Windows File May Be Secretly Hoarding Your Passwords and Emails

I'm offering my opinion and vantage point like anyone else. There's hundreds of millions of Windows 10 users out, that all of them are having the same experiences with it would be absurd. At any rate, who the hell really cares about what OS someone else uses? I certainly don't.



I've never argued against Microsoft having more options for non-enterprise users for controlling Windows updates. That said, I think it's best that most people don't touch that stuff because they don't know what the hell they are doing;
I am in that group. I think most would be best served to leave it be and at most rurn off the telemetry settings.
 
I didn't put on my daytime tin-foil hat this morning, my sincere apologies! I got tired of the usual one and was looking for a new tin-foil hat, preferably in the shape of a pink unicorn. That I was unable to find one is very disturbing as it to left me vulnerable, and my post is a clear evidence of something nefarious.

That said, if you do not trust an OS maker you should probably find another OS to use.
I haven't used Windows for years for anything critical just for this reason.
 
I do think that some of the claims are bit overblown.

In the context of modern computing where virtually everything is collecting data, the idea that Windows 10 is some sort of unique security issue because of data collection is at best silly unless you're completely disconnected from all technology.
 
I work with Win 10 daily, and whenever I switch to 7 for X reason, search is always faster and more useful. My main work system is on NVMe storage, so that's not the bottleneck. It's the code. The matching of text criteria and speed is junk, especially considering all the "effort" put into it.

Really? The local search system in 10 is very much the same as 7.
 
I work with Win 10 daily, and whenever I switch to 7 for X reason, search is always faster and more useful. My main work system is on NVMe storage, so that's not the bottleneck. It's the code. The matching of text criteria and speed is junk, especially considering all the "effort" put into it.

My work system is still on Windows 7 and all of personal systems are on Windows 10. I use search on both all of the time and I simply have no idea what you're talking about. Again, the local index service is very much the same.
 
That Microsoft is jumping on this bandwagon is a cause of concern as they have not been particularly transparent about it nor given users a real opt-out, or even better a real opt-in.

While the transparency has been slow in coming I think it's pretty good today. The local diagnostics viewer logs what is being sent to Microsoft and is viewable in plain text JSON. Microsoft explains in its enterprise deployment docs everything that gets transmitted, even things like the internet status indicator.
 
The JSON seen in the viewer app is gobbledygook, and certainly not something an ordinary user will have any understanding or what to do with it. Heck, I'm a software developer and in a much better position to evaluate this than most users, and I still think it is gobbledygook.

Diagnostic data from something as complex as Windows requires training to understand. There is documentation for this: https://docs.microsoft.com/en-us/wi...vel-windows-diagnostic-events-and-fields-1709
 
There are other options out there. Those not exploring them shouldn't get sympathy.
 
The data is collected to improve gesture recognition - and that doesn't happen on the local machine obviously. Also, with with logic does the system need to record your every e-mail and text for gesture improvement? That's not just fishy, it's a barrel of month old rotten cod.
You are mixing things together. The indexed data is useful because when the service or whatever deciphers your scribbling it can try to associate what you wrote and not 'recognize' it as something completely off.
Also, indexing <> "recording your every e-mail and text". It is collecting metadata for faster search results, a method used by every OS and content provider.

Yeah and MS said they didn't collect your data either. Are you that naive?
Except that since telemetry cannot be turned off, everyone knows that they collect data and MS never said that they don't collect data. A few weeks ago there was a news post about the list of servers the pre-installed services and apps can send data to.
Sending diagnostic data was also possible way before the idea of Win10 even came about. The change to make it mandatory is obviously not welcome, I completely agree.
Indexing has been around for decades, which is a form of data collection. It existed locally for decades and is used by every single online service which lets you store your own content. Some of them even shares the data (Google, Facebook, etc.).

This is a tech forum. Stop inventing BS. It won't help the discussion and someone just might believe it.
 
Ugh, the other day I noticed one of my users machines had the pen crap enabled and I noted it for something to figure out how to purge at a later time. I guess I need to prioritize that now. It will be interesting to see if the file is there and how big it is. What a cluster. The fact that it's the roach motel for all text - if it ever exists on the machine and remains even if the source file(s) are deleted... wow, just wow.

To this who claim it's the same as the indexer, it's not. When source files are deleted the data related to them is purged out of the indexes. This thing grows forever.

How incredibly stupid.
 
I know you use hand writing recognition, do you have that file and can you open it in notepad or wordpad?

I have desktops with no touch input and a 2 in 1 notebook. Lets see.

Article says the path is C:\Users\%User%\AppData\Local\Microsoft\InputPersonalization\TextHarvester\WaitList.dat

Desktop - path doesn't even exist.

notebook - deliberately turned on pen input and did some quick browsing by wirting URLs. Path also doesn't exist.

checked appdata local, locallow, and roaming. Nada.

OK, I looked up some other articles about this, and looking at them I did some more beating up on pen input.

The path STILL isn't there, although a new file is under input personalization called textharvesterrestart.sav.

SO time to reboot and see wht is what.
 
Last edited:
Ugh, the other day I noticed one of my users machines had the pen crap enabled and I noted it for something to figure out how to purge at a later time. I guess I need to prioritize that now. It will be interesting to see if the file is there and how big it is. What a cluster. The fact that it's the roach motel for all text - if it ever exists on the machine and remains even if the source file(s) are deleted... wow, just wow.

To this who claim it's the same as the indexer, it's not. When source files are deleted the data related to them is purged out of the indexes. This thing grows forever.

How incredibly stupid.
If it was meant for me: I don't say it is the same as indexing, but the article says that the source is indexed data.
So, turning off indexing and deleting the file (if it even exists) and it shouldn't get created again.
 
I have desktops with no touch input and a 2 in 1 notebook. Lets see.

Article says the path is C:\Users\%User%\AppData\Local\Microsoft\InputPersonalization\TextHarvester\WaitList.dat

Desktop - path doesn't even exist.

notebook - deliberately turned on pen input and did some quick browsing by wirting URLs. Path also doesn't exist.

checked appdata local, locallow, and roaming. Nada.

OK, I looked up some other articles about this, and looking at them I did some more beating up on pen input.

The path STILL isn't there, although a new file is under input personalization called textharvesterrestart.sav.

SO time to reboot and see wht is what.


So more update to this for posterity. I went through the whole damn training of my handwriting thing. I wrote out some word docs full of uncommon words saved local. I did some test one not pages in the cloud. I turned on pretty much everything in ink. Windows search services are running. I rebooted multiple times and repeated some of the doc creation and web browsing. I did some picture to math stuff.

I basically sat here TRYING to get it to log something for over an hour, and got jack and shit. So either something was patched out between when the goober who is quoted in the article wrote his parsing tool in 2016 and today when a bunch of sites decided to stir the shit and create panic, or it was never as simple to get this stupid file to exist as suggested, or I do something else weird not obviously in the chain of ink behaving itself that prevents said file from existing.

That being said, if it did exist, who the hell is using pen input to enter passwords and such. I did that once in tablet mode just to try it with something inconsequential. Nothing like automated typos in a password field.
 
Don't know about anyone else, but I never enter a password or anything else sensitive using the pen on my SP4 for this very reason because I always assumed there was no security filter. How is Windows supposed to know if the field you're writing in should be secure or not unless you explicitly tell it?
 
If it was meant for me: I don't say it is the same as indexing, but the article says that the source is indexed data.
So, turning off indexing and deleting the file (if it even exists) and it shouldn't get created again.

It has zero to do with indexing. If the pen/tablet services are loaded, the file is there. I verified and it's on that one machine. I deleted it and it came back. So now off to follow up on some promising threads on spiceworks on using GPO to turn the crap off. Who knows what the user did to trigger it being loaded.
 
It has zero to do with indexing. If the pen/tablet services are loaded, the file is there. I verified and it's on that one machine. I deleted it and it came back. So now off to follow up on some promising threads on spiceworks on using GPO to turn the crap off. Who knows what the user did to trigger it being loaded.
"Once it is on, text from every document and email which is indexed by the Windows Search Indexer service is stored in WaitList.dat.”
 
Back
Top