I am sure that you all have been familiar with the above shown annoying Window Operating System error messages that many times pop ups on your screen while working on the system in case of process failure i.e. "The system has recovered from a serious error. A log of this error has been created. Please tell Microsoft about this problem"
The message that prompts ask the user to report the problem to Microsoft followed by the options to Send an error report or Not send. Most of the time Gentle users like you and me used to submit these error reports to aware the Microsoft about the problem. But What if these crash reports can be abused to identify the vulnerabilities of your system for Spying?
NSA is intercepting wide range of Internet Traffic including many Encrypted connections and naturally unencrypted also and surprisingly, by default Microsoft encrypts its reports, but the messages are transmitted unencrypted or over standard HTTP connections to watson.microsoft.com. The latest revelations from the Snowden ******** leaks revealed by the German publication Der Spiegel described how the NSA's secret hacking unit called Tailored Access Operations Unit, or TAO Unit, breaking into a windows computer by gaining passive access to machines.
Microsoft has Windows Error Reporting (****.a. Dr. Watson) technology from Windows XP to later versions. Windows crash reports give up all kinds of information about your system, allowing them to know what software is installed on your PC, respective versions and whether the programs or OS have been patched.
Websense Security Firm observed the Windows Error Reporting system and find that it sends out its crash logs in the clear text:
This information includes:
Date
USB Device Manufacturer
USB Device Identifier
USB Device Revision
Host computer - default language
Host computer - Operating system, service pack and update version
Host computer - Manufacturer, model and name
Host computer - Bios version and unique machine identifier
Why should we care about this? Because System or application Crashes signal about various possible Zero-day vulnerabilities that could be exploited and this is the exact information that the NSA or anyone else needs when tailoring a specific attack against your system, or when designing some kind of malware to infect it.
Der Spiegel also added:
A Microsoft spokesperson asked to comment on the reports said, "Microsoft does not provide any government with direct or unfettered access to our customer's data. We would have significant concerns if the allegations about government actions are true."
Websense also recommends that Error report data should be encrypted with SSL at a minimum, ideally using TLS 1.2 in order to prevent it from NSA snooping. Alexander Watson, director of security research, Websense, will be presenting advanced findings related to this research at the 2014 RSA Conference in San Francisco.
If you want to disable Windows Error Reporting, open Control Panel and search for Problem reporting settings. Open that option and Select Never check for solutions. However Microsoft does not recommend users do so, but it's your choice, neither it harms your system.
