Do you have a touch-based Windows PC? If you have used the ‘Handwriting Recognition’[1] feature, text you entered through any method (keyboard or handwriting) may have been harvested and sent to Microsoft, according to ZDNet [2].
According to digital forensics and incident response expert Barnaby Skeggs, when this ‘Handwriting Recognition’ feature is turned on, a file named ‘WaitList.dat’ is generated. This file indexes and records any text output by the ‘Handwriting Recognition’ feature into the file.
In the interview between ZDNet and Skeggs, it was revealed that the “population of WaitList.dat commences after you begin using handwriting gestures” on touch-enabled Windows devices.
Furthermore, Skeggs revealed that “[once] it is on, text from every document and email which is indexed by the Windows Search Indexer service is stored in WaitList.dat. Not just the files interacted via the touchscreen writing feature.”
“The user doesn’t even have to open the file/email, so long as there is a copy of the file on disk, and the file’s format is supported by the Microsoft Search Indexer service. On my PC, and in my many test cases, WaitList.dat contained a text extract of every document or email file on the system, even if the source file had since been deleted,”
-Barnaby Skeggs, digital forensics and incident response expert.
As a result, if a user unknowingly uses the ‘Handwriting Feature’, they open up all the formatted text in their files to be indexed and harvested by ‘WaitList.dat’.
ZDNet does state that the existence of this file is part of the intended functionality of Windows, and it should not compromise a user’s security, unless a hacker obtains unauthorized access to the contents of the ‘WaitList.dat’ file.
Do You Have Waitlist.dat on Your Computer?
Check the following folder on your Windows computer to see if you can see ‘Waitlist.dat’:
“C:\Users\%User%\AppData\Local\Microsoft\InputPersonalization\TextHarvester\WaitList.dat”
What do You Think?
- What do you think about the existence of ‘WaitList.dat’? Did you know about this file’s existence and purpose before?
- Do you think it is appropriate for a company to use your data to improve their software?
- Do you think it is appropriate to make users agree to transmit data as a component of the terms and services in order to gain access to a service?
- Does your opinion change if the service is offered for free or for a fee?
Disclaimer: The views and opinions expressed in this article are those of the author and do not constitute legal or financial advice.
Always do your own research to make informed decisions.
Image Attribution
Hand using stylus pen for touching the digital tablet screen – by Kaboompics.com on Pixabay (Used under CC0)
Sources / Articles You May Find Interesting
- This Windows file may be secretly hoarding your passwords and emails – ZDNet
- Touch Screen Lexicon Forensics – Forensic Focus
- Deleted User folder reappears with TextHarvester.dat Microsoft File – Microsoft TechNet Forums
- Waitlist.dat – Microsoft Answers
- How to active Handwriting Recognition in Windows Vista SP2 – Microsoft Answers
People said…