Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Windows 7 Knows About Your Internet Connection

Posted by timothy on from the when-telepathy-fails dept.

An anonymous reader writes "In Windows 7, any time you connect to a network, Windows tells you if you have full internet access or just a local network connection. It also knows if a WiFi access point requires in-browser authentication. How? It turns out, a service automatically requests a file from a Microsoft website every time you connect to any network, and the result of this attempt tells it whether the connection is successful. This feature is useful, but some may have privacy concerns with sending their IP address to Microsoft (which the site logs, according to documentation) every single time they connect to the internet. As it turns out, not only can you disable the service, you can even tell it to check your own server instead."

13 of 434 comments (clear)

  1. The relevant bits by Anonymous Coward · · Score: 5, Informative

    It is possible to disable NCSI by a registry setting if you don’t want Microsoft to be able to check your internet connection.

    * HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet
    * Under the Internet key, double-click EnableActiveProbing, and then in Value data, type: 0.The default for this value is 1. Setting the value to 0 prevents NCSI from connecting to a site on the Internet during checks for connectivity.

    1. Re:The relevant bits by Anonymous Coward · · Score: 2, Informative

      Your starting points for your steps are not equal.

      You make "open regedit" one step while you make "open terminal, sudo EDITOR, type in credentials three steps"

      Let's look at the reality.
      The "type credentials" step has an analog on Windows 7 and Vista. Lack of authentication before changing system-wide configuration is not a feature. If that's really what you want on linux you can easily set it up too.

      Opening a terminal and then opening your editor are not seperate steps for everyone. On my system WindowsKey+E brings up emacs, which is usually already running anyway

      sudo is 4 more characters (5 if you include the space) that you may have to type in front of your editor command. I'm pretty sure I can do that faster than you can find regedit with the mouse. Even if you use WindowsKey+R and type regedit, regedit is 2 characters longer than emacs and 4 characters longer than vim, so the effort wasted on typing sudo is seeming smaller and smaller all the time...

      UNIX paths are generally much shorter than paths in the registry. Once knowing the name of the file to edit, I suspect I can open the file more quickly than you can navigate to the registry key.

      You have to be careful of misspellings in the registry too. And unlike emacs, regedit won't automatically create a backup file.

    2. Re:The relevant bits by Dhalka226 · · Score: 4, Informative

      I'm not saying there are no problems with linux, or that it is more user-friendly than Windows in this (or any other) case, but you're hardly treating the situations equally.

      For example:

      Open doc versus find the doc. System-level configuration options tend to be quite well documented. How are you magically going to know where the documentation for an obscure feature is in Windows but have to look it up in linux? What the hell would you even search for? "My Windows machine seems to be pinging the Internet randomly and I want it to stop?"

      Apparently "open terminal" deserves its own step, yet we're magically typing regedit. Where do we do that? Equality dictates there should be AT LEAST one more step in the Windows instructions at this stage, to open Start Menu -> Run or Ctrl-R (I think, anyway).

      If you're allowed to edit system-level properties in Windows without Administrator credentials, you have an entirely different problem or, more likely, you're running as one constantly. If it's the latter, consistency once again dictates you've added an unnecessary step in the linux instructions. You're free to run linux as root if you want to vastly increase your chances of getting owned, just like you're free to do so with Windows.

      b3 (sudo) and b4 (open the file) are one in the same instruction. You'll do sudo /path/to/config.file which will simultaneously get your appropriate privileges and open the file. You can have B3b if you want, subject to the above.

      "Change the key as indicated" is pretty much no different than "edit as per the doc," even though you try to make it seem as if it is. In either case you're looking at documentation, finding the appropriate configuration value and changing its value. You may or may not have to add the line; if it's a feature defaulting to on, as is the situation in Windows, it will almost certainly be there. Likewise, where you add the key almost never matters other than for organizational purposes. And you have to be careful of typos either way. If the value in Windows is 0 or 1 it's likely to be the same in linux. You can fuck typing it up as easily on one system as the other.

      In other words, if you're not deliberately trying to make Windows seem superior by fabricating the scenario to be simpler for Windows than linux, the steps are pretty much identical. You need to make sure the have appropriate privileges. You need to know what to edit, whether that is a key buried in the registry or a confgiruation file buried in a directory tree. You have to actually edit it, and you have to not fuck it up while you do so.

      And that's without even touching the rest of your "steps," which even you admit are exaggerated.

      I don't care what operating system you use; I'm not a zealout either way. I used linux for years. My PC primarily runs Windows (it has a linux distribution on a second partition that has gone from Red Hat to Gentoo to Kubuntu over the years, but it hasn't been used in several years now). I'm typing this reply on a Mac. But if you're going to make comparisons, let's be intellectually honest and make valid ones.

    3. Re:The relevant bits by WeatherGod · · Score: 3, Informative

      I'll bite

      A) Windows A1- look for the doc A2.1- click the "run command" taskbar item A2- type regedit A2.2- supply credentials (assuming proper security setup) A3- change the key as indicated Done !

      B) Linux B1- look for the doc B2- open a terminal B3- sudo B3b- type in credentials B4- open the file B5- edit as per doc, being careful of where you add your line, misspellings

      that's already a few more steps and more possible mistakes... but now the real fun begins:

      Additions mine... Let's be fair when discussing these comparisons. First off, you have to find the documentation regardless of a windows or Linux system. You can't just say that someone will hand you the docs in one situation but you have to hunt in another. Next, opening a terminal is just as easy as clicking (or having a keyboard shortcut), and in windows, you also have to click somewhere to enter the regedit command. I would also hope your system is set properly that modifying the registry requires authentication.

      Next, you talk about making sure you place some particular option in exactly the right place with the right value. First, most configuration files don't care about order. Many follow the .ini approach. Second, good configuration files should come loaded with comments and examples. For example, the apache and sendmail configs are chock full of information. Personally, I have found the descriptions in regedit to be fairly limited.

      Don't get me wrong, there are definite benefits to a centralized registry system, but I think that there are pros and cons to both approaches, and I lean towards the linux approach.

      B6- find out the doc was only good for Horny Huckster (which is 9.7), you have 10.5 (which is ... Priapic Prong ? maybe), look again B7- don't find any doc you're 100% sure is germane to your setup/issue

      Lastly, while documentation for open source projects can definitely be a weakness, (although programs on windows aren't completely immune to this criticism) getting the wrong version of the docs is a pebkac issue. If the man pages don't have the info you need, the distro should have the docs available for your version, or the project's website should have the docs for your version. Checking the docs' version should always be the first step.

    4. Re:The relevant bits by MightyMartian · · Score: 3, Informative

      Not to mention you can't do search-and-replaces, pipe the registry through other utilities to make more advanced changes, easily back up and restore major changes and actually view an entire app or daemon's config in a single plane as opposed to annoying trees that only obfuscate and complicate config changes.

      I realize the registry can store binary blobs, but I'd argue that the file system is a much more efficient place to store such data, which is why I'm general not in favor of large binary blobs in any kind of database.

      The registry is a very typical of the Microsoft way of doing things; overly complex with way too much stuffed into it that could be done better in other ways. I absolute hate the difficulty of backing up and restoring registry sections, particularly since .reg files are essentially merged into the existence structure, rather than replacing it.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    5. Re:The relevant bits by Culture20 · · Score: 4, Informative

      Son, vi is the VIsual version of ed, the line EDitor. Try editing files with ed for a while and you'll think vi is so user friendly that you'll play first person shooters with hjkl.

  2. Re:First thing I do when I bootup by RoFLKOPTr · · Score: 4, Informative

    - open task manager - goto processes - kill any programs that I don't need (like Compaq Assistant, Adobe Launcher, etc) - kill any services I don't need - make explorer High priority

    It frees RAM and makes the computer run faster (less hard drive swapping). Hopefully this internet "IP recorder" service is one of those things I kill off. Although now that I know how to do it permanently, I'll do that instead.

    Spoiling mod points to call you an idiot.

    Start > Run > MSCONFIG

    Turn off the programs and services you don't need so you don't HAVE to kill them every time you boot up, and making Explorer high priority isn't going to really do much for you.

    This "IP recorder" thing is just your computer testing for an active internet connection by actually running a real DNS query and actually contacting a real server somewhere rather than assuming your internet works because the interface is up.

  3. Re:Worse on Apple by Anonymous Coward · · Score: 3, Informative

    Sorry, I wasn't clear enough.

    When all the whizzbang feature turned off and iPad is sleeping, I do not expect it to even attempt to connect to anything. In case of iPad, it does. Not only that, it also ping some IP address that resolves to *.apple.com regularly. My router log & wireshark confirms that.

    iPad/iPhone also have similar feature with MSFT feature mentioned in the article. After you get DHCP lease from your wifi network, iDevices won't consider itself connected to wifi network until it can ping a server (apple.com?) on the internet. A wifi (fan) icon won't appear until then. If it encounters a captive portal, then a portal is popped up automatically.

    The bottom line is that Apple is using the same technology mentioned in the article PLUS pinging Apple regularly behind your back.

  4. Re:Don't Firebox and Thunderbird call home? by PhrstBrn · · Score: 3, Informative

    The distros turn this behavior off. On Debian and Ubuntu, Firefox, Thunderbird, and VLC have their self-autoupdate disabled (and is non-trivial to enable). If you download the standalone binary and install it yourself, it has the autoupdate feature turned on. Same for Windows.

    All 3 programs have a checkbox to turn that feature off if you really think it's intrusive to your privacy.

  5. Re:privacy concerns? they know your IP from update by canajin56 · · Score: 4, Informative

    And also, since Windows XP, Windows has come with an NTP client on by default, set to their time server. So they've been "spying" on your IP address for a long time!

    --
    ASCII stupid question, get a stupid ANSI
  6. Re:Worse on Apple by FlashBIOS · · Score: 3, Informative

    I don't think you had all the things shut off that you think you did. For example, did you turn off Ping (Apple's social network wannabe, not anything ICMP related)?

    http://www.geek.com/articles/apple/how-to-shut-off-ping-and-increase-battery-life-with-ios-4-3-20110321/

    There's many of these first-party services, and countless third-party that could be involved. I won't pretend to like it (I don't at all, I too want my devices to fully sleep). But I also won't pretend that it is worse. Especially as a ping (ICMP this time) is unable to transmit anything remotely close to what Microsoft's HTTP method of checking network availability could.

  7. Re:Windows by oakgrove · · Score: 1, Informative

    How can somebody be a shill for Linux? It's free. You might find a few fanboys but, shills? No. Microsoft, on the other hand has a history of paying people to shill their products.

    --
    The soylentnews experiment has been a dismal failure.
  8. Totally false by Anonymous Coward · · Score: 2, Informative

    MS has LONG been using our information. And they SELL IT TO HIGHEST BIDDER. You can get information about MS's customers if you pay them (name, addr, and phone). OTH, Google will NOT give you the information that you want (say name, addr, phone). They WILL use the data to target ads at you, but then again, so does Apple, MS, Yahoo, amazon, e-bay, etc.