BayLDA - Windows 10 Investigation Report - Bayern

Bavarian Data Protection

Authority for the Private Sector

Windows 10 Investigation Report

Findings regarding Windows 10 Enterprise Version for data controllers in the private sector (September ¡®17)

Introduction

I.

Preparation and set-up

II.

Investigation March 2017: Win10 Enterprise Version Build 14393

1.

2.

3.

Scenario 1: Disable data flows after OS start

1.1

Settings

1.2

Actions

1.3

Detected data flows

1.4

Review

Scenario 2: Disable data flows after usage of Windows Start Menu

2.1

Settings

2.2

Actions

2.3

Detected data flows

2.4

Review

Scenario 2: Disable further data flows (focus on Smart Screen)

3.1

Settings

3.2

Actions

3.3

Detected data flows

3.4

Review

III. Investigation May 2017: Win10 Enterprise Version after Creators Update Build 15063

1.

2.

3.

Scenario 1: Disable data flows after OS start

1.1

Settings

1.2

Actions

1.3

Detected data flows

1.4

Review

Scenario 2: Disable data flows after usage of Windows Start Menu

2.1

Settings

2.2

Actions

2.3

Detected data flows

2.4

Review

Scenario 2: Disable further data flows (focus on Smart Screen)

3.1

Settings

3.2

Actions

3.3

Detected data flows

3.4

Review

IV. Conclusion

Bayerisches Landesamt f¨¹r Datenschutzaufsicht

Bavarian Data Protection Authority for the Private Sector

Introduction

This report contains information about our approach and current findings concerning the Microsoft Windows 10

Enterprise investigation. We, the Bavarian DPA for the private sector, decided to clarify the question, if the operating system Windows 10 can be used for data controllers in the private sector in a compliant form concerning

data protection regulations.

For this purpose, we prepared a laboratory set-up for a technical analysis in our authority, which enables us to

analyze data flows of any Operating System (OS) or device within our own test set-up in Ansbach, Germany. The

aim of our investigation was to determine whether data flows of the operating system Windows 10 can be disabled by specific privacy settings and system configurations. As versions such as Home and Pro do not offer

enough options to regulate outgoing information traffic, we decided to focus on the Enterprise Version of Windows 10. In our opinion, data controllers require transparency and control over the processing of personal data

that is initiated also through the OS itself ¨C otherwise serious violations against European data protection law

threaten.

We are aware of the fact that already many different ways exist to limit or even prevent such data transmission,

e.g. via the Windows Group Policies, the User Interface (UI), the MDM Policy, the Registry, the Windows Firewall

or even the Command Line of the OS. In this investigation we tried to restrict the relevant data flows preferentially through changes in the Windows Group Policies.

In our approach, a new installation of a Windows 10 Enterprise system was examined for its communication

behavior in predefined use cases in short time intervals. Thus no monitoring took place over a longer period of

time.

After completion of our first investigation in March 2017, a comprehensive update of Windows 10 was offered

by Microsoft ¨C the so-called ¡°Creators Update¡±. According to Microsoft, it has a positive effect on the possibilities for the Privacy Settings. For this reason, we decided to repeat the investigation with this newer version to

the same extent and summarize our findings in a combined report.

Windows 10 Report (September 2017)

Site 2 of 19

Bayerisches Landesamt f¨¹r Datenschutzaufsicht

Bavarian Data Protection Authority for the Private Sector

I. Preparation and set-up

For Investigation in March 2017:

?

Installation of Windows 10 Enterprise Evaluation ¨C Version 1607 Build 14393 (German Version) as Virtual

Machine (Virtual Machine 1) in VMware Workstation Version 12 Pro (Version 12.1.1) on Host System

Ubuntu

?

Running Virtual Machine 1 and installing all available OS updates

?

Installation of a further Virtual Machine with Debian 8.x 64bit and the tool mitmproxy

(Virtual Machine 2) to analyze data traffic of Virtual Machine 1 inside of the laboratory set-up

?

Installation of the mitmproxy-CA-certificate (SSL) in Virtual Machine 1

(to get an insight into encrypted TLS-connections)

?

Saving a snapshot of Virtual Machine 1 as a rollback-point

For Investigation in May 2017:

?

Installation of Windows 10 Enterprise Evaluation ¨C Version 1703 Build 15063 (Creators Update) (English

Version) as Virtual Machine (Virtual Machine 1) in VMware Workstation Version 12 Pro (Version 12.1.1) on

Host System Ubuntu

?

Remaining set-up as before

Windows 10 Report (September 2017)

Site 3 of 19

Bayerisches Landesamt f¨¹r Datenschutzaufsicht

Bavarian Data Protection Authority for the Private Sector

II. Investigation March 2017: Win10 Enterprise Version Build 14393

1. Scenario 1:

Disable data flows after OS start

The settings which we have chosen to prevent OS initiated data flows are listed below. Only the settings

are listed that differ from the default configuration after first OS installation. The policies can be found in

¡°Computer Configuration\Administrative Templates\¡±.

1.1 Settings

#

Directory

Name

Policy Setting Name

Setting

1

Windows Com-

Application Compatibility

Turn off Inventory Collector

enabled

ponents

appcompat.admx

Windows Com-

Application Compatibility

Turn off Application Telemetry

enabled

ponents

appcompat.admx

Windows Com-

Application Compatibility

Turn off Steps Recorder

enabled

ponents

appcompat.admx

4

System

User Profiles

System\User Profiles

enabled

5

Windows Com-

App Package Deployment

Allow a Windows app to share application data

disabled

ponents

appxpackagemanag-

between users

2

3

userprofiles.admx

er.admx

6

7

8

Windows Com-

Cloud Content

ponents

cloudcontent.admx

Windows Com-

Cloud Content

ponents

cloudcontent.admx

Windows Com-

Data Collection and Pre-

ponents

view Builds

Do not show Windows tips

enabled

Turn off Microsoft consumer experiences

enabled

Allow Telemetry

enabled:

0 (Security)

datacollection.admx

9

Windows Com-

Data Collection and Pre-

ponents

view Builds

Do not show feedback notifications

enabled

Disable pre-release features or settings

enabled

Do not sync

enabled

Do not sync app settings

enabled

Do not sync Apps

enabled

Do not sync browser settings

enabled

Do not sync desktop personalization

enabled

Do not sync on metered connections

enabled

Do not sync passwords

enabled

Do not sync personalize

enabled

datacollection.admx

10

Windows Com-

Data Collection and Pre-

ponents

view Builds

datacollection.admx

11

12

13

14

15

16

17

18

Windows Com-

Sync your settings

ponents

settingsync.admx

Windows Com-

Sync your settings

ponents

settingsync.admx

Windows Com-

Sync your settings

ponents

settingsync.admx

Windows Com-

Sync your settings

ponents

settingsync.admx

Windows Com-

Sync your settings

ponents

settingsync.admx

Windows Com-

Sync your settings

ponents

settingsync.admx

Windows Com-

Sync your settings

ponents

settingsync.admx

Windows Com-

Sync your settings

Windows 10 Report (September 2017)

Site 4 of 19

Bayerisches Landesamt f¨¹r Datenschutzaufsicht

19

20

21

ponents

settingsync.admx

Windows Com-

Sync your settings

ponents

settingsync.admx

Windows Com-

Sync your settings

ponents

settingsync.admx

Windows Com-

Windows Defender Antivi-

ponents

rus

Bavarian Data Protection Authority for the Private Sector

Do not sync start settings

enabled

Do not sync other Windows settings

enabled

Turn off Windows Defender Antivirus

enabled

Configure Watson events

disabled

Turn off real-time protection

enabled

Turn on behavior monitoring

disabled

windowsdefender.admx

22

Windows Com-

Endpoint Protection >

ponents

Reporting

windowsdefender.admx

23

Windows Com-

Endpoint Protection >

ponents

Real-time Protection

windowsdefender.admx

24

Windows Com-

Endpoint Protection >

ponents

Real-time Protection

windowsdefender.admx

25

Windows Com-

Endpoint Protection >

Send file samples when further analysis is

enabled:

ponents

MAPS

required

(0x2) Never send

Turn off Windows Error Reporting

enabled

Turn off access to the Store

enabled

Prevent the usage of OneDrive for file storage

enabled

Turn off location

enabled

Turn off Windows Location Provider

enabled

Turn off game updates

enabled

Disable all apps from Windows Store

enabled

Turn off the Store application

enabled

enabled

windowsdefender.admx

26

System

Internet Communication

Management > Internet

Communication settings

icm.admx

27

System

Internet Communication

Management > Internet

Communication settings

icm.admx

28

29

30

Windows Com-

OneDrive

ponents

skydrive.admx

Windows Com-

Location and Sensors

ponents

sensors.admx

Windows Com-

Location and Sensors >

ponents

Windows Location Provider

locationprovideradm.admx

31

32

33

34

35

36

37

38

39

Windows Com-

Game Explorer

ponents

gameexplorer.admx

Windows Com-

Store

ponents

windowsstore.admx

Windows Com-

Store

ponents

windowsstore.admx

Windows Com-

Store

Turn off Automatic Download and Install of

ponents

windowsstore.admx

updates

Windows Com-

Search

Allow Cortana

disabled

ponents

search.admx

Windows Com-

Search

Allow search and Cortana to use location

disabled

ponents

search.admx

Windows Com-

Search

Do not allow web search

enabled

ponents

search.admx

Windows Com-

Search

Don't search the web or display web results in

enabled

ponents

search.admx

Search

Windows Com-

Search

Set what information is shared in Search

Windows 10 Report (September 2017)

enabled:

Site 5 of 19

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download