Microsoft Edge sends URLs and SIDs to Microsoft

Microsoft Edge that comes pre-installed on 10 sends the full URLs of the websites you visit to Microsoft, according to a security researcher.

The data sent by the Microsoft browser includes not only the information of each page you visit, but also the SID, which means security ID, according to a Publication by researcher Matt Weeks on Twitter.

Microsoft Edge

Edge obviously sends the full URL of the pages you visit (except for some popular sites) to Microsoft. And, unlike the documentation, it includes your non-anonymous account ID (SID).

Microsoft is known to use a feature called SmartScreen to protect users from potentially dangerous sites each time they load into the browser.

SmartScreen works by comparing the URL to a list of links that Microsoft has, so the page you visit is submitted to a Microsoft server to determine whether or not you are allowed to access the site.

However, Weeks found that information sent without being encrypted also included the SID.

But Microsoft mentions the following about the SID in the official documentation of the operation:

The security identifier (SID) is used to uniquely identify a security principal or security group. Security principals can represent any person that can exist in one , such as a user account, a computer account, or a link or process that runs in the security context of a user account or computer.

Theoretically, by including the SID in the report, Microsoft can tell exactly who is visiting a website when SmartScreen is enabled in Windows 10, of course.

From before, το SmartScreen για τον Microsoft Edge χρησιμοποιεί στη ρύθμιση “Warn” στις with Windows 10.

However, Microsoft states:

When checking out a file, data about that file is sent to Microsoft. The data includes the of the file, the hash of the file contents, the download location, and the file's digital certificates.

The researcher says that this system could be improved using an approach similar to that used by other browsers.

Firefox, Chrome, and Safari do not send your browsing history to the company, as Edge does. Compare hash prefixes of 4-byte URLs with built-in malicious mailing lists.

Microsoft has not yet made an official statement.

___________________

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.087 registrants.

browserbytechromeEdgeURL

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).