Windows 10 Still Phones Home With Data In Spite of Privacy Settings

Penguinisto writes: According to Ars Technica, Windows 10 will still send telemetry and other data to Microsoft-owned domains — no matter how tightly you crank down the privacy settings. Even with everything buttoned down, Cortana, OneDrive, and Web Search from the Start Menu disabled, the OS still phones home, using a random system ID that persists across reboots. It apparently also tries to bypass proxies to do it. "Some of the traffic looks harmless but feels like it shouldn't be happening. For example, even with no Live tiles pinned to Start (and hence no obvious need to poll for new tile data), Windows 10 seems to download new tile info from MSN's network from time to time, using unencrypted HTTP to do so. ... Other traffic looks a little more troublesome. Windows 10 will periodically send data to a Microsoft server named ssw.live.com. ... The exact nature of the information being sent isn't clear—it appears to be referencing telemetry settings—and again, it's not clear why any data is being sent at all. We disabled telemetry on our test machine using group policies."

Explanation please

Windows 10 Still Phones Home With Data In Spite of Privacy Settings

What the hell, Microsoft?

Privacy is dead.

This battle is lost. No amount of litigation or hacking will change that.

We would be wise to keep our efforts focused on freedom on the electronic frontier. Keep it legal to do all the things we want to do, because we will not be able to do them in secret.

It isn't the happiest of realities, but it is still reality.

Re:Privacy is dead.

The battle is not lost.

They don't know me. They have no means of verifying what I tell them. And I do know them, and I know that they'll try and try and try to find a way to make my usage profitable. The only question is, "How can I use their greedy nature to benefit me?"

First, I need to know what benefit I want. If it's privacy I want, then nothing works better against a myopic panopticon than a disguise of misinformation. We already know they can "see" my usage and other statistics. But they can't verify. And if they can't verify, they can't trust. And if they can't trust, they can't use that information. But we also know they will use it and trust it, but they still won't verify it. It's a broken link in the chain. A weakness. Exploit it, and suddenly, you're both everyone and no one.

Next, I need to know how they attempt to identify me. What physical methods (servers they upload data to, etc.) and also what psychological methods they use (see also: Target's data mining is faster and more accurate than peeing on a stick).

Next, to re-use a favorite spin-doctor phrase, just "alter the narrative". Block the physical methods outright, but know that there will be new ones to make up for the ones you block. You can't block everything. Poison the data in any others. And by "poison the data", I don't mean to feed them random junk. Oh, no. That will be too easily identified, or too easily filtered out. You will gain privacy, but no other benefits. And you'll train their systems to work around your efforts. This is war. Don't get mowed down by the first volley like that. Feed them "good" data, but data that isn't you, even if it isn't necessarily consistent from moment-to-moment. If they're pushing advertisements at you, find a way to get them to try to push the "right" ads to you. If you want them to die in a fire and go bankrupt, get them to push unprofitable ads. If you want them to think of you as a cash cow (that goes MOO), get them to push profitable ones. Your motivations may change from day to day, and that's your prerogative.

Next, hold the line on anything that intrudes. If they're pushing ads or coupons or services or whatever, cut those things off at the knees (and by "knees", I mean "router"). Don't watch the ads, just farm them. This is trivial. A headless server in a rack in some nameless data center can be your advertisement playback bitch, and can forward the proof-of-impression keys back to your actual user session for reply back to the ad server. This gives the ad network what it wants (proof that you "watched" the ad), while also giving you what you want (not watching the ad for real). Companies paying for advertisements will slowly learn that "proof" isn't good enough, and the ad networks will die slowly.

And then the war is won.

Probably just not optimized yet

[slacklinejoe]

It's good these posts come out, but having worked with it, it's probably just a case of some calls that didn't check for the telemetry lockdown registry key. Say what you will, but it's not likely they have a secret cabal going to collect which live tiles you resized to "large" or unpinned. There's enough of us that either ride with defaults or are actually OK with them learning how to make a better OS based on how we use it. Given how rushed it was on the last few months fixing major issues, it doesn't surprise me that a few things slipped through. If it isn't fixed via update once they can process the feedback, I'll be surprised. For the live tiles, it's probably trying to pre-cache the images for default items. Even if they removed it from their start menu, I think that's still part of the default account profile. Maybe it needs removed from that one as well. That said, maybe it's just poorly coded (feigns shock). It's good to keep them accountable though, I just wouldn't blow this out of proportion. I've got bigger fish to fry.

Re:Probably just not optimized yet

The burden is on Microsoft to prove that they aren't up to anything nefarious. Until they PROVE this, beyond a reasonable doubt, I can't see any major corporation or any foreign government installing NSA approved spyware masquerading as an OS on their systems!

Influence from Skype

[xeno]

It is interesting to see not only the technical influence, but the design philosophy inherited from the Skype acquisition: That is, from the perspective of a running service, it's perfectly ok or even desirable to worm your way out and communicate with the hivemind, no matter what the user says. For example, if the user configures the app not to communicate with a voip service, the app will respect the exact letter of the user's intent -- not to make voip calls or display presence -- but it will still update itself, download patches, and update directory data so that you *could* make voip calls if you changed your mind... which it will assume you did at the next update when the settings are reset to default-open...

Opting out entirely is within reach for most people/orgs, it's the momentum that keeps people choosing this crapware. I keep Windows around because I like Visio, but my company does everything else in Google services, so my main machine for actual work has been Linux Mint for several years. The kids have Windows tablets but never use them; they just use pocketable android for comm and big iron for gaming/steam/AV/dev. It's not even worth much effort to criticize msft, they're not going to stop doing stupid things, they don't offer an advantage at the consumer level anymore, and I just don't have the time for it.

(Now, ask me as a security geek, do I like having windows event data along with netflow? Sure thing, but the infrastructure to get that is insanely costly to license and run. I just wouldn't build a company that way anymore.)

Re:Windows 8 is suddenly looking good ..

[sycodon]

My Huge Aerospace employer is on Windows 7 and only now is dipping heir toes into Win 8.1

I expect it will be 3 years before win 10 touches any of our hard drives and only then after the security people have stripped out all the M.S. Snoops.

Re:Just need hostnames or IP addresses

[savuporo]

OpenWRT builds should soon come with "none of this telemetry shit" big red switch on the frontpage. And not just Msft, but apple, oracle, etc included. And then, i want OpenWRT built into a usb-ethernet dongle that i can take with me to travel.

Re:Is there still a hosts file?

[frovingslosh]

My thoughts exactly. If there is a hosts file (and they are not bypassing it for themselves) then shame on anyone who lets M$ phone home. If the host file is gone (which kills a lot of my abusive advertisement and malware protection) or bypassed then it is time to get the router to protect you from traffic going to Microsoft.

Another nice advantage of the hosts file or router hack is that the home version will wait until you believe it is safe to download those "security updates" and you actually want them, rather than forcing them on home users first to see how much damage is done before feeding them to business users. And I say that as an experienced computer user who has only had real harm done to his system twice, once by uninstalling something that left behind an updated DLL but uninstalled the other new DLL that the first one now needed (nice design Bill) and once by a "security update) that deliberately changed my NIC EEPROM so that Linux would not run properly on it (Thank you Microsoft for such aggressive security).