Microsoft reportedly recently closed an agreement with FireEye security company, according to a Australian shop Arn. Η συμφωνία δίνει πρόσβαση στην FireEye σε όλα τα δεδομένα τηλεμετρίας που συλλέγουν τα Windows 10.
Η δημοσίευση αναφέρει ότι η FireEye θα προσφέρει σαν αντάλλαγμα στη Microsoft το λογισμικό της εταιρείας iSIGHT Intelligence που θα χρησιμοποιηθεί από το Windows Defender Advanced Threat Protection σε όλες τις Appliances with Windows 10.
FireEye's iSIGHT Intelligence software is a future threat prevention application that can check if businesses meet the requirements and tools to cut off an attack.
On the other hand, Windows Defender is a program that comes embedded in Windows 10 and is enabled by default.
Customers using Pro and Enterprise can upgrade to Windows Defender Advanced Threat Protection with behavior sensors, security analysis, and cloud threats.
The publication states that the partnership definitely benefits Microsoft, namely the reputation and reliability of the Windows Defender commercial release.
A press release from FireEye released on 3 November at 2016 provides additional details on the deal.
Please note that the iSIGHT Intelligence software is available through Windows Defender Advanced Threat Protection (WDATP), but not the free version of Windows Defender.
WDATP customers can access various technical indicators provided by the software. These include the attacker's main motive, tools it uses, information about target domains and geographic areas, and a description of the attacker and its functions.
According to the ARN publication, security teams can have all Windows 10 telemetry data through subscription billing models.
The company will have access to the telemetry data of all Windows 10 devices. An overview of which versions of Windows are included is provided on its page TechNet on the Web.
Meanwhile, neither FireEye, nor Microsoft or the ARN publication disclosed details about the range of telemetry data that FireEye will have at its disposal.
But according to them Microsoft Terms of Service, more probably was expected:
“We share your personal data with your consent or as required to complete anychangeor to provide any product you have requested or authorized. We also share data with Microsoft affiliates and subsidiaries, with vendors who work on our behalf, when required by law or to respond to legal process, to protect our customers, to protect life, to maintain security of our products and to protect the rights or property of Microsoft.”
At present, what we can safely say is that terms of the agreement are not yet known, so we can not know if FireEye will gain access to all telemetry data.
However, the fact that telemetry data is offered to third parties is quite problematic.
Below are the details that Microsoft collects, according to the terms of use of each software:
“Η Microsoft συλλέγει δεδομένα, για να λειτουργήσει αποτελεσματικά και να σας προσφέρει την καλύτερη δυνατή εμπειρία με τα προϊόντα της. Ορισμένα από αυτά τα δεδομένα παρέχονται άμεσα από εσάς, όπως όταν δημιουργείτε λογαριασμό Microsoft, υποβάλλετε ένα ερώτημα searchς στο Bing, δίνετε μια φωνητική εντολή στην Cortana, αποστέλλετε ένα έγγραφο στο OneDrive, αγοράζετε μια συνδρομή MSDN, εγγράφεστε στο Office 365 ή επικοινωνείτε μαζί μας για υποστήριξη. Αποκτούμε ορισμένα δεδομένα καταγράφοντας πώς αλληλεπιδράτε με τα προϊόντα μας, για παράδειγμα, χρησιμοποιώντας τεχνολογίες όπως cookies and taking error reports or usage data from software running on your device.
We also get data from third parties. For example, we supplement the data we collect by buying demographic data from other companies. We also use services from other companies to identify your location based on the IP address, so we can customize certain products.
You have choices about the data we collect. When asked to provide personal data, you can refuse. However, if you choose not to provide data that is necessary to provide a product or feature, you may not be able to use that product or service.
The data we collect depends on the products and capabilities you use, and may include the following:
Name and contact information. We collect your name and surname, email address, postal address, telephone number and other similar contact information.
Credentials. We collect passwords, password prompts, and similar security information used for authentication and access to the account.
Demographic data. We collect data about you, such as your age, gender, country and language of preference.
Payment data. We collect data that is necessary to process your payments if you make purchases, such as your payment instrument number (eg credit card number), and the security code associated with the payment instrument.
Usage data. We collect data about how you and your device interact with Microsoft and our products. For example, we collect the following:
- Product use data. Συλλέγουμε δεδομένα σχετικά με τις δυνατότητες που χρησιμοποιείτε, τα στοιχεία που αγοράζετε και τις websites που επισκέπτεστε. Σε αυτά τα δεδομένα περιλαμβάνονται οι φωνητικές εντολές σας και οι αλληλεπιδράσεις σας μέσω κειμένου με το Bing, την Cortana και τα bot conversationthat we have.
- Device data. We collect data about your device and the network you use to connect to our products. This includes data about operating systems and other software installed on your device, including any product keys. Data also includes IP address, device IDs (such as IMEI for phones), locale and language settings.
- Error reports and performance data. We collect information about the performance of the products, as well as any problems you encounter with them. This data helps us diagnose problems with the products you use, as well as improve our products and provide solutions. Depending on your product and settings, the error reports may include data such as the type or severity of the problem, software or hardware-related details, file contents that you used when an error occurred, and data about another software on your device.
- Support Data. When you contact Microsoft for support, we collect data about you and your hardware and software, as well as other details related to the support incident. This data includes communication or authentication data, the content of your chats and other communications with Microsoft support, data about the state of the machine and application when the error occurred and during diagnostics, and data system and registeru about software installations and hardware configurations.
Interests and favorites. We collect data about your interests and favorites, such as groups watched in sports apps, stocks you're watching in economy apps, or your favorite cities that you add to weather apps. In addition to the information you provide yourself, your interests and favorites can also be inferred or derived from other data we collect.
Contacts and relationships. We collect data about your contacts and relationships if you use a Microsoft product to manage contacts, communicate, or interact with other people or organizations.
Location data. We collect data about your location, which may or may not be accurate. Accurate location data can be Global Positioning System (GPS) data, as well as data from nearby cellular and Wi-Fi antennas Hotspot, which we collect when you activate location-based products or features. Imprecise location data includes, for example, locations derived from your IP address or data that indicates less precisely where you are, such as at the city or zip code level.
Content. Συλλέγουμε περιεχόμενο από τα αρχεία και τις επικοινωνίες σας, όταν είναι απαραίτητο για την παροχή των προϊόντων που χρησιμοποιείτε. Για παράδειγμα, εάν λάβετε ένα μήνυμα ηλεκτρονικού ταχυδρομείου μέσω του Outlook.com ή του Exchange Online, πρέπει να συλλέξουμε το περιεχόμενο του συγκεκριμένου μηνύματος, προκειμένου να το παραδώσουμε στα Εισερχόμενά σας, να το εμφανίσουμε σε εσάς, να σας επιτρέψουμε να απαντήσετε σε αυτό και να το αποθηκεύσουμε για λογαριασμό σας, έως ότου επιλέξετε να το διαγράψετε. Παραδείγματα αυτών των δεδομένων περιλαμβάνουν: το περιεχόμενο των εγγράφων σας, φωτογραφίες, μουσική ή βίντεο των οποίων πραγματοποιείτε αποστολή σε μια υπηρεσία της Microsoft όπως το OneDrive, καθώς και το περιεχόμενο των επικοινωνιών σας που αποστέλλονται ή λαμβάνονται χρησιμοποιώντας προϊόντα της Microsoft, όπως το Skype ή το Outlook.com, όπου περιλαμβάνονται τα εξής:
- the theme line and the body of an email,
- the text or other content of an instant message,
- record audio and video from a video and video message
- the recording and transcription of a voicemail you receive or a text message you dictate.
We also collect the content of the messages you send to us, such as reviews and reviews you write about the product, or questions and information you provide to customer support. When you contact us, for customer support, for example, phone conversations or chat rooms with our representatives may be monitored and recorded. If you visit our retail outlets or other facilities, your image can be captured by our security cameras.
The product sections below describe data collection practices that apply to the use of these products. ”
