Microsoft Edge and OneDrive Syncing Without Warning or Consent

When Google Chrome introduced Sync in 2012, many users saw this as a helpful feature since they could now have their documents available on all their devices at the same time. Soon after, more browsers, including Firefox, Edge, Opera, followed, introducing browser syncing to their users as well.

However, before you give your browser and computer permission to sync with other devices, we have two cautionary tales, especially if you’re a Windows user.

Edge Shares Your Personal Data After Users Enabling Sync by Default

While Google Chrome keeps a dominant position, with 77.03% of market share among browser services, Microsoft’s Edge has a respectable 5.83% market share, according to Kinsta.

What Edge users didn’t sign up for, however, is having their Internet browser share their data when they enabled Sync by default.

According to a blog post by cyber security researcher Bruce Schneier, this is exactly what’s going on.

In the post, Schneier writes:

I received email from two people who told me that Microsoft Edge enabled syncing without warning or consent, which means that Microsoft sucked up all of their bookmarks. Of course they can turn syncing off, but it’s too late.

To make matters worse, it looks like Microsoft is really pushing synchronization and Edge has a force data syncronization policy, which:

Forces data synchronisation in Microsoft Edge. This policy also prevents the user from turning sync off. If you don’t configure this policy, users will be able to turn sync on or off. If you enabled this policy, users will not be able to turn sync off.

You can also see the Administrative Templates for computers and users on the left-side pane there.

You can see the policy settings in the following table:

Where,

0 = Do not automatically start sync and show the sync consent (default).

1 = Force sync to be turned on for Azure AD/Azure AD-Degraded user profile and do not show the sync consent prompt.

Also, if you have a Microsoft account and are using Windows 11, MS has updated it to ignore other browsers than Edge for some links.

Speaking about this a spokesperson for Microsoft said:

Windows openly enables applications and services on its platform, including various web browsers. At the same time, Windows also offers certain end-to-end customer experiences in both Windows 10 and Windows 11, the search experience from the taskbar is one such example of an end-to-end experience that is not designed to be redirected. When we become aware of improper redirection, we issue a fix.

OneDrive Delete Files and Causes Other Sync Issues for Users

Edge browser isn’t the only Microsoft product acting weird when you enable sync by default, however, as users report having problems with its cloud service, OneDrive as well.

One user on Reddit, for example, reported that OneDrive deleted most of his Documents folder, mostly files, but not folders and causing other issues.

According to the user, OneDrive decided to start syncing his Documents and Desktop folders without his knowledge or prior permission.

When the user wanted to stop syncing, OneDrive warned him that he would lose all his data so he eventually resorted to uninstalling OneDrive. Thankfully, he had a backup of the Documents folder ready.

OneDrive Group Policy Objects (GPO) to Control Sync Settings

OneDrive administrators can control sync settings via either Group Policy or Administrative Templates.

Windows 10 Administrative Templates can be downloaded here.

To manage OneDrive with Group Policy, users need to:

  1. Install the OneDrive sync app for Windows. This downloads the .adml and .admx files;
  2. Go to C:\Program Files (x86)\Microsoft OneDrive\BuildNumber\adm (for per-device sync app) or %localappdata%\Microsoft\OneDrive\BuildNumber\adm (you can find the “BuildNumber” in the About tab in sync settings);
  3. Go to the subfolder for your language. For example, de (German), or es (Spanish);
  4. Copy .adml and .admx files;
  5. Paste the .admx file from the domain Central Store and the .adml from the language subfolder (like fr).
  6. Run the Remote Server Administration Tools on your Windows computer or from the domain controller to configure settings;
  7. Link GPOs to an Active Directory container (which can be a website, domain or org. unit);
  8. Finally, as the settings are applied to all users and computer objects in the container, to which it’s linked, you can filter the settings.

What are the Risks of Sync User?

Syncing can be an extremely useful feature, but it can also be dangerous if left enabled without thought.

You Could be Sharing Your Personal Data with Strangers

First, what kind of data are you syncing? Sync data can include bookmarks, browser history, cookies, passwords and other types of data that you shouldn’t share with anyone.

And yet, here you are, syncing all this data across multiple devices and increasing the risk that your personal data gets into the wrong hands.

Your Synced Data isn’t Just Shared Between Two Devices

If you thought that your data is synced between two devices and that’s it, you’re wrong unfortunately.

Instead, when synced, data is also shared in the cloud and that means it’s under the control of the vendor.

The good news is that most browser services do a good job at keeping your data secure and encrypts it before it is stored in the cloud, but as you saw with the OneDrive example, this is still something that you need to be careful with.

You Could be Spreading Malware

The third danger of syncing is rate, but it’s still something that you should keep in mind when giving permissions to your devices.

Namely, you could be spreading malware when you sync infected files and folders from one device to another.

Fortunately, Google and Apple do a pretty good job at removing bad extensions from their respective stores, but you should still be careful.

How to Setup Syncing on Major Browsers

Data syncing is available on Google Chrome, Microsoft Edge, Firefox and Opera browsers.

Here’s how to set up sync on each of the four browsers:

Google Chrome:

  1. Open Chrome on your computer;
  2. Click your profile picture at the top right;
  3. Sign in to your Google Account if you’re not already;
  4. Click Turn Sync on.

Microsoft Edge:

  1. Select your profile image;
  2. Sign in to your account;
  3. Click Manage profile settings > Sync > Turn on Sync.

Firefox:

  1. At the top-right of your Firefox browser open the menu;
  2. Select Sign in to Sync;
  3. Click Get Started;
  4. Enter your email address and password to create your Firefox account;
  5. Click Next to get a verification email.

Opera:

  1. Create your Opera account;
  2. Log in to it on your devices;
  3. Data will sync automatically until you log out. To resume syncing simply log back into your computer or Android device.

Conclusion

Having all the folders available on all devices you own at all times is a great thing and most users can benefit from using a feature like syncing.

However, as you saw in the two examples here, this is not always the best idea. Always try to make an informed decision whether you should sync data or not to keep your files and folders safe. Fortunately, it’s mostly easy to turn this feature off in the settings of your browser.

Did you have or do you know any users that have had problems like losing their Office files when they enabled sync by default?