Even With Telemetry Disabled, Windows 10 Talks To Dozens of Microsoft Servers

[Holmes]

I know about the customer experience improvement program and agree they need to modify it.  If you dont really know what there collecting then you dont know there collecting personal information in the first place like I said I dont mind them collecting non personal information to help improve there services I draw the line if there collecting personal information nobody knows if there collecting personal information or not is the problem and what makes it worse is if you dont opt into the customer experience improvement program and they continue to collect data regardless.  Like I said If you dont really know what there collecting then you dont know there collecting personal information in the first place like I said I dont mind them collecting non personal information to help improve there services I draw the line if there collecting personal information nobody knows if there collecting personal information or not is the problem.

[steven36]

19 minutes ago, vibranium said:

The specific edition of Windows 10 affects the scope of the telemetry.

In this edition Enterprise Microsoft  suppose  to had added and option to disable every bit of it .

Quote

Interestingly Belfiore himself won’t be around to oversee this as he is about to take a year long sabbatical. When he comes back, however, I suspect this issue will still be raging as Windows and Devices Group head Terry Myerson recently confirmed Windows 10 Enterprise users will be able to disable every single aspect of Microsoft data collection.

http://www.forbes.com/sites/gordonkelly/2015/11/02/microsoft-confirms-unstoppable-windows-10-tracking/#40345db32f4a

They still never added it. you can add it to the long list of things Microsoft never kept good on there word on .

 

But there was no hope for the conman  home user ever . Witch most free versions are.

Quote

The bad news: despite Belfiore’s pledge “to continue to listen”, Microsoft’s actions (including the impending Windows 7 and Windows 8 upgrade pressure) suggests the company’s recent love for Big Brother tactics is only going to get worse before it gets better…

 

[vibranium]

Just now, steven36 said:

In this edition Enterprise Microsoft  suppose  to had added and option to disable every bit of it .

They still never added it. you can add it to the long list of things Microsoft never kept good on there word on .

 

 

You mean the test was on the Enterprise edition? Now that's inexcusable.

[steven36]

The thing  is I look at like this  I'm  not going to voluntary let the people i bought my computer  from come in to my house  and plaint a bug to listen to everything I do . So why would I want Microsoft  to plant a bug in there software that record everything I do on my computer  that's in my house?  its none of Microsoft's business .. If you dont care about you're privacy and you voluntary let them its one thing but if you're being forced  it's another . But the only option you have is to block it .if you bother to install windows 10, witch there trying force on you by the way. Because you agreed to this data collecting  when you installed. it

[Holmes]

I standby my previous post with that said you bought a windows license to use windows ten you dont own the software you own the right to use the software and you agree with the tos terms of service when you install it in your house you made the decision to install software you knew before hand was going to collect data and you checked the box I agree.  No one is forcing you to install windows ten and accept the terms of service license agreement you agree to do that.  Like I said before use windows ten fine do it or dont use windows ten fine dont use it no one is forcing you to use windows ten.

[straycat19]

It is totally possible to stop windows 10 from communicating with anyone.  Just don't hook it up to a network or the internet.  Of course then it just becomes a useless piece of shit, but wait I repeat myself, I said that earlier when I said windows 10.

[Holmes]

It is possible to block the ip addresses being used to submit the information you have to go through one ip address at a time to make sure you dont block a legit ip address a legit IP address would be the ip address that belongs to microsoft's website in general that would take a long time.  I think someone should use a ip sniffer to grab the information being sent and decrypt it and look for possible personal information then we could end this whole mess that would take a long time to unfortunately.

[steven36]

Me myself  am glad  that windows 10 came out.. it made me see the light  after 15 years  of being under Microsoft's  grasp. it caused me to seek open source O/S(es). You people have fun with blocking Windows 10 .  I dont plain to upgrade my hardware tell I buy a new PC again  . So unless M$  pulls the plug on all older windows O/S updates I'm good tell 2023 with Windows 8.1. If they pulled the plug on updates, I would simply install a open source O/S on it. and i would have 2 pcs  with them instead of one 

[SURbit]

Here’s How Windows 10 ‘Spying’ Forced A User To Switch To Linux Mint On His Computer

 

Irritated by the telemetry and spying features in Windows 10, a Voat user decided to make the switch. After installing Linux Mint on his computer, he analyzed Windows 10 traffic and found that Microsoft’s latest OS continues to make calls to Redmond even with all telemetry options disabled.

 

 

Riding on the success of its free Windows 10 free offer, Microsoft has achieved the milestone of 200 million installations. However, Windows 10 remains a headache for privacy-concerned users despite its great features.

 

To counter attack the telemetry features in Windows 10, users have found ways to turn off all reporting to the servers at Microsoft data centers. But, Windows 10 just won’t stop talking! As a result, a worried user became so confused with Windows 10’s spying features that he moved to Linux Mint operating system. After making the move, Voat user CheesusCrust decided to test Windows 10’s privacy invasion and posted the results online.

 

“I wanted to better understand Windows 10, but internet search results for a decent windows 10 traffic analysis leave a lot to be desired. As such, I decided to do my own investigating on what, exactly, Windows 10 is doing traffic-wise, and post the results,” ChessusCrust writes. For carrying out this analysis, he decided to perform a clean install of Windows 10 and analyze the Windows 10 traffic without using it.

 

After installing Linux Mint and installing Windows 10 Enterprise on Virtualbox, he disabled all the tracking options. As the next step, he configured his DD-WRT router to drop and log all connection attempts via iptables by Windows 10 operating system.

 

In his Vote submission, ChessusCrust writes that he let the operating system run on its own for about 8 hours. After waking up, he used Perl to pull the data and pushed it into a MySQL database. The results were very surprising.

 

He reported about 5508 connection attempts from the unused and clean install of Windows 10 operating system. Out of those, 3967 connection attempts were made to 51 different Microsoft IP addresses.

 

While Microsoft was already facing flak over the privacy issues, these findings continue to suggest the disillusioned nature of Windows 10 operating system. In the past, Microsoft has justified the need of these connections by calling them necessary for your PC’s health. However, any satisfactory explanation is yet to come from Microsoft, which is busy pushing Windows 10 as a recommended update.

 

SOURCE

[flash48]

Perhaps we can get a hacker to modify the encryption keys that Microsoft is using.  This way Microsoft can steal whatever they want with no way of  decrypting the data which was transmitted.

[Karlston]

7 minutes ago, flash48 said:

Perhaps we can get a hacker to modify the encryption keys that Microsoft is using.  This way Microsoft can steal whatever they want with no way of  decrypting the data which was transmitted.

 

And knowing their great attention to detail, their servers will crash with a cryptic 16 hex character message or maybe their latest brilliant idea, a "Something happened" dialogue box will pop up.

 

 

[DKT27]

Threads merged.

[SPECTRUM]

people are too paranoid with telemetry of Windows 10.

[VileTouch]

2 hours ago, SURbit said:

I decided to do my own investigating on what, exactly, Windows 10 is doing traffic-wise, and post the results

...and where is it?

[Holmes]

Just because users decide to use windows ten doesnt mean they arent seeing the light.  I have to agree karlston those messages are completely retarded i mean how dumb do you have to be to make a error message with such a vague message something happened two year olds are coding windows ten.

[jbleck]

MS tries to look:

https://vimeo.com/ 9880377

[SURbit]

10 minutes ago, VileTouch said:

...and where is it?

 

I know sometimes meanings gets lost but, I did leave in the "LINKS' , it was not I who did the investigating - just the posting of this article.

Quote

Voat user CheesusCrust   - is a link to the information

 

hope this helps you, if not here is another one Windows 10 telemetry network traffic analysis, part 1

as he has put two on this page with the second stating this

 

Quote

I plan on letting this setup run as is for awhile longer (hours? days? weeks?) to get a more complete snapshop of connection attempts before I move on to further analysis of Windows 10.

 

I suspect this is where part 2 comes in, thanks for your question 

[VileTouch]

4 minutes ago, SURbit said:

 

I know sometimes meanings gets lost but, I did leave in the "LINKS' , it was not I who did the investigating - just the posting of this article.

 

hope this helps you, if not here is another one Windows 10 telemetry network traffic analysis, part 1

as he has put two on this page with the second stating this

 

 

I suspect this is where part 2 comes in, thanks for your question 

thank you very much. that's exactly what i was looking for... more objective than the article.

"w10 calls home"... well so what? we have the power to block the things we don't like (this is nothing new, we all use [...or at least should be using] an ad/malware blocker). but just whining about it doesn't help.

yes it's odd that we now have to do it at the operating system level, but tbh, the benefits of using w10 outweight the bullshit they are pulling atm.

[DKT27]

Again, threads merged.

 

All you guys are posting the same thing.

[Actarusse]

 

[steven36]

4 hours ago, Karlston said:

 

And knowing their great attention to detail, their servers will crash with a cryptic 16 hex character message or maybe their latest brilliant idea, a "Something happened" dialogue box will pop up.

 

Be careful if you dont  want windows 10  tomorrow . I got word in the real world  some  ITs  have been running around places all day turning off auto updates on windows 7 they heard they was going force upgrade  tomorrow . Hopefully GWX Control Panel will keep working for those that have auto updates on and have it installed. 

[edwardecl]

8 hours ago, steven36 said:

If there is it would be another reason  for me to never use windows 10.again If people can hack there servers like this.

 

 

That's  the problem  the data is encrypted  so you dont know really what there collecting so you're trusting people you dont know with you're personal info   . If they were not collecting  all this data they would be no need for encryption. CEIP suppose had been a voluntary  program it started in Windows Vista and it was opt out for all O/S up to windows 8.1 . In Windows 10 you can opt  out of some things  that were never in other O/S to began with  . But CEIP and Error reporting is now mandatory . And you need FW and tools to block it.

I don't mean hack their servers, I mean modify something in windows to make up fake data that Microsoft collects and send fake data instead what it would normally collect and force the program to repeatedly do it (no idea if the Microsoft server requests data or if Windows initiates the connection).

I'd rather send fake stuff then nothing, because if enough people did stuff like that it would make their whole data collection process worthless because they would not be able to trust the source.

[steven36]

32 minutes ago, edwardecl said:

I don't mean hack their servers, I mean modify something in windows to make up fake data that Microsoft collects and send fake data instead what it would normally collect and force the program to repeatedly do it (no idea if the Microsoft server requests data or if Windows initiates the connection).

I'd rather send fake stuff then nothing, because if enough people did stuff like that it would make their whole data collection process worthless because they would not be able to trust the source.

What need is there to do all this?  just install Windows 10 FWC   and start blocking everything  they call out. I had no trouble blocking windows 10 . The reason i don't use it was because  setting it  up the way i can stand it was very time consuming  after I'm done with ripping and blocking the cloud part of it out .  its almost like any other O/S. Then when they do a major upgrade they install all the crap back. Its pointless  i can done installed and set up windows 8.1 and Linux mint 15 times .

 

After i setup Windows 8.1 once I dont have worry with  it getting a major  upgrade . I want have to redo it unless something goes bad wrong ..tell 2023 or my hardware goes witch ever comes 1st 

[steven36]

 

Quote

 

Windows 10 telemetry network traffic analysis, 30-hour update

 

his is an update to my post yesterday: https://voat.co/v/technology/comments/835741

Here are the final results of the aforementioned Windows 10 Enterprise installation idling for 30 hours:

• Windows 10 Enterprise summary network traffic analysis, including 192.168.1.0/24
• Windows 10 Enterprise extended network traffic analysis, excluding 192.168.1.0/24

In 30 hours of idling on the default installation, there are a total of 113 non-private network ip addresses that this installation of Windows 10 Enterprise wants to connect to.

Requests for anti-telemetry app/operating system testing: There have been several requests for different tests of various anti-telemetry apps, system configurations, and different operating systems. I would like to test these ideas out, and indeed I will do some testing, but I do not have the resources to test everything. If you have a specific request of testing that I can setup and walk away from until its time to compile the traffic data, let me know, and I'll consider it.

Firewall considerations: Many have taken the idea to incorporate these results into their own firewalls. Keep in mind that these results are ALL traffic from this test, including innocent connection attempts to the private network 192.168.1.0/24 as well as innocent connection requests to NTP. If you were to outright ban all the resulting traffic, you might lose some necessary functionality that you did not anticipate.

Keep in mind that this is simply a hobby of curiosity of mine, and the results are the unscientific results of a hobbyist. If it's useful to you, I'm glad to have helped.

 

https://voat.co/v/technology/comments/837781

 

Quote

 

Windows 10 network traffic activity update, Disablewintracking review

 

In continuation of my previous posts on where Windows 10 Enterprise sending data here and here, I have performed a 30-hour analysis of anti-telemetry application Disablewintracking v2.5.1.

To recap, I have have had Windows 10 Enterprise idling on Virtualbox on top of Linux Mint since Feb 02 22:00. The current data is found here: simple, http://pastebin.com/raw/HeZf9yQd expanded, http://pastebin.com/raw/nDt75bFs

Since the last post, I have chosen to evaluate the anti-telemetry/tracking application Disablewintracking over the prior 30 hours in which the network traffic summary can be found here, http://pastebin.com/raw/6b2yFnR0. To install and configure Disablewintracking, I ran it as Adminstrator, choose to uninstall all built-in apps listedPNG, disabled all available services listedPNG, with the domains and extra domains remained to be blocked under Menu->Options (default setting)PNG. This window is slightly confusing to me and I am assuming that this list by default is blocking all these domains.

When comparing idle-usage network activity after installing Diablewintracking for 30 hours with the first 30-hour test at http://pastebin.com/raw/8t7tZJU7, you can see:

• connection attempts dropped from 5508 to 2758
• total distinct ip addresses dropped from 95 to 30

In this configuration, Disablewintracking greatly reduces overall Windows 10 idle-usage network activity, but does not eliminate it. The question we are left is: does the remaining network activity include what we consider "spying" activity? If not, then Disablewintracking is a viable tool for curtailing telemetry features of Windows 10. If yes, then Disablewintracking at best only hinders telemetry. Now, If I was allowed to manually enter the distinct routes I have logged into the Menu->Option feature, I would consider Disablewintracking a solid tool for usage. I encourage the author to include this feature, and hope my testing provides for improvements that benefits everyone who uses it. I am also willing to accept that I have not actually configured Disablewintracking correctly either, and should I be in error, I will correct my configuration and retest.

 

Very interesting to note is that this software utilizes a commonly google-searched list of domains that supposedly blocks telemetry activity. Now, the list may be old and outdated. Likewise, its possible that many or all domains on this list are found in my route blocking suggestion below. But it certainly appears that that list is not all-encompassing.

 

Finally, a note considering firewall rulesets: If you choose to incorporate any of this data into your firewall, I recommend blocking the outbound connections to the entire route instead of specific IP address, this is because Windows 10 appears to bounce back and forth some IP addresses that are one off from each other after rebooting. For example, Windows 10 is sending continuous data to 94.245.121.253 port 3544 UDP. On reboot, it starts sending it to 94.245.121.251 instead. Likewise, x.252 and x.254 are also destinations. By blocking the corresponding route 94.245.64.0/18, you block all possible destinations for this activity. Very interesting to note is this software uses the readily available list of domains one can find on google, yet this list does not seem to be all inclusive. Maybe the ist is simply outdated.

 

Here is my personal list of recommended routes to block via a firewall to block all Windows 10 Enterprise idle-usage network activity: http://pastebin.com/raw/EQzdQc6e. Future testing may increase/decrease the routes on this list. You may want to explicitly allow the NTP connections before blocking everything on the list, or simply choose a different NTP server.

 

 

https://voat.co/v/technology/comments/837781

 

[J.J. Cool]

On 8February, 2016 at 7:55 PM, Holmes said:

It is possible to block the ip addresses being used to submit the information you have to go through one ip address at a time to make sure you dont block a legit ip address a legit IP address would be the ip address that belongs to microsoft's website in general that would take a long time.  I think someone should use a ip sniffer to grab the information being sent and decrypt it and look for possible personal information then we could end this whole mess that would take a long time to unfortunately.

 

My two cents worth:

 

http://www.flashq.de/win10-stop-updates.html

 

Hope this helps.