Turns oout, in addition to including a remote killswitch, keylogging and browser-history-stealing features you can’t easily disable, and a lying-ass “privacy mode,” it also sends your encryption keys to Microsoft.

More at The Intercept.

This is very, very bad.