Slides available here : http://repo.thehackademy.net/depot_hzv/nuitduhack/prez/slides/ndh2k16/Paul%20Hernault:Thomas%20Aubin/Slides%20NDH.pdf
We started our research by looking at what were the legal rights of Microsoft about our data. Reading the term of use is often seen as a chore, people accept and pays no attention to it. However, its contents can sometimes be interesting and hide important informations. In this part we speak about what data are collected and danger for us to disclose them. What power has Microsoft on our data?
If there is a privacy issue in Windows, there will be communications. This is why we tought that analyzing network streams was a good idea. We will mainly talk about our setup and what we found while examining those streams.
A brief talk about how an SSL MITM is working for those who don’t know. This will explain how we set up our environment to study Windows communications
We decrypted some SSL packets and found that data was not anonymized at…