Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Browsers
Microsoft Edge
Research Finds Microsoft Edge Has Privacy-Invading Telemetry
Message
<blockquote data-quote="Antus67" data-source="post: 865949" data-attributes="member: 83595"><p>While Microsoft Edge shares the same source code as the popular Chrome browser, it offers better privacy control for users. New research, though, indicates that it may have more privacy-invading telemetry than other browsers.</p><p></p><p>According to Microsoft, telemetry refers to the system data that is uploaded by the Telemetry components or browser's built-in services. Telemetry features aren't new to Microsoft and the company has been using Telemetry data from Windows 10 to identify issues, analyze and fix problems.</p><p></p><p>Professor <a href="https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf" target="_blank">Douglas J Leith</a>, Chair of Computer Systems at Trinity College in Ireland, tested six web browsers to determine what data they were sharing. In his research, he pitted Chromium-based Microsoft Edge, Google Chrome, Brave, Russia's Yandex, Firefox and Apple Safari.</p><p></p><p>Unfortunately, Microsoft Edge didn't perform well in various privacy tests.</p><p></p><p><span style="font-size: 22px"><strong>Too much telemetry in Microsoft Edge</strong></span></p><p>When testing the Edge Browser, Leith saw that every URL that was typed into Edge would be sent back to Microsoft sites.</p><p></p><p>For example, every URL typed into the address bar is shared with Bing and other Microsoft services such as SmartScreen. This was confirmed by BleepingComputer who used Fiddler to see the JSON data being sent to Microsoft.</p><p></p><p>This could be fixed by using a technique similar to <a href="https://www.google.com/chrome/privacy/whitepaper.html" target="_blank">Google's Safe Browsing implementation</a> that downloads a a list of known malicious sites and saves it locally. This list is the checked by the browser and if any data needs to be sent to Google's servers, will only send a hashed partial URL fingerprint that can be used to track browsing behavior.</p><p></p><p>The browser also sends unique hardware identifiers to Microsoft, which is a "strong and enduring identifier" that cannot be easily changed or deleted.</p><p></p><p>Russian web browser Yandex is also engaged in similar anti-privacy activities:</p><p></p><p></p><p>It's important to note that Microsoft Edge for Enterprise gives administrators a lot of control in deployments to disable all these trackers, but the trackers are enabled by default in all Edge installations.</p><p></p><p>While Microsoft Edge didn't fare well in the tests, the researcher has also <a href="https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf" target="_blank">questioned</a> Chrome's and other browser's behaviour.</p><p></p><p>Users have previously noticed that Chrome scans the entire computer and reports hashes of executable programs back to Google to build Chrome's Safe Browsing platform.</p><p></p><p>Chrome, Firefox and Safari share details of every webpage you visit with their services. All these browsers use autocomplete feature to send web addresses to their services in realtime.</p><p></p><p>Firefox's telemetry transmissions, which is silently enabled by default, can potentially be used to link these over time. In Firefox, there is also an open WebSocket for push notifications and it is linked to a unique identifier, which could be used for tracking, according to the researcher.</p><p></p><p>Source:<a href="https://www.bleepingcomputer.com/news/microsoft/research-finds-microsoft-edge-has-privacy-invading-telemetry/" target="_blank">Research Finds Microsoft Edge Has Privacy-Invading Telemetry</a></p></blockquote><p></p>
[QUOTE="Antus67, post: 865949, member: 83595"] While Microsoft Edge shares the same source code as the popular Chrome browser, it offers better privacy control for users. New research, though, indicates that it may have more privacy-invading telemetry than other browsers. According to Microsoft, telemetry refers to the system data that is uploaded by the Telemetry components or browser's built-in services. Telemetry features aren't new to Microsoft and the company has been using Telemetry data from Windows 10 to identify issues, analyze and fix problems. Professor [URL='https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf']Douglas J Leith[/URL], Chair of Computer Systems at Trinity College in Ireland, tested six web browsers to determine what data they were sharing. In his research, he pitted Chromium-based Microsoft Edge, Google Chrome, Brave, Russia's Yandex, Firefox and Apple Safari. Unfortunately, Microsoft Edge didn't perform well in various privacy tests. [SIZE=6][B]Too much telemetry in Microsoft Edge[/B][/SIZE] When testing the Edge Browser, Leith saw that every URL that was typed into Edge would be sent back to Microsoft sites. For example, every URL typed into the address bar is shared with Bing and other Microsoft services such as SmartScreen. This was confirmed by BleepingComputer who used Fiddler to see the JSON data being sent to Microsoft. This could be fixed by using a technique similar to [URL='https://www.google.com/chrome/privacy/whitepaper.html']Google's Safe Browsing implementation[/URL] that downloads a a list of known malicious sites and saves it locally. This list is the checked by the browser and if any data needs to be sent to Google's servers, will only send a hashed partial URL fingerprint that can be used to track browsing behavior. The browser also sends unique hardware identifiers to Microsoft, which is a "strong and enduring identifier" that cannot be easily changed or deleted. Russian web browser Yandex is also engaged in similar anti-privacy activities: It's important to note that Microsoft Edge for Enterprise gives administrators a lot of control in deployments to disable all these trackers, but the trackers are enabled by default in all Edge installations. While Microsoft Edge didn't fare well in the tests, the researcher has also [URL='https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf']questioned[/URL] Chrome's and other browser's behaviour. Users have previously noticed that Chrome scans the entire computer and reports hashes of executable programs back to Google to build Chrome's Safe Browsing platform. Chrome, Firefox and Safari share details of every webpage you visit with their services. All these browsers use autocomplete feature to send web addresses to their services in realtime. Firefox's[B] [/B]telemetry transmissions, which is silently enabled by default, can potentially be used to link these over time. In Firefox, there is also an open WebSocket for push notifications and it is linked to a unique identifier, which could be used for tracking, according to the researcher. Source:[URL="https://www.bleepingcomputer.com/news/microsoft/research-finds-microsoft-edge-has-privacy-invading-telemetry/"]Research Finds Microsoft Edge Has Privacy-Invading Telemetry[/URL] [/QUOTE]
Insert quotes…
Verification
Post reply
Top