The security of Windows

The security of Windows

In its SiSyPHuS Win10 study, the Federal Office for Information Security (BSI) has carried out security analyses of safety-critical functions in Windows 10. The aim is to be able to evaluate the security as well as the residual risks when using Microsoft as an operating system and to make recommendations for secure use.

Windows sends so-called telemetry data to Microsoft. In a first step, telemetry components in Windows 10, version 1607, 64 bit, German, from the Long-Term Servicing Branch (LTSB) were analyzed. By default, the operating system transfers this data in Windows 10 to the software manufacturer. To this end, it should be known that the BSI examines an ideal-typical variant, which standard functions of Windows 10 Enterprise or Windows 10 Pro do not contain and is hardly used by companies and private users.

Nevertheless, in winter of 2018 the BSI already officially announced: "A prevention of the acquisition and transmission of telemetry data by Windows is technically possible, but for the simple user difficult to implement. In addition, applications installed on the computer, such as Internet Explorer and Microsoft® Office™, have the ability to acquire telemetry data and transmit it to the manufacturer without the operating system's central telemetry service."

„Event Tracing for Windows“

From a user’s perspective, it is theoretically possible to set different levels of detection. Thereby, the lowest setting, "Security", is only accessible for enterprise users. Depending on the level, a different number of "events" is used for data logging. The operating system uses the term "Event Tracing for Windows" here.

However, Windows sends the reports independent of the telemetry setting, as it does not allow restrictions on ETW providers, transferred amount and content of the data. Several times per hour, the telemetry service loads configuration data – thus, independent of the level set by the user, dynamic allocations take place.

If applications such as Microsoft® Office™ or Internet Explorer are used – often already pre-installed on the computer – telemetry data is collected and sent to the manufacturer, even without a central service.

In addition, an extensive collection would have to be carried out after every feature update or cumulative update package to verify the persistence of the deactivations made. In addition, no forecast about future developments can be made.

In its analysis, the BSI has not taken into account that authorities and companies as well as private users continue to rely on Windows 7 and that there has already been an update, which in effect ensures that even under Windows 7 telemetry data is sent. If data economy is a reason, it will become obsolete at the next security update. On January 14, 2020, support for Windows 7 will end. To ensure system security, these users must close a so-called Extended Support Updates (ESU) contract. This price list illustrates costs per client then due.

How users protect themselves – secure Windows 10 and Microsoft® Office ™ usage

R&S®Browser in the Box protects your system against data leakage through telemetry data in Microsoft® Office™ and Windows 10. Because of the Internet intranet separation, the Microsoft services responsible for sending telemetry data no longer reach their counterparts on the Internet, while R&S®Browser in the Box allows the user to continue enjoying unrestricted and secure Internet access for their daily work.

Unlike Windows-side modifications, the R&S®Browser in the Box approach is proactively blocking all telemetry services. Should Microsoft or other suppliers introduce new services, new URLs or the like, sensitive corporate and government data will remain in your own network.

Originally, by order of the BSI, R&S®Browser in the Box was developed specifically for use in federal agencies.

The advantages of R&S®Browser in the Box for terminal protection summarized:

1. At the network level, access to the Internet is separated from the intranet. Memory and kernels are not shared with the rest of the Windows operating system.

2. Users can securely use Windows 10 because they are proactively protected against telemetry data leakage.

3. Due to the strict separation of the Internet on Windows 7 systems, an expensive Extended Support Update contract can be waived depending on the application.

4. R&S®Browser in the Box runs on both Windows 7 and Windows 10, so it can be used any time after migration to Windows 10.

Request information

Do you have questions or need additional information? Simply fill out this form and we will get right back to you.

Marketing permission

I want to receive information from Rohde & Schwarz via

What does this mean in detail?

I agree that Rohde & Schwarz GmbH & Co. KG and the Rohde & Schwarz entity or subsidiary company mentioned in the imprint of this website, may contact me via the chosen channel (email or postal mail) for marketing and advertising purposes (e.g. information on special offers and discount promotions) related to, but not limited to, products and solutions in the fields of test and measurement, secure communications, monitoring and network testing, broadcast and media, and cybersecurity.

Your rights

This declaration of consent may be withdrawn at any time by sending an email with the subject "Unsubscribe" to news@rohde-schwarz.com. Additionally, a link to unsubscribe from future email advertisements is contained in each email sent. Further details on the use of personal data and the withdrawal procedure are set out in the Statement of Privacy.

Your request has been sent successfully. We will contact you shortly.
An error is occurred, please try it again later.