Windows 10 Setup - What privacy ?

Recently I was going through Windows 10 setup for a friend and noticed the setting defaults were quite concerning.

As a quick disclaimer, my knowledge of Windows 10 is still in its infancy, so feel free to correct me if you find out more information, but this is my understanding so far.

Firstly, the "Express" option seems to glance over a whole lot of settings that pretty much hand over all your information to Microsoft. Of course you can customise but you need to pay attention to where the link is as opposed to the big "Use Express settings" button (see green ellipse below) :

If you decide to customise then you start to see the depth of the information grab, most of which is actually mentioned in the first screen. Of course everyone reads it, just like everyone reads License Agreements, right ;)

Also all the options below are On by default, these are just settings I happened to recommend, each to his own about how much you want to share.

What is other associated input data ? I am always concerned by general statements. The bigger concern here is that so much data is being sent to Microsoft and some will be passed on to "trusted partners". How is all this data protected, the track record of protecting customer data for companies big and small has not been that great over last few years.

Also Windows and Apps want your location and location history, interesting. How much history are we talking about here ?

This screen really scared me. Automatically connect to suggested open hotspots , I will definitely need to do some homework on this, not sure who is suggesting but it definitely looks like a good attack vector, followed very closely by Automatically connect to networks shared by your contacts.

As it reads, you need to be extremely careful who is in your contacts list. If a hacker can get someone to add them to their contacts (how many of your contacts on LinkedIn do you really know?) and then they "share" their nefarious network with you, you will connect automatically if you are in the vicinity and ... chances are it wont end nicely for you.

For the security conscious, diagnostic information sent to Microsoft has historically been intercepted by the NSA (and I am sure others too) as a way of gaining intel on your configuration as it contains very detailed information about the software and hardware you are running. This is then used to target your machine or the software you are running to compromise and potentially sniff or steal your data, etc.

This is another screen that concerned me. For people on a low data plan be careful of the last setting above. From my limited understanding, it appears Microsoft will use your computer to send update information to others and therefore consume your bandwidth (and save their own).

My other concern is how can that be used to compromise someone's machine, by tricking a computer to accept updates that contain malware etc.

All in all, I find the above settings very concerning and for the security conscious, you will definitely want to go through the settings yourself. After setup, you will need to go through the settings again in Control Panel as not all options are visible during setup.

As an example :

Sending to your other PCs on your local network might save you some bandwidth, I cant really comment yet if their are any material security implications.

In the end, each to their own, obviously I have my opinion about how much data should be shared. Restricting data sharing will impact your Windows experience and Microsoft is trying very hard to immerse its customers. Personally I can live without all the smarts.

Stay vigilant and be informed, Microsoft are making a grab for all your data and in future updates you will also lose more control over your own PC, but that is a topic of its own ;)