- 1 Windows as Malware
- 2 Windows Analysis
- 3 References
Windows as Malware
The Free Software Foundation is scathing in its analysis of Windows, due to the threats posed to user freedoms, privacy and security. Regardless of the version being used, the FSF classifies Windows as "malware", that is, software that is designed to function in ways that mistreat or harm the user.  
Windows Backdoors and User Freedoms
- Microsoft has backdoored its disk encryption.
- Microsoft has a history of updating software without permission; this represents a universal backdoor to impose any changes they like.
- Microsoft now enforces upgrades to Windows 10 involuntarily.
- Microsoft undertook a range of actions to force Windows 7 and 8 users to upgrade to Windows 10.
- Microsoft ignored flags on Windows 7 and 8 specifying that upgrades to Windows 10 were not desired.
- For months, Microsoft tricked users into upgrading to Windows 10 if they failed to notice and deny the upgrade.
- Windows 8 has a backdoor for remotely deleting applications from the user's computer.
- The German government does not trust that Windows 8 and the Trusted Platform Module (TPM) v2.0 is not a backdoored combination.
The suppostion that proprietary software is free of grave bugs is demonstrably false. In fact, the popularity of Windows platforms on desktops actually increases the risk, as attackers target the near monocultural operating system environment with regularity, for example:
- The Wanna Decryptor ransomware attack spreading the globe at the time of writing is solely focused on Windows platforms.
- Flaws in Internet Explorer and Edge have previously allowed attackers to retrieve Microsoft account credentials.
- Point-of-sale terminals running Windows were previously taken over in order to collect customers' credit card numbers.
- Windows uses weak or broken cryptographic verification methods like MD5 and SHA-1.
- Windows 7 and earlier versions do not provide a secure central repository for downloading software, meaning a host of users must risk dangerous downloads from the Internet.
These are Microsoft technical actions that harm users of specific hardware or software:
- Microsoft has rapidly dropped support for Windows 7 and 8 on recent processors following the release of Windows 10.
- Microsoft has made Windows 7 and 8 non-functioning on certain new computers, compelling a switch to Windows 10 for certain users. For example, support has been dropped for all future Intel, AMD and Qualcomm CPUs.
- Proposed Windows 10 "upgrades" deny users the ability to cancel or postpone the proposed upgrade once accepted.
- Windows 10 upgrades delete applications with the user's permission.
- Microsoft has a history of collaborating with adversaries by informing them of bugs before they are fixed.
- Microsoft reportedly gives adversaries security tips on how to crack into Windows computers.
- Microsoft cuts off support for users of specific platforms (like XP) and software (such as popular Internet Explorer versions), after users have developed a software dependency.
- Microsoft has announced that starting with Windows 10, it will begin forcing lower-paying users to test less-secure new updates before giving higher-paying users the option of whether or not to adopt them.
Microsoft often releases proprietary programs or updates that destabilize or reduce the utility of the user's system:
- Windows displays advertisements for Microsoft products and those of its partners.
- Windows inserts advertisements inside of File Explorer to nag users to buy subscriptions.
- As noted earlier, Microsoft nags users repeatedly to install Windows 10.
- Microsoft has encouraged users to complain to system administrators about not upgrading to Windows 10.
- Windows DRM files can potentially identify people browsing with Tor.
- Windows 10 sends a host of core debugging information to Microsoft and third parties.
- Windows 10 sends information to Microsoft about applications used and those that are running.
- Microsoft has renamed "data slurping" features to give users the impression they were removed.
- Windows 10 has a host of snooping options enabled by default. This includes snooping on user files, text input, voice input, location information, contacts, calendar records, web browsing history, screenshots of running programs and how long they were running, and auto-connection to open hotspots which show targeted advertisements. Many options cannot be disabled at all in a standard installation.
- Windows 10 spyware which tracks the user's text input and unique typing cadence (pattern) is comparable to a corporate keylogger.
- Even when users disable "data slurping" features, Windows 10 still sends a range of identifiable information to Microsoft.
- Windows uses a unique advertising ID for each user so that other companies can track the browsing habits of each individual.
- Windows 8 appears to have a range of spyware functions. For example, it snoops on local searches and there is a secret "NSA key" in Windows, whose functions are unknown. The smartscreen filter also reports what software is running on the computer.
- Microsoft SkyDrive allows adversaries to examine user data.
- Microsoft has enabled spyware in Skype and specifically changed the software to enable this function.
- The "privacy" policy in Windows 10 explicitly enables Microsoft the right to look at user files at any time and to sell almost any information it likes about users.
- Windows 10 full disk encryption gives Microsoft the key.
Other Windows Abuses
- Windows has introduced a range of digital restrictions mechanisms.
- Later Windows versions only allow programs from the Windows Store to be downloaded and installed.
- Windows 8 on mobile devices censors the user's choice of application programs.
- When Microsoft realized it had accidentally allowed GNU/Linux to be installed on RT tablets, it quickly "fixed the error" to prevent the use of other operating systems.
Forfeited Privacy Rights
By now the reader should be convinced that just by using any version of Windows, the right to privacy is completely forfeited. Windows is incompatible with the intent of Whonix and the anonymous Tor Browser, since running a compromised Windows host shatters the trusted computing base which is part of any threat model. Privacy is inconceivable if any information the user types or downloads is provided to third parties, or programs which are bundled as part of the OS regularly "phone home" by default.
The fact that there is no way to completely remove or disable telemetry requires further consideration. For instance, non-enterprise editions do not allow a user to completely opt-out of the surveillance "features" of Windows 10. Even if some settings are tweaked to limit this behavior, it is impossible to trust those changes will be respected. Even the Enterprise edition was discovered to completely ignore user privacy settings and anything that disables contact with Microsoft servers.
Any corporation which forces code changes on a user's machine, despite Windows updates being turned off many times before, is undeserving of trust.      Windows 10 updates have been discovered to frequently reset or ignore telemetry privacy settings. Microsoft backported this behavior to Windows 7 and 8 for those that held back, so odds are Windows users are already running it.
Ignoring for a moment its own built-in malware, Windows is a pile of legacy code full of security holes that is easily compromised. Microsoft's willingness to consult with adversaries and provide zero days before public fixes are announced logically places Windows users at greater risk, especially since adversaries buy security exploits from software companies to gain unauthorized access into computer systems.  Even the Microsoft company president has harshly criticized adversaries for stockpiling vulnerabilities that when leaked, led to the recent ransomware crisis world-wide.
Microsoft updates also use weak cryptographic verification methods such as MD5 and SHA-1. In 2009, the CMU Software Engineering Institute stated that MD5 "should be considered cryptographically broken and unsuitable for further use".  In 2012, the Flame malware exploited the weaknesses in MD5 to fake a Microsoft digital signature. 
Windows is not a security-focused operating system. Due to Microsoft's restrictive, proprietary licensing policy for Windows, there are no legal software projects that are providing a security-enhanced Windows fork. On the other hand, in the Linux community there are multiple Libre Software Linux variants that are strongly focused on security, like Qubes OS.
Windows Software Sources
Before Windows 8, there was no central software repository comparable to Linux where users could download software safely. This means a large segment of users remain at risk, since many (if not most) Windows users are still running Windows 7. 
On the Windows platform, a common way to install additional software is to search the Internet and install the relevant program. This is risky, since many websites bundle software downloads with adware, or worse malware. Even if the user always downloads software from reputable sources, they commonly act in very insecure ways. For example, if someone downloads Mozilla Firefox from a reputable website like
chip.de,  then the download would take place over an insecure, plain http connection.  In that case, it is trivial for ISP level adversaries, Wi-Fi providers and others to mount man-in-the-middle attacks and to inject malware into the download. But even if https is used for downloads, this would only provide a very basic form of authentication.
To keep a system secure and free of malware it is strongly recommended to always verify software signatures. However, this is very difficult, if not impossible for Windows users. Most often, Windows programs do not have software signature files (OpenPGP / gpg signatures) that are normally provided by software engineers in the GNU/Linux world. For this reason it is safe to assume that virtually nobody using a Windows platform is regularly benefiting from the strong authentication that is provided by software signature verification.
In contrast, most Linux distributions provide software repositories. For example, Debian and distributions based on Debian are using apt-get. This provides strong authentication because apt-get verifies all software downloads against the Debian repository signing key. Further, this is an automatic, default process which does not require any user action. Apt-get also shows a warning should the user attempt to install unsigned software. Even when software is unavailable in the distribution's software repository, in most cases OpenPGP / gpg signatures are available. In the Linux world, it is practically possible to always verify software signatures.
Libre Software Superiority
Based on the preceding section and analysis, users are strongly recommended to learn more about GNU/Linux and install a suitable distribution to safeguard their rights to security and privacy. Otherwise, significant effort is required to play "whack-a-mole" with Windows malware, which routinely subjects users to surveillance, limits choice, purposefully undermines security, and harasses via advertisements, forced updates, remote removal of applications without consent, and so on.
Open Source software like Qubes, Linux and Whonix is more secure than closed source software. The public scrutiny of security by design has proven to be superior to security through obscurity. This aligns the software development process with Kerckhoffs' principle - the basis of modern cipher-systems design. This principle asserts that systems must be secure, even if the adversary knows everything about how they work. Generally speaking, Libre Software projects are much more open and respectful of the privacy rights of users. Libre Software projects also encourage security bug reports, open discussion, public fixes and review.
- This is especially true for users of Tor, who are regularly targeted in this fashion.
- http://www.chip.de/downloads/Firefox-64-Bit_85086969.html http://www.webcitation.org/6mgUDIObc
- At the time of writing,
chip.destill did not enforce https for its entire website.
No user support in comments. See Support.
Comments will be deleted after some time. Specifically after comments have been addressed in form of wiki enhancements. See Wiki Comments Policy.
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.
Whonix is provided by ENCRYPTED SUPPORT LP. See Imprint.