Windows 10 just can’t stop talking to Microsoft

[Dino8]

Even when told not to, Windows 10 just can’t stop talking to Microsoft

Windows 10 uses the Internet a lot to support many of its features. The operating system also sports numerous knobs to twiddle that are supposed to disable most of these features and the potentially privacy-compromising connections that go with them.

Unfortunately for privacy advocates, these controls don't appear to be sufficient to completely prevent the operating system from going online and communicating with Microsoft's servers.

For example, even with Cortana and searching the Web from the Start menu disabled, opening Start and typing will send a request to www.bing.com to request a file called threshold.appcache which appears to contain some Cortana information, even though Cortana is disabled. The request for this file appears to contain a random machine ID that persists across reboots.

Some of the traffic is obviously harmless. On connecting to a new network, Windows machines try to request two URLs (www.msftncsi.com/ncsi.txt and ipv6.msftncsi.com/ncsi.txt, the former over IPv4, the latter over IPv6) to ascertain whether a given network is routed to the Internet and if there is a captive portal in the way (NCSI stands for "Network Connection Status Indicator"). These requests are very bare, with no machine IDs or other data sent. If you want to turn even these off there is a way to do so, but the privacy impact is minimal.

Some of the traffic looks harmless but feels like it shouldn't be happening. For example, even with no Live tiles pinned to Start (and hence no obvious need to poll for new tile data), Windows 10 seems to download new tile info from MSN's network from time to time, using unencrypted HTTP to do so. While again the requests contain no identifying information, it's not clear why they're occurring at all, given that they have no corresponding tile.

Other traffic looks a little more troublesome. Windows 10 will periodically send data to a Microsoft server named ssw.live.com. This server seems to be used for OneDrive and some other Microsoft services. Windows 10 seems to transmit information to the server even when OneDrive is disabled and logins are using a local account that isn't connected to a Microsoft Account. The exact nature of the information being sent isn't clear—it appears to be referencing telemetry settings—and again, it's not clear why any data is being sent at all. We disabled telemetry on our test machine using group policies.

And finally, some traffic seems quite impenetrable. We configured our test virtual machine to use an HTTP and HTTPS proxy (both as a user-level proxy and a system-wide proxy) so that we could more easily monitor its traffic, but Windows 10 seems to make requests to a content delivery network that bypass the proxy.

We've asked Microsoft if there is any way to disable this additional communication or information about what its purpose is. We were told "As part of delivering Windows 10 as a service, updates may be delivered to provide ongoing new features to Bing search, such as new visual layouts, styles and search code. No query or search usage data is sent to Microsoft, in accordance with the customer's chosen privacy settings. This also applies to searching offline for items such as apps, files and settings on the device." This is consistent with what we saw (there is no query or search data transmitted), but also likely to run counter to most people's expectations; if Web searching and Cortana are disabled, we suspect that the inference that most people would make is that searching the Start menu wouldn't hit the Internet at all. But it does. The traffic could be innocuous, but the inclusion of a machine ID gives it a suspicious appearance.

We've argued recently that operating systems will continue to make privacy-functionality trade-offs. For many users, perhaps even the majority, these trade-offs will be worthwhile; services such as Cortana (Siri, Google Now), cloud syncing of files, passwords, and settings, and many other modern operating system features are all valuable, and many will feel that the loss of privacy is an acceptable price to pay. But the flip side of this is that disabling these services for those who don't want to use them should really disable them. And it's not at all clear that Windows 10 is doing that right now.

[steven36]

on my end, it never calls out threshold.appcache. when off, it calls out to platform.bing.com ?

if you block it right, it dont matter what calls out though. its not getting thorough Microsoft uses https/SSL port 443 alot it can penetrate thourgh host blocks but it cant get by a good firewall. ;)

[banned]

This is all very amusing to watch as a Windows XP user.

Finally somebody with a brain decided to pull out a packet sniffer, instead of crying "aliens!"

By the way, Windows for a long time sent crash dumps to Microsoft as well. Numerous other things also, such as pull SSL certificate updates. So you better watch out if you're paranoid, hahaha

[OrbingStorm]

The more I hear about windows 10 the less I want to upgrade.I might stick with 8.1 because at least I feel like I can control it.

Is this the way for the future-we do as corporations tell us and like it too?

And honestly I cant seem to find anything better in windows 10 than I already have.

[DiamondK]

on my end, it never calls out threshold.appcache. when off, it calls out to platform.bing.com ?

if you block it right, it dont matter what calls out though. its not getting thorough Microsoft uses https/SSL port 443 alot it can penetrate thourgh host blocks but it cant get by a good firewall. ;)

Kindly inspire me what's the meaning of "if you block it right", please :wub:

[dcs18]

Kindly inspire me what's the meaning of "if you block it right", please :wub:

Check out post # 3303, as a Windows Firewall Control (WFC) example — carry forward the same principle onto the firewall of your choice. B)

[DiamondK]

Highly appreciated and I gonna do that step by step later during my annual leave,

will proceed that like a junior student who eager to learn new stuffs :wub:

p.s. Currently I'm using that Windows hosts methods inspired by that (forgot it) famous Russian expert :P

[dcs18]

p.s. Currently I'm using that Windows hosts methods inspired by that (forgot it) famous Russian expert :P

You mean the Russian who almost got branded a Moron — "Hey . . . . . . . that Moron nummerok, has included invalid entries in the hosts" (post # 33 WRT post # 30.) :tehe:

[DiamondK]

you meant that TYPO ?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

127.0.0.1 65.55.108.23

127.0.0.1 65.39.117.230

127.0.0.1 23.218.212.69

127.0.0.1 134.170.30.202

137.116.81.24 127.0.0.1

127.0.0.1 204.79.197.200

127.0.0.1 23.218.212.69

should changed to..

127.0.0.1 65.55.108.23

127.0.0.1 65.39.117.230

127.0.0.1 23.218.212.69

127.0.0.1 134.170.30.202

127.0.0.1 137.116.81.24

127.0.0.1 204.79.197.200

127.0.0.1 23.218.212.69

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

luckily I amended it all start with

0.0.0.0 before adding the hosts file

carefully check it one by one if there's any typo, finally found :lol:

p.s. never mind, human did make mistakes

if we can learnt from mistakes, then we are almost an expert, like U :P

[dcs18]

@ DiamondK

The hosts from Windows (any version — any Edition) does not have the capability of blocking IPs regardless of whether you prefix those IPs with 127.0.0.1 or even 0.0.0.0

[DiamondK]

I use Windows 10 build-in firewall, just too lazy to tweak that :lol:

Poor me after all those tweak and learnt from you ~~{ #11}, ANYWAY got nothing to hide,

come on M$.................. :ph34r:

p.s.

I found the wrong sources....

http://www.howtogeek.com/howto/27350/beginner-geek-how-to-edit-your-hosts-file/

[mkc21]

people need to chill, you've all been too much paranoid.

[steven36]

More News: : Is Microsoft snooping on your computer? Analysts claim Windows 10 sends identifiable information to tech giant EVEN when told not to

• Ars Technica claims Windows 10 sends identifiable data to Microsoft
• This happened when they activated privacy protection settings
• Information seemed to be transmitted when OneDrive was disabled too
• Privacy campaigners have called Windows 10 'bad news for privacy'

More than 14 million devices may be running Windows 10, but Microsoft is under fire for collecting users' information.

The tech giant angered privacy watchdogs with an updated privacy statement saying it can access private emails, address books and other files.

Now, a report suggests the system will even send identifiable information to Microsoft if a user activates the software's privacy protection settings and switches certain features off completely.

Microsoft, however, insists 'no query or search usage data is sent to Microsoft, in accordance with the customer's chosen privacy settings'.

Microsoft has previously said it does not collect data without users' consent, but work by Ars Technica could be interpreted as contradicting the statement.

The technology website's report seems to show that Windows 10 still contacts Microsoft even when certain internet-reliant features such as Bing and its Cortana personal assistant are are turned off.

While this is partly to test for an internet connection, OneDrive data seemed to be transmitted even when the feature is not active, said Ars Technica.

Data sent and requested from Microsoft to its OneDrive cloud storage service has a user ID attached,The Guardian reported.

The experts used a local login to Windows 10 rather than a Microsoft account and had every privacy protecting setting switched on.

'Windows 10 seems to transmit information to the server even when OneDrive is disabled,' Peter Bright writes.

'...The exact nature of the information being sent isn't clear - it appears to be referencing telemetry settings -and again, it's not clear why any data is being sent at all. '

He noted that while some of the traffic looks harmless, it probably shouldn't be happening.

For example, despite disabling live tiles on the system's home page, the researchers still found Windows 10 downloaded information from its MSN news service.

While the request had no identifiable information in it, it was not encrypted.

A Microsoft spokesman told MailOnline: 'As part of delivering Windows 10 as a service, updates may be delivered to provide ongoing new features to Bing search, such as new visual layouts, styles and search code.

'No query or search usage data is sent to Microsoft, in accordance with the customer's chosen privacy settings.

'This also applies to searching offline for items such as apps, files and settings on the device.'

However, the test is likely to add to privacy watchdogs' concerns that Windows 10 is 'bad news for privacy'.

The tech giant is also said to save Bing search queries and conversations with Cortana, as well as lists of which websites and apps users visit and the contents of private emails and files, as well as their handwriting.

The privacy statement said 'your typed and handwritten words are collected'.

The policy adds that Microsoft collects information about a user's speech and handwriting to 'help improve and personalise our ability to correctly recognise your input,' while information from their contacts book is used, such as names and calendar events 'to better recognise people and events when you dictate messages or documents'.

Cortana, for example, makes use of information about who a user calls on their phone, plus data from their emails and texts, calendar and contacts, as well as their web history and location.

Microsoft says that data is collected to provide users with a more personalised service and better character recognition, for example, but may also be used for targeted adverting, meaning it may share information with third parties.

There was outrage when Microsoft updated a privacy statement shortly after Windows 10 launched, saying it can collect users' information from private emails, address books and other files.

Within 45 pages of terms and conditions, the privacy information suggests Microsoft begins watching from when an account is created, saving customer's basic information, passwords and credit card details, Newsweek reported.

The company assigns each of its users a unique advertising ID so it does not reveal what they 'say in email, chat, video calls or voice mail, or your documents, photos or other personal files to target ads to you.'

But it has still come under fire from privacy campaigners. Online privacy pressure group, European Digital Rights (EDRi) told The Times that Microsoft's policy was 'not only bad news for privacy. Your free speech rights can also be violated on an ad hoc basis.'

Microsoft 'basically grants itself very broad rights to collect everything you do, say and write with on your devices in order to sell more targeted advertising or to sell your data to third parties.'

Kirsten Fiedler, EDRi's Managing Director told MailOnline: 'Unlike Microsoft's promise, the company's new 45 page-long terms of service are not straightforward at all.

'Online companies should finally start explaining their terms in an understandable manner so that we can make informed choices about the services we want to use. '

A spokesman for Microsoft said: 'Windows does not collect personal information without your consent.

'To effectively provide Windows as a service, Microsoft gathers some performance, diagnostic and usage information that helps keep Windows and apps running properly. 'Microsoft uses this information to identify problems and develop fixes.'

Read more at :

• www.newsweek.com...
• Even when told not to, Windows 10 just can’t stop talking to Microsoft | Ars Technica UK
• Windows 10 sends identifiable data to Microsoft despite privacy settings | Technology | The Guardian
• RockPaperShotgun

Source

Like I said in the latest windows update topic Microsoft is using the excuse to harvest data from you're computer because its buggy and a unfinished product All those beta testers were not enough now there using the whole world to try to fix what mistakes they have made and people are responding to it harshly .

I blocked Microsoft harvesting data in windows 8.1 as well .