The companies you trust are stealing from you

Presented by

Michael Patterson. founder and CEO, Plixer

About this talk

With the recent formal notice to Microsoft by France’s National Data Protection Commission (CNIL), it is apparent that Microsoft is taking too many liberties with user data. Mike Patterson, founder and CEO security analytics firm Plixer, noticed that even after disabling everything he could find to stop this data transfer, some form of metadata is still sent to Microsoft every 5 minutes. Further research found that: •The content was encrypted in a way that made it impossible to determine what was being sent. This extra effort to encrypt indicates that Microsoft not only didn’t want non-authorized users of the machine from accessing the data—they also didn’t want the end-user knowing what was being sent. •There is a group policy feature called Allow Telemetry, which is a setting that determines how many telemetry details are sent back to Microsoft. •The only way to disable this entirely, unfortunately, is to purchase an Enterprise version of Windows 10. In addition to Microsoft Windows 10, Patterson’s research also found that electronics company Plantronics and antivirus firm McAfee are doing this, too: 1.Plantronics were sending encrypted data over HTTP port 80 every minute 2.McAfee would send data using a DNS look-up that in many companies bypasses security mechanisms. Tune into this webinar to get a look at how the research was conducted, exactly what information these companies take from you and why the practice of DIGing (Dubious Information Gathering) is bigger than cybercrime.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (89)
Subscribers (4949)
Our channel is aimed to give you the full picture. We will educate you on current topics of interest with the Editor of IT Security Guru hosting the webcasts, Dan Raywood. Guest speakers will join in on the debates with their own expert view and no intention of keeping it to themselves. Our aim is to give you all the information you need, for you to be able to come to your own conclusion. http://itsecurityguru.org/