewer. But that does NOT guarantee or prove that there is documents privacy in any way.
At this point my guess is that they will transmit parts of files that generated crashes, or if they consider proper to do so and definitely can transmit any type of document via the encrypted content in Diagnosis and https as the transmission way.
Their EULA states:
Finally, we will access, disclose and preserve personal data,
including your content (such as the content of your emails, other
private communications or files in private folders), when we have a
good faith belief that doing so is necessary to: comply with
applicable law or respond to valid legal process, including from law
enforcement or other government agencies;
2. protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or
serious injury of anyone; 3. operate and maintain the security of our
services, including to prevent or stop an attack on our computer
systems or networks; or
4. protect the rights or property of Microsoft, including enforcing the terms governing the use of the services - however, if we receive
information indicating that someone is using our services to traffic
in stolen intellectual or physical property of Microsoft, we will not
inspect a customer's private content ourselves, but we may refer the
matter to law enforcement.
Conclusion: they can and will do it at will.
edited 2 days ago
Esa Jokinen
2,008613
answered 2 days ago
OvermindOvermind
4,290717
15
While the answer is actually "yes, they could" the EULA snippet you cited has nothing to do with that. To investigate a crash has NOTHING to do with 1,4. Also note that crash data is an opt-in while for points mentioned in EULA you basically give them the rights to do what they want but only in those very specific circumstances (that "...at will" is incredibly misleading, IMHO).
– Adriano Repetti
2 days ago
7
Is it a serious question? Because it'd be a HUGE law infringement, and - on the contrary of cloud services - they distribute the evidence (virtually anyone can inspect the decompiled source code). Given that MS is not an anonymous developer hidden somewhere in world...there are MUCH more chances that any on-line service is misusing your data (oh well, they actually tell you that they do then...) or just some obscure desktop (or mobile...) app...
– Adriano Repetti
2 days ago
33
the file[s] are encrypted which is a very suspicious thing.Why? They're copies of documents you already own and control, and the OS can already read them and extract diagnostic (and personal) data if they so choose. It makes perfect sense to encrypt private data before sending it over the internet. The fact that they're sending it is suspicious, but not the encryption.
– brichins
2 days ago
8
@DavidSchwartz Encrypting it at rest is useful if the user deletes the original file, in which case they wouldn't expect to have a readable copy of it sitting on their disk still.
– Chris Hayes
yesterday
8
@DavidSchwartz Encryption at rest is nearly always a good thing, especially (as in this case) if the contents are a) unknown but potentially sensitive and b) not intended for user consumption or immediate use. As Chris pointed out, the user has reason to expect that if they delete something, it's gone - not duplicated out of sight. Also, diagnostic info should be kept around even (perhaps especially) if the source data has been removed.
– brichins
yesterday
|
show 11 more comments
Memory dumps often have document contents
It's worth noting that if you're sending a memory dump of a crashed application at the moment of its crash (which is a reasonable way of analyzing crashes) then that memory dump is very likely to include the contents of whatever document(s) were opened in that app at the time. So if you're "just" sending app crash debug information, then that by necessity means that sometimes you're also sending confidential user documents in it.
answered yesterday
PeterisPeteris
6,11811826
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "162"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
VoodooCode is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f204530%2fdoes-windows-10s-telemetry-include-sending-doc-files-if-word-crashed%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Here is what they spy on, finally officially admitted after being proved again and again by different independent sources. That should make a pretty good idea on what actually is transmitted.
To actually see what's being reported you can give yourself permissions for
%ProgramData%MicrosoftDiagnosis directory and look what's in there, but the file are encrypted which is a very suspicious thing.
What you can look at in the newer version is the Diagnostic Data Viewer. But that does NOT guarantee or prove that there is documents privacy in any way.
At this point my guess is that they will transmit parts of files that generated crashes, or if they consider proper to do so and definitely can transmit any type of document via the encrypted content in Diagnosis and https as the transmission way.
Their EULA states:
Finally, we will access, disclose and preserve personal data,
including your content (such as the content of your emails, other
private communications or files in private folders), when we have a
good faith belief that doing so is necessary to: comply with
applicable law or respond to valid legal process, including from law
enforcement or other government agencies;
2. protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or
serious injury of anyone; 3. operate and maintain the security of our
services, including to prevent or stop an attack on our computer
systems or networks; or
4. protect the rights or property of Microsoft, including enforcing the terms governing the use of the services - however, if we receive
information indicating that someone is using our services to traffic
in stolen intellectual or physical property of Microsoft, we will not
inspect a customer's private content ourselves, but we may refer the
matter to law enforcement.
Conclusion: they can and will do it at will.
edited 2 days ago
Esa Jokinen
2,008613
answered 2 days ago
OvermindOvermind
4,290717
15
While the answer is actually "yes, they could" the EULA snippet you cited has nothing to do with that. To investigate a crash has NOTHING to do with 1,4. Also note that crash data is an opt-in while for points mentioned in EULA you basically give them the rights to do what they want but only in those very specific circumstances (that "...at will" is incredibly misleading, IMHO).
– Adriano Repetti
2 days ago
7
Is it a serious question? Because it'd be a HUGE law infringement, and - on the contrary of cloud services - they distribute the evidence (virtually anyone can inspect the decompiled source code). Given that MS is not an anonymous developer hidden somewhere in world...there are MUCH more chances that any on-line service is misusing your data (oh well, they actually tell you that they do then...) or just some obscure desktop (or mobile...) app...
– Adriano Repetti
2 days ago
33
the file[s] are encrypted which is a very suspicious thing.Why? They're copies of documents you already own and control, and the OS can already read them and extract diagnostic (and personal) data if they so choose. It makes perfect sense to encrypt private data before sending it over the internet. The fact that they're sending it is suspicious, but not the encryption.
– brichins
2 days ago
8
@DavidSchwartz Encrypting it at rest is useful if the user deletes the original file, in which case they wouldn't expect to have a readable copy of it sitting on their disk still.
– Chris Hayes
yesterday
8
@DavidSchwartz Encryption at rest is nearly always a good thing, especially (as in this case) if the contents are a) unknown but potentially sensitive and b) not intended for user consumption or immediate use. As Chris pointed out, the user has reason to expect that if they delete something, it's gone - not duplicated out of sight. Also, diagnostic info should be kept around even (perhaps especially) if the source data has been removed.
– brichins
yesterday
|
show 11 more comments
Here is what they spy on, finally officially admitted after being proved again and again by different independent sources. That should make a pretty good idea on what actually is transmitted.
To actually see what's being reported you can give yourself permissions for
%ProgramData%MicrosoftDiagnosis directory and look what's in there, but the file are encrypted which is a very suspicious thing.
What you can look at in the newer version is the Diagnostic Data Viewer. But that does NOT guarantee or prove that there is documents privacy in any way.
At this point my guess is that they will transmit parts of files that generated crashes, or if they consider proper to do so and definitely can transmit any type of document via the encrypted content in Diagnosis and https as the transmission way.
Their EULA states:
Finally, we will access, disclose and preserve personal data,
including your content (such as the content of your emails, other
private communications or files in private folders), when we have a
good faith belief that doing so is necessary to: comply with
applicable law or respond to valid legal process, including from law
enforcement or other government agencies;
2. protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or
serious injury of anyone; 3. operate and maintain the security of our
services, including to prevent or stop an attack on our computer
systems or networks; or
4. protect the rights or property of Microsoft, including enforcing the terms governing the use of the services - however, if we receive
information indicating that someone is using our services to traffic
in stolen intellectual or physical property of Microsoft, we will not
inspect a customer's private content ourselves, but we may refer the
matter to law enforcement.
Conclusion: they can and will do it at will.
edited 2 days ago
Esa Jokinen
2,008613
answered 2 days ago
OvermindOvermind
4,290717
15
While the answer is actually "yes, they could" the EULA snippet you cited has nothing to do with that. To investigate a crash has NOTHING to do with 1,4. Also note that crash data is an opt-in while for points mentioned in EULA you basically give them the rights to do what they want but only in those very specific circumstances (that "...at will" is incredibly misleading, IMHO).
– Adriano Repetti
2 days ago
7
Is it a serious question? Because it'd be a HUGE law infringement, and - on the contrary of cloud services - they distribute the evidence (virtually anyone can inspect the decompiled source code). Given that MS is not an anonymous developer hidden somewhere in world...there are MUCH more chances that any on-line service is misusing your data (oh well, they actually tell you that they do then...) or just some obscure desktop (or mobile...) app...
– Adriano Repetti
2 days ago
33
the file[s] are encrypted which is a very suspicious thing.Why? They're copies of documents you already own and control, and the OS can already read them and extract diagnostic (and personal) data if they so choose. It makes perfect sense to encrypt private data before sending it over the internet. The fact that they're sending it is suspicious, but not the encryption.
– brichins
2 days ago
8
@DavidSchwartz Encrypting it at rest is useful if the user deletes the original file, in which case they wouldn't expect to have a readable copy of it sitting on their disk still.
– Chris Hayes
yesterday
8
@DavidSchwartz Encryption at rest is nearly always a good thing, especially (as in this case) if the contents are a) unknown but potentially sensitive and b) not intended for user consumption or immediate use. As Chris pointed out, the user has reason to expect that if they delete something, it's gone - not duplicated out of sight. Also, diagnostic info should be kept around even (perhaps especially) if the source data has been removed.
– brichins
yesterday
|
show 11 more comments
Here is what they spy on, finally officially admitted after being proved again and again by different independent sources. That should make a pretty good idea on what actually is transmitted.
To actually see what's being reported you can give yourself permissions for
%ProgramData%MicrosoftDiagnosis directory and look what's in there, but the file are encrypted which is a very suspicious thing.
What you can look at in the newer version is the Diagnostic Data Viewer. But that does NOT guarantee or prove that there is documents privacy in any way.
At this point my guess is that they will transmit parts of files that generated crashes, or if they consider proper to do so and definitely can transmit any type of document via the encrypted content in Diagnosis and https as the transmission way.
Their EULA states:
Finally, we will access, disclose and preserve personal data,
including your content (such as the content of your emails, other
private communications or files in private folders), when we have a
good faith belief that doing so is necessary to: comply with
applicable law or respond to valid legal process, including from law
enforcement or other government agencies;
2. protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or
serious injury of anyone; 3. operate and maintain the security of our
services, including to prevent or stop an attack on our computer
systems or networks; or
4. protect the rights or property of Microsoft, including enforcing the terms governing the use of the services - however, if we receive
information indicating that someone is using our services to traffic
in stolen intellectual or physical property of Microsoft, we will not
inspect a customer's private content ourselves, but we may refer the
matter to law enforcement.
Conclusion: they can and will do it at will.
edited 2 days ago
Esa Jokinen
2,008613
answered 2 days ago
OvermindOvermind
4,290717
Here is what they spy on, finally officially admitted after being proved again and again by different independent sources. That should make a pretty good idea on what actually is transmitted.
To actually see what's being reported you can give yourself permissions for
%ProgramData%MicrosoftDiagnosis directory and look what's in there, but the file are encrypted which is a very suspicious thing.
What you can look at in the newer version is the Diagnostic Data Viewer. But that does NOT guarantee or prove that there is documents privacy in any way.
At this point my guess is that they will transmit parts of files that generated crashes, or if they consider proper to do so and definitely can transmit any type of document via the encrypted content in Diagnosis and https as the transmission way.
Their EULA states:
Finally, we will access, disclose and preserve personal data,
including your content (such as the content of your emails, other
private communications or files in private folders), when we have a
good faith belief that doing so is necessary to: comply with
applicable law or respond to valid legal process, including from law
enforcement or other government agencies;
2. protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or
serious injury of anyone; 3. operate and maintain the security of our
services, including to prevent or stop an attack on our computer
systems or networks; or
4. protect the rights or property of Microsoft, including enforcing the terms governing the use of the services - however, if we receive
information indicating that someone is using our services to traffic
in stolen intellectual or physical property of Microsoft, we will not
inspect a customer's private content ourselves, but we may refer the
matter to law enforcement.
Conclusion: they can and will do it at will.
edited 2 days ago
Esa Jokinen
2,008613
answered 2 days ago
OvermindOvermind
4,290717
edited 2 days ago
Esa Jokinen
2,008613
edited 2 days ago
Esa Jokinen
2,008613
edited 2 days ago
Esa Jokinen
2,008613
2,008613
answered 2 days ago
OvermindOvermind
4,290717
answered 2 days ago
OvermindOvermind
4,290717
answered 2 days ago
OvermindOvermind
4,290717
4,290717
15
While the answer is actually "yes, they could" the EULA snippet you cited has nothing to do with that. To investigate a crash has NOTHING to do with 1,4. Also note that crash data is an opt-in while for points mentioned in EULA you basically give them the rights to do what they want but only in those very specific circumstances (that "...at will" is incredibly misleading, IMHO).
– Adriano Repetti
2 days ago
7
Is it a serious question? Because it'd be a HUGE law infringement, and - on the contrary of cloud services - they distribute the evidence (virtually anyone can inspect the decompiled source code). Given that MS is not an anonymous developer hidden somewhere in world...there are MUCH more chances that any on-line service is misusing your data (oh well, they actually tell you that they do then...) or just some obscure desktop (or mobile...) app...
– Adriano Repetti
2 days ago
33
the file[s] are encrypted which is a very suspicious thing.Why? They're copies of documents you already own and control, and the OS can already read them and extract diagnostic (and personal) data if they so choose. It makes perfect sense to encrypt private data before sending it over the internet. The fact that they're sending it is suspicious, but not the encryption.
– brichins
2 days ago
8
@DavidSchwartz Encrypting it at rest is useful if the user deletes the original file, in which case they wouldn't expect to have a readable copy of it sitting on their disk still.
– Chris Hayes
yesterday
8
@DavidSchwartz Encryption at rest is nearly always a good thing, especially (as in this case) if the contents are a) unknown but potentially sensitive and b) not intended for user consumption or immediate use. As Chris pointed out, the user has reason to expect that if they delete something, it's gone - not duplicated out of sight. Also, diagnostic info should be kept around even (perhaps especially) if the source data has been removed.
– brichins
yesterday
|
show 11 more comments
15
While the answer is actually "yes, they could" the EULA snippet you cited has nothing to do with that. To investigate a crash has NOTHING to do with 1,4. Also note that crash data is an opt-in while for points mentioned in EULA you basically give them the rights to do what they want but only in those very specific circumstances (that "...at will" is incredibly misleading, IMHO).
– Adriano Repetti
2 days ago
7
Is it a serious question? Because it'd be a HUGE law infringement, and - on the contrary of cloud services - they distribute the evidence (virtually anyone can inspect the decompiled source code). Given that MS is not an anonymous developer hidden somewhere in world...there are MUCH more chances that any on-line service is misusing your data (oh well, they actually tell you that they do then...) or just some obscure desktop (or mobile...) app...
– Adriano Repetti
2 days ago
33
the file[s] are encrypted which is a very suspicious thing.Why? They're copies of documents you already own and control, and the OS can already read them and extract diagnostic (and personal) data if they so choose. It makes perfect sense to encrypt private data before sending it over the internet. The fact that they're sending it is suspicious, but not the encryption.
– brichins
2 days ago
8
@DavidSchwartz Encrypting it at rest is useful if the user deletes the original file, in which case they wouldn't expect to have a readable copy of it sitting on their disk still.
– Chris Hayes
yesterday
8
@DavidSchwartz Encryption at rest is nearly always a good thing, especially (as in this case) if the contents are a) unknown but potentially sensitive and b) not intended for user consumption or immediate use. As Chris pointed out, the user has reason to expect that if they delete something, it's gone - not duplicated out of sight. Also, diagnostic info should be kept around even (perhaps especially) if the source data has been removed.
– brichins
yesterday
15
15
While the answer is actually "yes, they could" the EULA snippet you cited has nothing to do with that. To investigate a crash has NOTHING to do with 1,4. Also note that crash data is an opt-in while for points mentioned in EULA you basically give them the rights to do what they want but only in those very specific circumstances (that "...at will" is incredibly misleading, IMHO).
– Adriano Repetti
2 days ago
While the answer is actually "yes, they could" the EULA snippet you cited has nothing to do with that. To investigate a crash has NOTHING to do with 1,4. Also note that crash data is an opt-in while for points mentioned in EULA you basically give them the rights to do what they want but only in those very specific circumstances (that "...at will" is incredibly misleading, IMHO).
– Adriano Repetti
2 days ago
7
7
Is it a serious question? Because it'd be a HUGE law infringement, and - on the contrary of cloud services - they distribute the evidence (virtually anyone can inspect the decompiled source code). Given that MS is not an anonymous developer hidden somewhere in world...there are MUCH more chances that any on-line service is misusing your data (oh well, they actually tell you that they do then...) or just some obscure desktop (or mobile...) app...
– Adriano Repetti
2 days ago
Is it a serious question? Because it'd be a HUGE law infringement, and - on the contrary of cloud services - they distribute the evidence (virtually anyone can inspect the decompiled source code). Given that MS is not an anonymous developer hidden somewhere in world...there are MUCH more chances that any on-line service is misusing your data (oh well, they actually tell you that they do then...) or just some obscure desktop (or mobile...) app...
– Adriano Repetti
2 days ago
33
33
the file[s] are encrypted which is a very suspicious thing. Why? They're copies of documents you already own and control, and the OS can already read them and extract diagnostic (and personal) data if they so choose. It makes perfect sense to encrypt private data before sending it over the internet. The fact that they're sending it is suspicious, but not the encryption.– brichins
2 days ago
the file[s] are encrypted which is a very suspicious thing. Why? They're copies of documents you already own and control, and the OS can already read them and extract diagnostic (and personal) data if they so choose. It makes perfect sense to encrypt private data before sending it over the internet. The fact that they're sending it is suspicious, but not the encryption.– brichins
2 days ago
8
8
@DavidSchwartz Encrypting it at rest is useful if the user deletes the original file, in which case they wouldn't expect to have a readable copy of it sitting on their disk still.
– Chris Hayes
yesterday
@DavidSchwartz Encrypting it at rest is useful if the user deletes the original file, in which case they wouldn't expect to have a readable copy of it sitting on their disk still.
– Chris Hayes
yesterday
8
8
@DavidSchwartz Encryption at rest is nearly always a good thing, especially (as in this case) if the contents are a) unknown but potentially sensitive and b) not intended for user consumption or immediate use. As Chris pointed out, the user has reason to expect that if they delete something, it's gone - not duplicated out of sight. Also, diagnostic info should be kept around even (perhaps especially) if the source data has been removed.
– brichins
yesterday
@DavidSchwartz Encryption at rest is nearly always a good thing, especially (as in this case) if the contents are a) unknown but potentially sensitive and b) not intended for user consumption or immediate use. As Chris pointed out, the user has reason to expect that if they delete something, it's gone - not duplicated out of sight. Also, diagnostic info should be kept around even (perhaps especially) if the source data has been removed.
– brichins
yesterday
|
show 11 more comments
Memory dumps often have document contents
It's worth noting that if you're sending a memory dump of a crashed application at the moment of its crash (which is a reasonable way of analyzing crashes) then that memory dump is very likely to include the contents of whatever document(s) were opened in that app at the time. So if you're "just" sending app crash debug information, then that by necessity means that sometimes you're also sending confidential user documents in it.
answered yesterday
PeterisPeteris
6,11811826
add a comment |
Memory dumps often have document contents
It's worth noting that if you're sending a memory dump of a crashed application at the moment of its crash (which is a reasonable way of analyzing crashes) then that memory dump is very likely to include the contents of whatever document(s) were opened in that app at the time. So if you're "just" sending app crash debug information, then that by necessity means that sometimes you're also sending confidential user documents in it.
answered yesterday
PeterisPeteris
6,11811826
add a comment |
Memory dumps often have document contents
It's worth noting that if you're sending a memory dump of a crashed application at the moment of its crash (which is a reasonable way of analyzing crashes) then that memory dump is very likely to include the contents of whatever document(s) were opened in that app at the time. So if you're "just" sending app crash debug information, then that by necessity means that sometimes you're also sending confidential user documents in it.
answered yesterday
PeterisPeteris
6,11811826
Memory dumps often have document contents
It's worth noting that if you're sending a memory dump of a crashed application at the moment of its crash (which is a reasonable way of analyzing crashes) then that memory dump is very likely to include the contents of whatever document(s) were opened in that app at the time. So if you're "just" sending app crash debug information, then that by necessity means that sometimes you're also sending confidential user documents in it.
answered yesterday
PeterisPeteris
6,11811826
edited yesterday
answered yesterday
PeterisPeteris
6,11811826
answered yesterday
PeterisPeteris
6,11811826
answered yesterday
PeterisPeteris
6,11811826
6,11811826
add a comment |
add a comment |
VoodooCode is a new contributor. Be nice, and check out our Code of Conduct.
VoodooCode is a new contributor. Be nice, and check out our Code of Conduct.
VoodooCode is a new contributor. Be nice, and check out our Code of Conduct.
VoodooCode is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Information Security Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f204530%2fdoes-windows-10s-telemetry-include-sending-doc-files-if-word-crashed%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
3
I don't think .doc files are very common these days. Isn't it a 1990s thing? (.docx today?)
– Peter Mortensen
2 days ago
8
Note that this document is specific to what may be gathered for full-level diagnostic data. If you've set your diagnostic data level to basic, this data is not subject to being gathered by telemetry. docs.microsoft.com/en-us/windows/privacy/…
– Xander
2 days ago
2
Do not forget about malware scanners, they normally explicitely ask to transfer suspicious content if cloud scanning/intelligence is activated.
– eckes
yesterday