Does Windows 10 really include a keylogger? (Spoiler: No)

Conspiracy theories sometimes take on a life of their own, independent of the facts. Here's how this one got started.
Written by Ed Bott, Senior Contributing Editor

Here we go again.

With Windows 10, Microsoft has adopted a rapid-update development cycle. Maybe that faster pace is affecting the tech press too, because it took less than a week for the first Windows 10-driven conspiracy theory to burst onto the scene.

It started with a Friday-afternoon article in The Inquirer, a tech tabloid known for its breathless headlines and factually challenged prose. In true Inky fashion, the headline declared that Windows 10 "has permission to watch your every move," adding, ominously: "Its 'privacy' policy includes permission to use a keylogger."

From a legalistic point of view, this headline is cleverly constructed. It doesn't actually say that Windows 10 contains surveillance software that monitors your keystrokes and sends a log of those keystrokes to Redmond. In fact, the implication that there is an actual keylogger embedded in the Windows 10 code is contradicted by this key graf, buried near the end of the story:

In other words, in effect, you are giving permission for Microsoft to screen your files, and in effect keylog your keyboard input. [emphasis added]

"In effect." Not in actuality. And in fact there's little evidence that the author has enough background in computer science or security to tell a keylogger from a key lime pie.

But the story was picked up by a few other sources and fits neatly into conspiracy theories, so here's a bucket of cold water to pour on the rumors.

If there were really anything resembling a keylogger in the Windows 10 Technical Preview, it would be very easy to discover and document exactly what information it's transmitting. I've done a cursory check and can't find anything that matches that description. And I'm certain that researchers in the security and privacy communities would immediately publish details of their findings if they found something through a more thorough search.

I'll update this post immediately if any such evidence turns up. So far, there's nothing.

Look, the Windows 10 Technical Preview is an instrumented version. It collects information about your use of the product, including some text and voice input, and returns some of that data to Microsoft for use in tuning performance and improving voice recognition and spell-checking.

That's a far cry from a keylogger, which is a surveillance tool that indiscriminately collects every keystroke on a PC and transmits it (usually surreptitiously) to a remote location.

The data collected by the Windows 10 telemetry tools is limited, but the process of collecting this information can result in inadvertent information disclosure. This isn't a new problem: there are similar concerns that enterprise customers have to be careful when configuring Windows Error Reporting using released versions of Windows on production machines.

If you're concerned that files you're working with contain confidential information, you probably shouldn't be using the Windows 10 Technical Preview to open them.

For the record, Microsoft's response to these allegations is as follows:

With Windows 10, we're kicking off the largest ever open collaborative development effort that will change the way we build and deliver Windows. Users who join the Windows Insider Program and opt-in to the Windows 10 Technical Preview are choosing to provide data and feedback that will help shape the best Windows experience for our customers. As always, we remain committed to helping protect our customers' personal information and ensuring safeguards are in place for the collection and storing of that data. As we get closer to a final product, we will continue to share information through our terms of service and privacy statement about how customer data is collected and used, as well as what choices and controls are available.

On June 1, Microsoft's Gabe Aul confirmed that users will be able to disable these features in the final release of Windows 10. The option will be available in Windows 10 Settings > Privacy > Feedback & Diagnostics. "It's also configurable as part of OOBE [the out-of-box setup experience] on new installs," He said.

I'll check again after Windows 10 is released on July 29, 2015.

Editorial standards