Posey's Tips & Tricks
Windows Ink, Cortana and Security
Microsoft's latest Windows 10 update makes it possible to interact with a system when locked. This can have both security advantages and disadvantages.
As you have no doubt heard by now, Microsoft has released a Windows 10 update, dubbed the Anniversary Update. When I first heard about the new features that were being made available as a part of this update, it was initially Windows Ink that got my attention.
Microsoft has long supported inking on its Surface tablets, some of which ship with a Surface pen. Until somewhat recently however, inking seemed like something of a novelty. Aside from OneNote and Windows Journal, inking was not initially well supported. This isn't to say that inking didn't work well, but rather that there wasn't a lot of opportunities to use the Surface pen for anything other than a mouse replacement.
Microsoft has recently added much better inking support to Microsoft Office, and they are following that up by introducing Windows Ink. Much to my disappointment however, Windows Ink does not add universal, operating system-level inking support. Instead, it enables ink for sticky notes, adds a sketch pad, and a couple of other things.
Needless to say, Windows Ink didn't thrill me, and I certainly didn't think that the limited degree to which Ink will be supported within the operating system warranted a post. However, just as I was about to move on, there was something else that caught my attention.
The thing that caught my attention was a simple statement at the end of the section on Windows Ink, which says "And because Windows Ink stays active when your device is locked, you'll be able to jot down notes even when you don't have time to enter a password."
Admittedly, there isn't anything super interesting about that statement. Sure, it will be nice to be able to jot down a note without having to take the time to unlock the device. But on the surface there doesn't seem to be any major significance to this statement. However, things become a lot more interesting when you combine this statement with another statement that was made on the same Web page.
In the next section of the page, Microsoft says this:
"No time to enter your password but need some quick help? No problem -- just ask. Cortana will now be at your service, even before you login. Whether you want to make a note, play music or set a reminder, Cortana will have you covered."
These two statements make me wonder about the security implications of the Windows 10 Anniversary Update. Forget about corporate desktops for a moment. Those machines tend to be domain joined and secured by meticulously constructed group policy objects. Instead, I think that any security implications are going to be the most applicable to the BYOD crowd.
Admittedly, many BYOD devices have corporate security policies applied to them, but some do not. Some devices connect to corporate resources through a simple RDP client rather than by requiring device enrollment. In these types of situations, the end user typically retains full control over the device configuration. As such, a user may opt to avoid locking a Windows device with a password because it's a pain to have to unlock the device and enter a password each time that the user wants to do something. Allowing Windows Ink and Cortana to function even within the confines of a locked device may encourage a user to go ahead and secure such a device because the user may not have to go through the hassle of unlocking the device quite so often.
Conversely, however, exposing Windows Ink and Cortana through the lock screen could potentially create security vulnerabilities for locked devices. Now just to be fair, I'm not saying that a vulnerability exists. I haven't read of any known vulnerabilities, and have not had a chance to hunt for vulnerabilities myself. What I am saying is that Microsoft has provided a way of interacting with the operating system without having to unlock the device.
In a way, this is nothing new. Windows Phone has for years been able to display data on the lock screen, and it is even possible to expose music controls on the lock screen. However, Cortana and Windows Ink are different. These features offer input capabilities. A user is able to input information into Windows Ink or into Cortana, and have that information sent to the operating system for processing. I'm sure that Microsoft has restricted the types of information that Windows will respond to, but I can't help but be reminded of some of the Web application exploits that work by modifying the contents of the browser's address bar. There are also database exploits that work in a similar way by using modified database requests. So what happens if someone gives Cortana an abnormal request? Will it be possible to gain unrestricted access to the OS? Only time will tell.
Please don't misunderstand me. I'm not predicting that Microsoft's Windows 10 Anniversary Update will become a security problem. I think that there is a reasonably good chance that Microsoft has designed its new features in a way that prevents these sorts of exploits from being possible. What I am saying is that it is going to be interesting to see if the new features ultimately end up being good or bad from a security prospective, or if they have no impact whatsoever.
Brien Posey is a 20-time Microsoft MVP with decades of IT experience. As a freelance writer, Posey has written thousands of articles and contributed to several dozen books on a wide variety of IT topics. Prior to going freelance, Posey was a CIO for a national chain of hospitals and health care facilities. He has also served as a network administrator for some of the country's largest insurance companies and for the Department of Defense at Fort Knox. In addition to his continued work in IT, Posey has spent the last several years actively training as a commercial scientist-astronaut candidate in preparation to fly on a mission to study polar mesospheric clouds from space. You can follow his spaceflight training on his Web site.