Windows 8 privacy worry overblown, says Microsoft analyst
- 09 May, 2012 00:11
It sounds like a privacy hole big enough for a truckload of your personal information to be leaked to the world, but experts say a recently disclosed Windows 8 privacy issue is really a non-issue.
Microsoft's Windows 8, which connects its users with networks including Facebook, Flickr, Twitter, LinkedIn, Hotmail, Gmail, Exchange leaves a "lingering cache of automatically collected contacts [that] are stored unencrypted on a Windows 8 client," InfoWorld's Woody Leonhard reports this week.
"[Windows 8] doesn't build its Contacts list dynamically," Leonhard reports. "Instead, it keeps a cache of contacts from all of those sources stored on the machine. The cache persists even when the user logs off or the machine is turned off."
"That means anyone who can sign on to your PC with an administrator account can see all of your contacts and all of their data -- names, email addresses, pictures, telephone numbers, addresses," he writes.
Leonhard said he found out about this from a white paper by George Washington University grad student Amanda C.F. Thomson, at a blog called PropellerHeadForensics. He said while the contact information is "stored away in an appropriately obscure format, the text is in the clear and the pictures can be resurrected fairly easily. Nothing's encrypted."
Michael Cherry, lead analyst, operating systems at the analysis firm Directions on Microsoft, says he has no reason to doubt Thomson's findings. But, he says this is far from a meltdown in Microsoft's decade-long effort to improve its security and privacy.
First and most important, he says, is that this is a beta version of Windows 8 -- a release preview. While it is in wide use, "the point is that this is the kind of thing they are looking for."
"My sense is that Microsoft will take some steps to remedy any issues, but in the area of privacy, the remedy may simply be to tell people that their information is shared among the services," he told CSO Online.
Cherry says it is not just Microsoft, but all Internet services -- from e-mail services to social networking sites -- that are "standing on the dividing line of what people want -- communicating with people about who they are, but at the same time wanting to be aware when they do it."
"Operating systems cache data all the time," Cherry says. "If they had to rebuild all the time, things would run much slower, and you have to remember that in the back of [users'] minds is this impression that Windows is slower than the iPad. People want instant-on."
He also notes that those who use Apple products and have their laptops, iPads and iPods synced are putting that information into iCloud. "If you're living in this world, you're probably doing that with something," he says.
Mark Baldwin, principal researcher and consultant at InfosecStuff, says he doesn't think the risk is any greater with Windows 8 than with Windows 7. While the newer version, "is more tightly integrated with social media, it makes sense to cache that data to improve performance. As the author noted, one must have admin rights to view this data for a user other than yourself."
"And if an unauthorized person has admin rights on your machine, then you have more problems to worry about than your Facebook and email contact information," he says.
Both Cherry and Baldwin say any computer user should be very selective about who has administrator privileges on Windows. "[Administrator privileges] gives you powers that can be very dangerous," Cherry says. "Only somebody very trusted should ever be the administrator, and then only for limited things like maintenance, or to install a new version of something."
Cherry says that he chooses to operate his computer with a "user" account. "The reason is because if I do something stupid, I want it to have limited impact," he says.
If people are really concerned about their contact list, they can "flush all the caches" when they log off. "But it takes time to rebuild them all," Cherry says.
There are encryption tools available for those who desire a greater level of confidentiality, but Cherry says that is not foolproof either. "If you lose the key, it is gone forever. And encryption takes time -- when you create something, it has to be encrypted, and then decrypted."
He believes Microsoft will address this issue, but says that aside from making available tools like encryption and flushing the cache, the best thing is simply to let users know how their information is being shared.
"On many sites, you have to go through many pages and read long documents," Cherry says. "At the end of the day, it's too hard to understand. Part of the fix would be to make it really clear."
Read more about application security in CSOonline's Application Security section.