Desktop Operating Systems 3 - Privacy Features of Desktop OSs

PUBLISHED 31 JULY 2019

Author: InvisibleUser Team

In this section, we will compare the privacy features of Windows, macOS and Linux operating systems and give some general information about their security.

This is the third post of the series. Have a look at “Desktop Operating Systems Overview“ and “Popularity of Linux OSs” if you did not read them yet.


The best Operating Systems for Privacy Advocates

We will start off with Microsoft’s and Apple’s OSs. Unlike Linux, Windows and macOS are both proprietary, so we cannot be completely certain about how much and which data is shared with Microsoft and Apple, respectively.

Windows Privacy Features

Especially Microsoft’s most recent operating system, Windows 10, has raised many concerns among privacy advocates. The artificial intelligence assistant Cortana, which cannot be deactivated, has been criticised and is controversial. That is unfortunately not the only part of the OS that poses risks to your privacy. A lot of data is collected through your searches in the start menu. The reasoning behind that is that Microsoft uses this data to improve the search function, speed up the search through indexing files and finding out how people normally use Windows. The problem with this it that it puts your privacy at risk if such data is sent to Microsoft.

It is not only the data about what you search for, but also much more personal information. If you use the voice recognition of Cortana, Microsoft servers can capture your accent, tempo of speech and other features that can identify your voice. This is no a conspiracy theory. Microsoft officially confirmed that they create voice and speech profiles of users to improve Cortana.

The only tip that we can give you here is to disable everything related to Cortana. The Windows settings are not helpful when you want to disable the AI. Instead, you have to dig deep into the Windows registry. The registry is a database that stores low-level configuration settingss of the operating system.

This might sound complicated, but it is actually pretty easy to do: Just press Windows key + R, type in regedit, press Enter and run the Registry Manager with admin permissions. In the Windows Registry, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search. If the folder does not exist, create the Windows Search folder in this place. There should be an entry called AllowCortana. If not, right-click the Windows Search key (folder) on the left pane, select New > DWORD (32-bit) and name it AllowCortana. Set the value of AllowCortana to 0 (false). The bitch should be dead by now!

Here is a guide for more information. As if the spyware AI Cortana was not enough, Windows has also been observed sending location information to Microsoft. This can be deactivated, but since Windows 10, it is not possible anymore to completely block sending crash reports and similar data to Microsoft.

That brings us to the next major issue with Windows: The lack of transparency. All of the data collection features are turned on by default, so a user that is uninformed about them is likely to fall victim to them.The privacy policy of Windows 10 is a 45-page document, so there is a lot to say about data collection.

To at least reduce Microsoft’s capabilities a bit, we have another tip for you: You should never login with a Microsoft account when you start your PC. We know that this is the way most people use Windows, but as privacy advocates, we advise against that. Instead, use a local account. That means that you have to change your account to local or create a new local user account in Windows 10.

That is done in the following way:

Go to Settings>Accounts>[Your account name] then click on Sign in with a local account instead and enter the current password. Now set a password for the local account. These settings will disable the worst parts of Microsoft’s data grabbing, since you do not automatically connect to Microsoft servers when starting the system. Your Windows 10 installation will not lose any functionality and you get better privacy. You can only win by doing this.

Here is a guide that will help you.

As we have described above, you can turn most of the data collection off, but the best and easiest option would be to remove Spydows 10 from your PC and use Linux.

Windows 10 is a system with so many cloud-based components that it will be almost impossible for you to turn them all off. Microsoft really does not want you to do so. To illustrate this, we would like to quote their privacy policy here:

*“We collect data about you, your device, and the way you use Windows.” “[…] management tools provided by Microsoft or others to access and process your data from that device, including your interaction data, diagnostic data, and the contents of your communications and files.” and “We also obtain data about you from third parties.” * —Microsoft privacy policy

That pretty much sums up that they are watching all your activity if you use their operating system. In a way, you were forced to give them all that data, since Windows came pre-installed on your PC. Microsoft’s privacy policy is quite a shocking document to read. We are of this opinion, because in the statement, Microsoft names all the ridiculous excuses for not respecting your privacy. We expected something like this from Microsoft, but the ruthlessness is still disturbing.

macOS Privacy Features

If you asked us to tell you which proprietary operating system is better for privacy advocates, we would definitely say macOS. Apple cannot risk damaging their image by controversial data collection, because buying Apple products is a choice customers have to make consciously. Apple is better than Microsoft in terms of respecting your privacy, period. Anything is better than Spydows 10!

While customers actively decide to buy a macOS laptop, that is not the case for Windows. Windows comes pre-installed on even the cheapest laptops. Many people do not really have a choice, because macOS computers are quite expensive. If you can afford it and do not want to install an operating system like Linux yourself, we would suggest going for an Apple computer.


Let us now get to the privacy and security features we like in Apple’s macOS: Their full-disk encryption FileVault actually works, in contrast to the solution Windows offers. FileVault is not built like Windows’ counterpart BitLocker, which is deliberately compromised by Microsoft to allow law enforcement access to encrypted Windows machines. Apple has been heavily criticised because of its (indirect) cooperation in the NSA’s PRISM program (source) and possibly also the XKeyscore project in 2013 (source). It is actually laughable how Apple denied their participation in their first statement (source), which turned out to be a lie. Since then, they have taken a lot of steps to get the customers’ trust back. The company has massively improved the security features of both iOS and macOS.

However, you have to keep in mind that macOS is still closed source, but we cannot demand from every software development company to release their source code for free. Apple simply has a different monetization approach than Linux, for example. We disagree with their decision to keep the OS source code behind closed doors, but they are successful with their current strategy.

macOS is as good as proprietary software gets, but we personally do not use it. If we were not all happy ZorinOS Linux users, macOS would the system we would go for, but an open-source solution is always preferable.

Apple’s philosophy is that not revealing the source code is what makes macOS secure. We disagree, since that is not necessarily true:

Although an attacker can easily search open-source code for exploits, it is more than likely that other programmers with better intentions see it too. They will report it and the public is warned to be careful until it gets fixed. With Apple’s software, you do not have this option. That is a disadvantage, since the small team working on a single macOS program like Pages, for example, is less likely to notice security issues than a big community on GitHub.

Linux Privacy Features

In the Linux family, virtually all operating systems are based entirely on the standardised Linux kernel (specified in the Linux Standard Base, LSB). They are free and open-source, so they do not contain many security issues and no data collection features or backdoors. Spyware is impossible to hide from the public if you publish your source code. Being under public scrutiny means that developers are basically forced to make ethical decisions. If they implemented things like sending usage statistics without asking the user, that would be obvious. There would be a line of code that generates an HTTP request to send data to a server. The Linux kernel is one of the most actively developed pieces of open-source software and many beginner programmers and computer science students read the code. It is therefore highly unlikely that no one would notice such changes.

That is our stance on the privacy properties of Linux, but it is also an incredibly secure operating system. User accounts in general do not have root/admin permissions, so malware can only do limited damage. The kernel itself has many security modules. There are modules like AppArmor for process isolation, seccomp for real-time monitoring of untrusted software, Smack and TOMOYO for access control and Security-Enhanced Linux (SELinux), which basically does all the above tasks. There is also Netfilter. Netfilter is a built-in framework for network handling, like packet and address filtering to establish a firewall. It is controlled through the user space utilities iptables and nftables.

If you want to see what the Linux kernel we love so much actually looks like, you can view it here on Linus Torvalds’ GitHub account.


Conclusions

The privacy features of Linux are convincing. In our opinion, Linux distributions are by far the most secure and stable operating systems, but you can reach advanced security and privacy on Mac and Windows as well. It is just harder to do. All the privacy features you have to enable on Windows and the data collection you have to disable, require a lot of work. On Linux, that are basically the default settings, which makes things infinitely easier for beginners as well as advanced users.

macOS is somewhere in the middle between the two, but why really use it? There is much less macOS software available than for Windows and even Linux. Combined with its closed source nature, we do not necessarily recommend it in general if there are so many open-source solutions available. If you want to use a mainstream operating system and not switch to Linux, macOS is still by far better than Windows. Apple has learned from the public backlash they received after Snowden published leaks on their cooperation with the NSA. Since then, they have significantly improved both privacy as well as security features, which were quite lacklustre in the past.

“Linux is just like Windows, but just better! Do not ask why…” — InvisibleUser

Previous

Desktop Operating Systems 2 - Popularity of Linux OSs

Next

What tells distros apart? 1 - Linux Desktop Environments and Packages