> Windows 10 PC’s phone home even after privacy hardening
http://www.ghacks.net/2016/02/08/windows-10-phones-home-even-after-privacy-hardening/
> Windows 10 telemetry network traffic analysis
A user on Voat analyzed the network traffic of Microsoft's Windows 10 operating system using a DD-WRT router and a Linux Mint laptop with remote logging and Windows 10 Enterprise installed on Virtualbox recently.
He turned off all privacy-related features during custom installation, and let the computer sit idle for eight hours straight afterwards logging network traffic.
In the eight hours Windows 10 made 5508 connection attempts.
> Here is the roughly 8-hour network traffic analysis of 5508 connection attempts of an unused, base install of Windows 10 Enterprise
>but hurr durr you can install leltsb edition and disable botnet with third party 'apps' and use hosts
Yeah, right, what else? Indians can use the loo?
Not only that, but in Windows 10 hosts file can be bypassed (Edge browser does that if you try to block bing.com).
Works fine for me f
>>52862449
Ofcourse, MS has your data, so it works as intended. I did not mention it not working anywhere.
>>52862437
This point has been demonstrated many times before. Winshills will defend it because they are either completely stupid or paid off.
If actually changing the privacy settings mattered I feel this would be less of a problem. But no, microsoft doesn't even have the decency for that.
First IP 94.245.121.253 is from UK. So not only NSA has your data. Literal cuck
Assuming that m$ has a 100% copy of your hdd.
Has any sort of harm ever come on a person in the history of mankind just by this alone?
>Block all connections
>list connection attempts
you guys are retarded, right?
the only test that makes sense is install it, set it up, log all the networking while passing through every request, because only that way you actually get the proper number of requests made by the os
But what if you just don't care about that? Seriously my browsing habits have changed nothing in the past 10 years. I'm still able to do the same thing I did back in 05 only now there is more shit to browse and linux distros have become more stable and simplier to use
Only degenerates have something to fear
>>52862437
Wait, there's more!
>He analyzed the network traffic again after 30 hours, and posted his finding on Pastebin (http://pastebin.com/raw/2V2Uz3uW) as a dump this time.
>After 30 hours of use, Windows 10 attempted to connect to 113 non-private IP addresses.
>He then decided to run a privacy tool for Windows 10, DisableWinTracking, and monitor network traffic again for a period of time to see how it affects the connections made during that time.
>DisableWinTracking is not the most complete privacy tool for Windows 10, but it enables you to make several changes related to privacy to the system including disabling telemetry, services, blocking domains and IP addresses, and uninstalling applications.
>After running the tool, he monitored the network traffic for another 30-hour period and noticed a drop in connection attempts (from 5508 to 2758) and a drop in unique IP addresses the operating system tried to connect to (from 95 to 30).
>It is likely that tools that programs that offer more options than DisableWinTracking reduce the numbers further.
>The takeaway from the test -- which requires verification -- is that Windows 10 will connect to remote sites regularly even if the operating system has been configured for privacy and the computer is idle.
>It is unclear why Windows 10 makes that many connections even when idle.
>Windows 10 users who don't want any of those connections to be made can use the researcher's recommended list of IP ranges to block in a firewall / router. Please note that doing so may impact functionality such as update checking and downloading as well.
>>52862437
apparently the guy fucked up the test
he block all the servers, so windows keeps on trying to retry with the next server on the list
>>52862661
So don't block all the servers, just some, and allow the same level of spying. Great advice, Panjeet :^)
>>52862437
>Using windows 10
No, OP. Only newfags that spilt off /v/ use Spyware10 here.
>>52862437
>Not only that, but in Windows 10 hosts file can be bypassed (Edge browser does that if you try to block bing.com).
Just so you know, all Windows since XP do this. However, I've said before about this, it's not nefarious in the same sense that the rest of the tracking bullshit is. You can check for yourself in dnsapi.dll with a hex editor that the addresses are for windows update servers and microsoft's site. It's to prevent poisoning and redirection. I'm not 100% sure if Windows 10 expanded the whitelisted domains though.
But yeah, we've known for a while now that Windows 10 phones home despite being told not to, what's new? What I think the guy who did the test should have done though was to use a clean install of an unfucked version of 7 to compare an OS that is known not to actively spy on you
>inb4 NSA/CIA backdoors, not the same as active constant spying
to how much 10 does. Then the study would be a bit more credible. What I want to know without a shadow of a doubt is WHAT 10 is sending on those connections. Just textual data? Screencaps of your desktop? I've heard the latter before but I've yet to see any kind of concrete evidence of that. I'd believe it though.
Update to include bitcoin miner for M$ when?
>>52862701
if he didn't block it, it would be probably a few hundred bytes per hour.
no different to win 7
>>52862437
Most big windows versions now have big problems, win 8 had that terrible metro interface that had to be fixed with external apps.
Win 10 has these privacy issues that have to be fixed with external apps.
So whats the difference from the past? The "big horrible thing" happened to change from interface thing, to privacy things.
Use tiny wall, use the anti telemetry programs and it should be fine, should it not?
>>52863158
>Use tiny wall, use the anti telemetry programs and it should be fine, should it not?
>>52863158
>Use tiny wall
Just a wrapper for WIndows Firewall. Trusting windows firewall (software firewall at that) to filter out M$ telemetry servers is just dumb.
>use the anti telemetry programs
>implying they work 100%
>comparing privacy concerns to shit UI
>>52863158
There's a difference between "it has a terrible UI" and "it constantly spies on you". The OS is fundamentally hostile, who knows what other shit they've hidden in there?
>>52863213
>>52863196
>>52863169
Well what else can be done? An external firewall to your box and pre-approving new ip's? Is that even feasible?
Who cares
Hope in humanity: lost.
>>52863230
>Well what else can be done?
W7 can be done.
>>52863230
>An external firewall to your box and pre-approving new ip's? Is that even feasible?
Yeah, anyone with ddwrt/tomato etc can use privoxy/dnsmasq to achieve that
personally i think i might dual boot and freeze the HDD win10 is installed on (if it ever comes to that)
>>52863244
>le dangling of dx12 "get over here goym, look at this shiny thing"
>>52863248
>and freeze the HDD win10 is installed on
Is there any way to make the system drive for Windows 10 readonly or temp write only without doing VM fuckery?
>>52862818
>What I want to know without a shadow of a doubt is WHAT 10 is sending on those connections.
Question, how do you expect that to be answered? Scenario:
1. It's encrypted.
"Well since I have no way to know for sure, then it doesn't prove anything."
2. It's not encrypted.
What are the fucking odds of this?
>>52863273
i think there are some programs like deepfreeze, desu i havent actually tried/test but i am thinking about ways where i will have to address this in the future
i might just offload my general computing to a nuc or ramdisk it up, either way its going to be a lot of work and the earlier i isolate the OS from everything, the better
>>52863248
I just wonder what the ultimate solution could be to fix this problem. I wonder if we are going to be forced to buy a program for that since the problem requires so many man hours and effort to fix, while MS may make new vectors of attack daily.
An external firewall is not that expensive, nor that hard to use.
But we really need somekind of commercial, fool proof way to fix win 10.
>>52863324
Depends, there's probably some money to be made selling a Win 10 telemetry blocker ... probably.
Literally snake oil, who knows, but it's pointless, afaik the battle is already lost(people just don't seem to care) as windows would maybe pack the patches in everyday programs ala dx9 libraries with games.
>>52863358
>windows would maybe pack the patches in everyday programs ala dx9 libraries with games.
lel
Microsoft Trojan Updater.
>>52862437
Privacy data != Telemetry data.
Holy shit op you're one special kind of retard.
>>52863358
Whats so hard about it? All you need to do is to find out the "normal" connections of windows, like the timesync connecting and ugh... actually nothing else?
and block out every other IP/domain that it tries to connect to? Have a bunch of different windows computers running in some lab, automate whatever things they want to connect to and add it to some giant blocklist that you distribute to your program?
>>52863395
Any data that are transmitted without users' consent = botnet data
>>52863324
Ultimate solution is stop using Windows, MS can just route traffic to any server IP that is potentially theirs
>>52863462
I would stop using it if there was actually a good alternative for vidya. Perhaps if valve stopped being such cucks and made a good leenux thing for vidya I would switch over. But right now the only option I have is damage control, for many people thats the only option actually.
>>52863476
You are dumb.
>>52862437
FRIENDLY REMINDER THAT WINDOWS IS MALWARE
https://www.gnu.org/proprietary/malware-microsoft.en.html
>>52862437
Show me the results after using Spybot anti Beacon, disablewintracking, and having Peerblock enabled with Microsoft servers blocked. Cause that's what I have and I feel 100% tracking free unless proven otherwise.
Just get W7 really.
When I built my pc as soon as I finished installing windows I downloaded blockwindows and some other thing I forget what it's called but it's similar.
It runs like new every day
I've never even updated it once
>>52863476
Pci-e passthrough fairly easy to setup and use
>>52863656
I hope you are ready
I don't give a shit. Still more functional OS for my needs than GNU/Linux.
Windows 7 with updates uninstalled and disabled. This is from this morning's boot. After boot it's basically silent with no other connection attempts to Microsoft Corp made.
>>52863938
Also:
http://pastebin.com/3Git8BBs
>>52863750
That's what the "I've never even updated it once" part is for, dummy.
>>52863955
MSSEssentials enable windows updates automatically
>>52863981
Never heard of such thing before or seen it happen.
no wonder the win10 upgrade now force installs on win7 when updates enabled
fucking kek, i mean fuck
>>52863938
>>52863566
One program, easy setup to block all M$ tracking?
>>52863566
>using Spybot anti Beacon, disablewintracking, and having Peerblock enabled with Microsoft servers blocked because he doesn't want to be spied on
C U C K
U
C
K
>>52863422
Now imagine doing that for more than one PC.
>and block out every other IP/domain that it tries to connect to?
>"normal" connections of windows
Win10 has a torrent like method of obtaining patches over LAN.
Also how do you figure out what's a normal connection? A lot of the traffic is encrypted, and a lot of the processes are "hidden" in svchosts.
And no matter how hard you block stuff, if MS pulls something like GFWL then what do you do?
>not play video games
>>52863253
Did exact same thing with vista and we all know how that went.
>>52864277
>Win10 has a torrent like method of obtaining patches over LAN.
>Microsoft is stealing pirates' methods of bypassing censorship to bypass users' censorship of patches
>>52863196
They haven't gone as far as circumventing Windows Firewall yet, thankfully. That said there's no guarantee they won't do so in the future.
>>52864396
> Windows Firewall
muahahahaha
$35 netgear + openwrt
IS IT TOO HARD?!
WHY LET W10 CONNECT DIRECTLY!?
>>52864718
can openwrt do application-level filtering?
>>52863938
I have these blocked and never saw any W10-related garbage.
>>52863949
>http://pastebin.com/3Git8BBs
Whoa, what do I do with this?
Easiest way to sandbox Windows so it can't spy on everything you do, is to install it inside a virtual machine. You open it when you need a program for Windows and you close it when it's no longer needed. Do all your other stuff in Linux, especially browsing which usually has all your passwords and credit card numbers and such easily compromised. You don't want to write those inside Windows.
>>52865669
It's reached the point where sandboxing doesn't even help.
They don't just gather what you use, how you use it matters too.
So the OS has to be somehow abstracted from what you want to work on(if you deem it important enough to conceal).
Short of completely cutting off it's connection to the internet, it seems very painful to do in the long run.
idk
>>52864744
>application-level filtering
you put too much trust in your applications, desu.
>>52863425
Read the EULA you agreed on when you install windows 10 m8
>>52862701
>using the smiley with a carat nose
This is a battle. Enlightened ones, spread the word to your friends and family. Shame them away from the horrors of W10. Corrupt their installs, if you have to. Eradicate and Destroy.
just block the urls in the route nigga like i can even do it in my shitty tplink router and i dont have dd wrt installed
>>52866146
EULAs are non-binding, at least in the EU.
>>52866347
That's why yuropoors have N editions and shit.
Still, there isn't any personal information sent on telemetry data that you agreed to sent when you install it.
>>52864156
>>52864213
None? Sweet. I'm glad to be safe.
Windows 10 is a gaming OS. It's the OS version of an XBox. Nobody should expect any kind of privacy when they use it.
>>52866365
You seem so sure that you must have some kind of proof, right? You're not just saying things and hoping they are true?
>>52865737
Couldn't you just setup a web proxy and blacklist all other non-lan traffic? Then selectively whitelist non-web stuff you need to use e.g. steam.
ok it proved that windows sends data but there's no discovery about WHAT it sends
>msnbot
I wonder how it gets the data for its apps, especially it's live times that give you news, market & weather updates, how mail clients regularly check for emails, how automatic update checking works?
It can't possibly be those things, I'd have no reason to go after Wincucks.
>>52862511
>>52862525
>>52863395
>>52866525
Dat backpedalling
>>52866552
no I just want to know what the fuck it is sending and I'm disappointed the "study" didn't even get half close to finding out what it is
>>52866525
>no discovery about WHAT it sends
Which is worryingly enough. M$ refuses to disclose it too. If they collected only telemetry what would be the reason for M$ to keep this detail private?
>he posted this thread AGAIN
>absolutely nothing to go off of but connection attempts
>not even a baseline by leaving the options turned on
you people are fucking tools
>>52866589
They send the data encrypted dumbass we don't know what it's sending
>>52866663
if it's encrypted, then what exactly is the issue?
>>52866692
the issue is that we don't know what it is. We need 100% disclosure.
>>52866692
They act like if the shit was open source they would be able to audit the code and put their mind at ease. But in reality, they would let someone else audit it for them and if they heard what they want to hear, they would agree with it.
People here think that if windows went open source they would be able to find the backdoors and stupid shit they claim exists, when in reality if people couldn't even find the glaring bugs in the linux kernel for fucking DECADES, how the fuck do you think you will find anything in the windows kernel?
No one here has the ability to truly audit something so complicated anyways, they just wait for someone to tell them what to think.
>>52866692
>if it's encrypted, then what exactly is the issue?
there's something in the water that you're drinking.
and if that isn't the source of your problem, then your parents breed retards.
>>52866721
>We need 100% disclosure.
read the privacy statement and the EULA. they tell you exactly what data they collect
>>52866692
...Because Microsoft has the key to decrypt it retard
>>52866727
>there's something in the water that you're drinking.
>>52863196
Man I really should rewatch cg
>>52866737
and what's the problem with that? please elaborate
>>52866789
Stop this baitfest
>>52862626
Sounds to me like normal phoning home to validate if the product is genuine. Even enterprise versions of windows do this from win 8.
>>52866736
And that is only through certain 'app store' bullshit programs or whatever they are called, and lots of it like the writing stuff is for shit like tablets. Pretty much all of that is standard shit anyways for something that would set calendar dates for you and shit you fucking mongol.
That shit has NOTHING to do with telemetry, which is what cannot be 100% disabled and is what images like OP represent
Why haven't anyone tried to find out what exactly MS gathers and sends? Any smart person with a debugger should be able to reverse engineer that.
>>52863938
You installed the recommended KB that enables win10 telemetry on windows 7 and windows 8.
>>52867134
I'm talking about an audit.
>>52863158
>Use tiny wall, use the anti telemetry programs and it should be fine, should it not?
Anything on software level is pointless.
>An external firewall to your box and pre-approving new ip's? Is that even feasible?
Whitelisting should do the trick.
>>52862517
>>52862661
Apparently /g/ is full of /v/ and reddit-tier retards.
>>52867278
>post facts
>get called Pajeet or Reddit
where do you people come from?
>>52867317
he comes from voat (where the article was posted, a practical clone of reddit for those not in the know) trying to defend the shitty methodology of the test
>>52862437
Does this apply to Enterprise version? I have literally telemetry deleted at this point..
What is The Most Complete privacy tool for Win10 botnet disabling?
>>52867678
powershell script to remove telemetry service and change registry keys for options not possible to choose in GUI or group policy.
>>52867720
Not very useful?!
How am I suppose to fix it with only those words?
> voat
>Block all connection attempts
>Shocked when windows retries multiple times to validate install
Why is this supposed to mean anything to anyone with half a brain?
>>52863230
>>52863248
Good online guides on doing this with external firewall? Its only way to be sure
>>52864310
>block ip tracker servers
>>52868762
>what is DHT
Pirates already beat trackers.
Has anyone got the bat script that uninstalls all KB's related to telemetry?
>>52869472
yes
>>52869560
Put it on pastebin, pal.
>>52869672
Why? Don't feel like ending up on terrorist watch lists.
>>52868519
The problem is not the fact that the OS desperately tries to reconnect to each IP, but rather the amount of unique servers it tries to contact. How much of a dumb panjeet you've got to be not to realise that you're only hurting yourself with that attitude of yours?
>>52866814
>over 2000 connection per day
>just for validating product
seems legit
>>52864310
>torrents are illegal XD
>>52870346
It does if the retard configured the firewall to drop all connections. What do you do if 4chan doesn't load? You keep reloading. Kind of what windows does. "Oh shit I can't access MS servers. REFRESH REFRESH MUST ASK NSA IF THEY ARE UP"
Fuck i need to check if my xiomi miui does any of this shit, why havet it tested before?
>>52870451
>I torrent my games and tv shows
>I show those companies who's the boss
>>52866445
If you like some backdoors implanted by some skiddies in your ass, yeah
Why cant we reverse enginner all that trafic?
We can easly. Crack games or winodws proteinowa , i we should make something
How to disable mint connection to update server?
From update.py GET
>>52862437
>msnbot
more than enough info for me...
what the fuck? why do they need a bot?
>tfw use Win10, stock Android, Chrome, Skype, and Google
So what if they use data to make their products better and assist law enforcement in catching criminals? The only way this would affect you is if you're doing something illegal, which is probably the case for a lot of people here. Quit fapping to pizza and you'll have nothing to worry about
>>52870958
Since you use Android. Chrome. Skype and Google, exactly how many criminals have been caught because they used all those?
>>52870958
>Law enforcement is infallible and never makes mistakes or does anything wrong
You live under a rock or something?
>>52870499
but he didnt block at first, and he got over 5000 connections to over 100 different ips in over 8 hours, how would you explain this?
>>52870990
Even if the number is zero, it doesn't matter.
Software developers need usage data to make their products better. That's why Chrome and Windows are actually good, whereas freetard software like Linux and Firefox is garbage and barely works.
>>52871141
>Even if the number is zero, it doesn't matter.
So you are admitting the fact that the data they are stealing from you does not do any good to your mainland US
>>52871141
How much do you get paid per post?
>>52870530
My point is that not all torrents are used for illegal things, you fucking idiot. Torrents are not inherently illegal.
>>52871110
Because windows updates, windows store, onedrive and he still had telemetry enabled. You need to remove the service to be sure and change group policies. After uninstalling windows store, disabling onedrive, removing telemetry services and updating group policies the only connections I get to MS are to their update servers after the initial shit after install are taken care of.
>A user on Voat analyzed the network traffic of Microsoft's Windows 10 operating system using a DD-WRT router and a Linux Mint laptop with remote logging and Windows 10 Enterprise installed on Virtualbox recently.
>He turned off all privacy-related features during custom installation, and let the computer sit idle for eight hours straight afterwards logging network traffic.
>In the eight hours Windows 10 made 5508 connection attempts.
Reposting from the last time this bullshit, fabricated Voat post got posted here by gulible idiots who believe anything they read:
I read TFA, the guy is an idiot and screwed up the test.
He configured the router to drop all connections. So Windows tries to access Windows Update, and it fails. So it tries the next server on the list, which fails. Strange, the interface has an IP address, try the next one...
Windows also has this thing called the Out Of Box Experience. It's been there since at least 98, probably before. The first time you log in, it runs a few things so you can choose your preferences and set important stuff up. If you ignore it, it will carry on looking for updates from the Windows Store, updates for live tiles in the start menu etc.
Every OS enables a load of crap by default. This is not surprising at all.
Unlike the guy in TFA, I bothered to do this properly. If you disable everything and don't use Windows Store apps then the only traffic is to Windows Update.
This is what happens when your source is a Reddit knock-off full of people who found Reddit too civil.
>>52871209
Well nevermind because my initial assumption was true >>52871218. They guy doing the test is in the double digit IQ range.
>using a gaming os ever
>>52870958
Well then they should let us see what exactly is it that they are collecting and doing. They should also let them actually get patch notes instead of forcing updates we don't even know nothing about.
Why you say? Well, if they've got nothing to hide, then there is nothing to fear, of course. After all, isn't that how it works for us?
>>52870806
Have you actually spent anytime looking at the windows system directory and some of the filenames in there? Use windows for a day or two and look at the recently modified and created file list and log files? Event viewer and scheduler? Default services enabled and running?
It's absolutely astounding, but now that it regularly beacons the mothership a bit frightening. I hear tell they are basically telling you in the waiver you click off on during install now, they will scan your files and they own everything you do on their OS. The free upgrade? Obviously the user is the product now. But hey, that goes for near everything "tech"today including this place.
We are certainly not in Kansas anymore, apparently not even in Redmond, maybe a Mormon bunker in Utah or Pajeets chop shop in the big Poo?
hurr
>>52871430
mine never even got offered windows10
>>52862511
Yes, companies get hacked all the time. thousands of people have millions in debt because someone steals their identity.
>>52863230
Or just install Linux, you cuck.
>>52866736
I'd still like to see the data itself. I'd like to believe I'm entitled to at least inspecting all of it.
>>52871238
and it's enterprise edition... BUSINESS. not any of us
>>52871218
>I bothered to do this properly. If you disable everything and don't use Windows Store apps then the only traffic is to Windows Update.
nice proof
>>52863283
>1. It's encrypted."Well since I have no way to know for sure, then it doesn't prove anything."
Not that anon, but I suppose I'll find out in a few days.
> 2. It's not encrypted. What are the fucking odds of this?
Slim to none.
>anon, install windows 10 enterprise. No telemetry! :^)
>>52870958
>So what if they use data to make their products better and assist law enforcement in catching criminals?
They actually use your data to blast you with ads. And they earm a shit load of money from doing so. Keep in mind that this already is a paid product, not a free one where you could easily overlook this aspect.
>>52872006
:^)
>>52872006
>This is what wincucks believe
>>52872006
>>52872071
>using the smiley with a carat nose
>>52862511
All they need is the hashes of all your files. All nicely compared to a database :^)
>>52863938
What software is this?
>>52863283
>Question, how do you expect that to be answered? Scenario:
Well, that's the whole problem here. It's plausible deniability on their part. That's what sucks about closed source software.
Friendly reminder that you do not have superuser/root access in windows.
you are only able to modify what they want you to be able to modify.
>>52871976
>Implying the original article offers any more proof of their claims.
>>52874150
The fuck does this mean? What is Runas > Administrator.
>>52874272
The most important parts of the system are unmodifiable. You only see what microsoft wants you to be able to see.
>>52874343
Wat.... what do you consider the "most important" parts?
>>52874688
he thinks that just because you cant delete files that are in use, it is something new to bitch about
this might be a dumb place to ask. but is pirating safe on widows 10? like pirating photoshop or games?
>Malware, short for malicious software, is any software used to disrupt computer operations, gather sensitive information, gain access to private computer systems, or display unwanted advertising.
Windows 10 is malware.
>>52873069
>using the smiley with a carat nose
>>52876464
>Using the telemetry with a normal nose
>>52862437
>privacy hardening
This is the latest meme
>Wincucks desperately trying to "privacy harden" their proprietary shitware, thinking their efforts mean anything when they're dealing with a blackbox OS that can change itself independent of their will
Top cuck
>>52862437
I play outside instead of staying on a fucking computer all day.
>>52862701
No he means that the OS was doing ONE information transaction but was blocked so it tried the next one and when that was blocked it tried the next one etc.
Shit, you're dumb.
>>52862437
Why do it at host level? You're supposed to be doing all egress filtering at your router (if a home user). Fucking idiot deserved to be spied on by Microsoft.
>>52863253
remember how dx11 was supposed to be a huge deal?
reality is you can make a modern, amazing looking game on dx9, or you can not use directx
new versions of directx have no point other than to try to force people to use new versions of windows.
>>52871218
fuck off amimojo
>>52878036
dx12 is the new gfwl
>>52874150
are you retarded do you even know how windows/nt works
>>52874150
How to bait: The post.
wut
