Those of you who still use windows for one reason or more, where do you draw the line about the shitty things microsoft is doing? By drawing the line I mean using some other operating system no matter how bothersome it might be.
Not judging or anything, i’m just curious where the general mindset is about it.
So, it’s easy to point fingers at a scary sounding sub-system and scream, but has anyone done any true analysis of what the feature actually does?
There’s plenty of ways to check this shit. Just off the top of my head, checking the files it accesses using process explorer would be a start. Should be pretty obvious if one of them grows with keystrokes.
Those are some pretty damn big claims for “trust me bro”.
It used to be that with shit like this you could actually find stuff like “Hey, I’ve analyzed network traffic from the PC, and can confirm that once an hour it’s sending encrypted data to a server in Redmond that matches the size of the image thumbnails generated by Explorer in the last hour. If Explorer hasn’t generated thumbnails in that time, no data is sent.” with receipts when someone claimed that MS was collecting everyone’s image thumbnails.
Now it’s just Microsoft bad! Trust me bro!
Regardless of validity though, it concerns me that people use their computers without taking 30 minutes to go through the settings and shut off shit they don’t want.
Whether the implementation of this is a true keylogger or not, I get no benefit out of Microsoft analyzing my typing, and I’m not using any sort of touch screen or stylus so handwriting analysis is a waste too.
I disabled it within the first hour post-install.
There’s this search engine called Google and it magically returns lists of technical articles from sources who have done exactly that.
Microsoft’s keylogging started with a Windows 7 update and has been well documented for over a decade, but I’m sure you can find something more to your liking from a Youtube paid shill who will tell you how great Microsoft is.
Cool it with the attitude. If it’s so easy to find this evidence, you could have posted links yourself to it instead of whatever the hell you think this is. Public shaming?
There’s plenty of easily proven reasons to hate Microsoft without pulling stuff out of our collective asses. Like the collection of image thumbnails I already mentioned, which as I said was confirmed (as much as analyzing SSL encrypted web traffic can be without breaking the encryption) by traffic analysis.
I have a decade of experience doing tech work in Windows environments. More than half of that time now in systems administration and infrastructure “engineering”. I’m better versed in Microsoft’s bullshit than the average bear, and I’m definitely not trying to argue they’re great.
Proof of this sort of thing can make a career in infosec, so I don’t have any issues believing that people have been digging deep for any evidence of this. If direct evidence is out there, you’re right that it shouldn’t be hard to find.
Did my research, I'm not finding the hard evidence.
That said, all I’m finding are unsourced insistences that it exists, and that those particular settings to disable it. I’ve done writeups before on Wi-fi security citing white papers and thesis research. Usually I have no issues finding the hard evidence, even the crazy cryptographic math fomulae behind certain cryptography related security issues.
For this though? From what I can find, there’s no direct evidence this is a keylogger in the traditional “stealing your data” sense. There’s no evidence of the typing data being stored on disk or transmitted back to “home base”.
I’m also finding plenty of conversations in information security communities online (and a few news articles) saying what I’ve already said here. It seems to be clickbait headlines that have turned into an urban myth of sorts.
What I’ve found in regards to it not being a keylogger (in so far as you can attempt to prove a negative):
The best evidence in favor of the keylogger are discussions about keylogging in the Windows 10 Preview builds, which Microsoft was explicitly open and direct about. But even this is somewhat suspect, and there’s no evidence even close to what was found in the preview builds that this is occurring in the prod releases.
There’s also a mountain of articles like this one that again, point to the written privacy policy and settings like they’re definitive evidence, but again I’m finding no WireShark analysis, no testing through multiple VMs or a control install and an install with tons of keyboard input, no actual testing and results, no snippets of code from any of the source code leaks in the last decade. No hard proof.
So now I’ve danced to your tune. I’ve “done my research”.
If this is so damn obvious, please for the love of all that is holy just link me the damn receipts. I promise I can handle whatever hacker writeups, white-papers, etc that you could throw at me. I want to see them. Please don’t blueball me.
I posted about a long known Microsoft practice with a link to one of dozens of 3rd party articles about that practice. You objected to the very idea Microsoft would do something like this, and without doing the slightest bit of research (or apparently even clicking the link) responded, “Now it’s just Microsoft bad! Trust me bro!”
You fucking “cool it with the attitude.”
BTW - I’d have no problem providing links for something difficult to research, but this isn’t much more difficult than asking Google the time. You are evidentially capable of typing, so “for the love of all that is holy” open a new tab and ask Google yourself.
I read your link, and you need to retake basic literacy if you believe that satisfies any sort of proof. All it says is “Microsoft totally has a keylogger, this setting disables it.” It does not show any evidence of the claim. It does not link to evidence of that claim.
No one’s arguing that they aren’t gathering typing data. I’m arguing that it isn’t a full-on keylogger siphoning passwords.
Please stop fighting a strawman. I’ve not said anything good about Microsoft here. I’ll insist again that I’m more familiar with their rot than most, given my career.
I did Google, with multiple search terms. Check my last post again. There’s a spoiler with plenty under it. It’s the line in a section all it’s own that says “Did my research, I’m not finding the hard evidence.” Tap to expand the multiple paragraphs not only summarizing my findings but also linking specific examples. If you have some specific issue with what I found, let’s hear it.
I’ll state it again and clearly: Everyone should turn off the feature. But hundreds of sites copy pasting the same article, the headline claiming it’s a keylogger, the same instructions to disable predictive text data collection, and nothing else is not evidence. It’s copy paste tech support slop.
If sites claiming things about how Windows worked were reliable, or repetition meant reality, “sfc /scannow” wouldn’t be a meme in the sysadmin world. 90% of the time it doesn’t help. It’s a specific tool for fixing issues caused by corruption to the OS files, not the cure all it’s touted to be by many sources.
So show me some network traffic analysis. Show me a whitepaper. Show me a security reseacher’s write up. Show me process explorer screenshots showing the file lock for the file where the data is stored. Show me someone testing two default Windows installs in VMs, one with keystrokes entered and one without, and the clear difference in network traffic, file activity, anything.
Anything more than simply saying “trust me bro”.
Because headlines can’t be wrong right? The CrowdStrike outage was totally an issue with Microsoft Update, as originally reported far and wide, and not an issue with an update to CrowdStrike software running at kernel level that mirrored the same issue they caused in Linux deployments a few months earlier. People still don’t get that wrong, not at all.
Look. The ball’s in your court. Again, if it’s so easy, prove it. Stop wasting effort trying to rub my nose in it like I’m a bad dog, and just prove I’m wrong.
My research doesn’t show what you insist is so evident it doesn’t need to be sourced. If it’s as you say, spoonfeed me. Prove it. It’ll be faster, and I’ll gladly edit all my previous comments here to say whatever disparaging thing about myself you desire.
Crow is delicious and I look forward to eating it.
Come. On.
Edit: I’m not normally the kind of person to look up who up/downvoted me, but I spent the better part of an hour trying to find evidence in support of this guy’s claim. Apparently it’s easier to downvote than prove me wrong in such a simple way that they claimed I couldn’t have done a google search or I would have found it.
So let’s fucking go. I’ll extend this “bet” to anyone.
Show me evidence that Microsoft is capturing all (or most) keystrokes, specifically including passwords entered across multiple programs, through the setting for predicitve text and handwriting analysis which can be switched off through the settings menu, it is happening on live/prod/general use releases of Windows, not preview builds, and it does not rely on unlikely edge cases like a user somehow accidentally running Calculator with a debugger attached to the process and then typing passwords into Calculator.
Note: Being able to hijack the service and exploit speculative execution shit like spectre to access other areas in memory doesn’t count. This has to be inteded behavior.
If you can prove that for Windows 7, 10, or 11, I will do just about anything you want as a punishment. Want me to speedrun getting banned across the fediverse? Want me to make a video smearing peanut butter on my junk while singing your praises?
No doxxing myself, no physical harm, permanent body modifications, nothing that would get the cops called, make me ill, or jeapordize my job. Monetary cost can’t be over $20. Thinking more like I’d write that you were right on my ass, make it my profile picture here, and edit every comment I made on here (over 4000 at time of writing) to add praises for you and to point to my shame. That sort of thing.
If you can get the instance admins in on it, I’d fully accept old 4chan rules of deliver or suffer permaban.
Just to cover my ass for Microsoft doing something dumb as hell with Recall, that doesn’t count (see specifications about it having to be connected to this predictive text/handwriting thing), and this offer is only valid for the year of 2026.