Wednesday, June 5, 2019

Windows 10 Shares Data with Microsoft Insecurely

Apart from the fact Windows 10 (Win10) is sending search data, even though I had disabled Cortana, it's also sending the data to Microsoft using certificates whose authenticity aren't proven.

First, Kaspersky intercepted this traffic going to:
It's obviously owned by Microsoft. Details about its usage are in the Detailed Report below.

There's an additional connection that goes to:
This is also related to Cortana search. (which is disabled)

These are details of the certificate. It's signed by DigiCert to Microsoft CA, then to:

As extra precaution, I have Kaspersky set to use Mozilla's certificate store rather than Microsoft's.  At least I can trust that Mozilla won't inject stuff behind my back.