Windows 10 Still Phones Home With Data In Spite of Privacy Settings

Penguinisto writes: According to Ars Technica, Windows 10 will still send telemetry and other data to Microsoft-owned domains — no matter how tightly you crank down the privacy settings. Even with everything buttoned down, Cortana, OneDrive, and Web Search from the Start Menu disabled, the OS still phones home, using a random system ID that persists across reboots. It apparently also tries to bypass proxies to do it. "Some of the traffic looks harmless but feels like it shouldn't be happening. For example, even with no Live tiles pinned to Start (and hence no obvious need to poll for new tile data), Windows 10 seems to download new tile info from MSN's network from time to time, using unencrypted HTTP to do so. ... Other traffic looks a little more troublesome. Windows 10 will periodically send data to a Microsoft server named ssw.live.com. ... The exact nature of the information being sent isn't clear—it appears to be referencing telemetry settings—and again, it's not clear why any data is being sent at all. We disabled telemetry on our test machine using group policies."

Explanation please

Windows 10 Still Phones Home With Data In Spite of Privacy Settings

What the hell, Microsoft?

Re:Explanation please

[JazzLad]

Finally, we will access, disclose and preserve personal data, including your content (such as the content of emails, other private communications or files in private folders), when we have a good faith believe that doing so is necessary ...

Re:Guessing at a partial explanation

They said they'd used group policies to enact this change. If group security policies don't encompass the entirety of the OS, how could you ever be secure in the first place?

Additionally, "Response Times" are not the king for people who *do not want this*.

Privacy is dead.

This battle is lost. No amount of litigation or hacking will change that.

We would be wise to keep our efforts focused on freedom on the electronic frontier. Keep it legal to do all the things we want to do, because we will not be able to do them in secret.

It isn't the happiest of realities, but it is still reality.

Re: Privacy is dead.

[mark-t]

Being certain of something doesn't make it true. You are, I am afraid, quite wrong... the very idea of an "unhackable computer" is built on a flawed premise, which is that it is somehow a computable function to determine what an arbitrary computer program is actually supposed to behave like.

Even fixed function devices can be hacked and used for purposes other than what they were intended for, Trying to do that for a general purpose computer is logically equivalent to solving the Halting Problem, which can be logically proven to have no possible solution.

Meet the New Microsoft

Same as the old Microsoft.

Disabling telemetry only works for 10 Enterprise

[The+MAZZTer]

Group Policy explains if you try it on other editions it will act as if set to Basic.

Re:Comparable

[fustakrakich]

Yeah, but if you're a hedge fund manager, they both can make you rich!

I've been trying to stop Win 10 telemetry on Win 7

[QuietLagoon]

I've recently been trying to shut down Microsoft's gathering of telemetry from my Windows 7 PC. I am seeing the performance-draining results of this telemetry gathering process.

.
When I start up my PC in the morning, the hard drive just grinds away for about 5 or 10 minutes, and the CPU is sluggish. At first I thought it was an A/V scan, so I removed my A/V. No effect.

Then I stumbled upon the InfoWorld article, and removed the Windows Updates that were mentioned in the article. The scanning stopped. Until I did a Windows Update earlier this week. And I had to remove once again the offending updates.

What in the world is going on in Redmond?

Influence from Skype

[xeno]

It is interesting to see not only the technical influence, but the design philosophy inherited from the Skype acquisition: That is, from the perspective of a running service, it's perfectly ok or even desirable to worm your way out and communicate with the hivemind, no matter what the user says. For example, if the user configures the app not to communicate with a voip service, the app will respect the exact letter of the user's intent -- not to make voip calls or display presence -- but it will still update itself, download patches, and update directory data so that you *could* make voip calls if you changed your mind... which it will assume you did at the next update when the settings are reset to default-open...

Opting out entirely is within reach for most people/orgs, it's the momentum that keeps people choosing this crapware. I keep Windows around because I like Visio, but my company does everything else in Google services, so my main machine for actual work has been Linux Mint for several years. The kids have Windows tablets but never use them; they just use pocketable android for comm and big iron for gaming/steam/AV/dev. It's not even worth much effort to criticize msft, they're not going to stop doing stupid things, they don't offer an advantage at the consumer level anymore, and I just don't have the time for it.

(Now, ask me as a security geek, do I like having windows event data along with netflow? Sure thing, but the infrastructure to get that is insanely costly to license and run. I just wouldn't build a company that way anymore.)

Re:Influence from Skype

[drooling-dog]

...it's the momentum that keeps people choosing this crapware.

Unfortunately true. It causes most people a great deal of anxiety to acknowledge there's a problem and that there are things they can do to mitigate it, because that means they have to learn about those things, which they fear will be outside their experience and abilities. As long as they're in the same boat as their friends and family, they feel the safety of numbers and can ignore the issue. The FUD mantra against Linux has always been that you have to be an elite geek to install and use it; of course that's nonsense but people believe it. It creates a lot of fear and trepidation that they'll be in over their heads if they even try, and so they don't.

Re:Influence from Skype

[yodleboy]

It's not FUD... Whatever the year of the Linux desktop people want you to believe, it's just not that easy for most people to switch. The skepticism you have "Windows 10 is free, what's the catch?", is the same thing I hear when I tell people about Ubuntu. "It's free, how could it possible be good if it's free?" Then you tell them that it will change the look and feel of a computer they've used for years. Then you have to admit that their Windows apps won't work. Then confess that they will have a much smaller selection of software available to them. yeah, sign me up right away, is not the response you should expect.

Despite huge improvements, Linux desktop is still NOT for the average user. It's for the average user that has a knowledgeable friend to help them setup things, to install Windows apps under WINE when possible, to help them find replacement apps for all the things they use, and to help them get used to the quirks of Linux. I've got my mother in law's laptop running perfectly under Ubuntu and she loves it, but there's no way on earth she'd ever have done it herself, even if her future self could send a note back in time and tell her how much better it was.

WE don't think it's that hard or intimidating because we play with this stuff all the time and tend to forget we've grown along with the Linux desktop and take a lot of acquired knowledge for granted.

Re:Windows 8 is suddenly looking good ..

[sycodon]

My Huge Aerospace employer is on Windows 7 and only now is dipping heir toes into Win 8.1

I expect it will be 3 years before win 10 touches any of our hard drives and only then after the security people have stripped out all the M.S. Snoops.

SHOCKED

[JustAnotherOldGuy]

Obligatory "I'm shocked, SHOCKED I TELL YOU!"

What were you expecting?

[koan]

Wasn't auto update, upgrade the give away clue?

Watch as time goes by how much worse it gets, from broken apps (due to auto upgrades) to massive security fails.

Re:Just need hostnames or IP addresses

[savuporo]

OpenWRT builds should soon come with "none of this telemetry shit" big red switch on the frontpage. And not just Msft, but apple, oracle, etc included. And then, i want OpenWRT built into a usb-ethernet dongle that i can take with me to travel.

Re:I've been trying to stop Win 10 telemetry on Wi

save you a few minutes
wusa /uninstall /kb:2952664 /quiet /norestart
wusa /uninstall /kb:2990214 /quiet /norestart
wusa /uninstall /kb:3035583 /quiet /norestart

Re: Windows 8 is suddenly looking good ..

Similar to IBM, MSFT could easily charge $50 for Windows XP maintenance PER YEAR AND SEAT. Since XP, there has been NO CUSTOMER VALUE ADDED. Actually, they destroyed lots of customer value by permuting things so that they could call it "new".

Many customers know this and it has burned their business.

The next step in their suicidal plan is to continue charging for their Permuted XP versions, but at the same time collect and sell data like Google. Now, that sounds like an excellent plan to destroy the modicum of trust and relationship they have with their long term customers.

Re:Windows 8 is suddenly looking good ..

[drinkypoo]

I'm waiting until I stop seeing a deluge of shit like this before I un-hide the update to upgrade to windows 10, from windows 7. Remember how Microsoft went goddamned insane when they released the latest Xbox? Remember how they eventually fixed the incredibly privacy-raping idiocy? Still waiting. Gonna keep waiting. If they never come around, that's OK. Windows 7 should keep working for me for some time.

Re:I've been trying to stop Win 10 telemetry on Wi

[ShaunC]

Here are a few others, and some scheduled tasks that I was surprised to find on Windows 7 machines.

Re:Disabling telemetry only works for 10 Enterpris

[Blue+Stone]

Windows 8 was a fuck up because of the UI.

It looks like Microsoft said, with 10, let's just go deeper and fuck up the user's privacy instead.

The more I hear about 10, the less it looks like a saviour to Windows woes and the more it looks like an even bigger disaster.

Re:Reminds me of Apple

[MacTO]

Actually, Apple does have the settings. In OS X, since 10.10, it has been due to Spotlight doing online queries. In iTunes, for many years, it has been due to their suggestions system and retrieving additional data about your music.

It is, as the article suggests, the price of convenience. It would be nice though if you had the option to turn off those conveniences if you don't want them.

Re:Windows 8 is suddenly looking good ..

Windows 7 is looking even better. Staying put.

Diagnostics Tracking Service...

Which, it should be pointed out, can be disabled on 7 and 8.

Telemetry and error reporting cannot be effectively disabled on 10, because Microsoft refuses to make Enterprise available via retail channels.

This AC is also remaining on 7 here. And has refused to install the offending updates (KB3068708 KB3022345 KB2952664 KB2990214 KB3035583 KB971033 KB3021917 KB3044374) from Windows Update. (Another thing that cannot be disabled in Win10.)

Re:Is there still a hosts file?

[frovingslosh]

My thoughts exactly. If there is a hosts file (and they are not bypassing it for themselves) then shame on anyone who lets M$ phone home. If the host file is gone (which kills a lot of my abusive advertisement and malware protection) or bypassed then it is time to get the router to protect you from traffic going to Microsoft.

Another nice advantage of the hosts file or router hack is that the home version will wait until you believe it is safe to download those "security updates" and you actually want them, rather than forcing them on home users first to see how much damage is done before feeding them to business users. And I say that as an experienced computer user who has only had real harm done to his system twice, once by uninstalling something that left behind an updated DLL but uninstalled the other new DLL that the first one now needed (nice design Bill) and once by a "security update) that deliberately changed my NIC EEPROM so that Linux would not run properly on it (Thank you Microsoft for such aggressive security).

Re:So how many lawsuits have been filed so far?

[Calydor]

And I'm pretty sure it's been established that a EULA can't be used to do things that go against the law.

Re:Probably just not optimized yet

[meta-monkey]

No way your workplace already installed 10. Nobody's that stupi...oh fuck I just answered my own question.

Re:Reminds me of Apple

[macs4all]

Actually, Apple does have the settings. In OS X, since 10.10, it has been due to Spotlight doing online queries. In iTunes, for many years, it has been due to their suggestions system and retrieving additional data about your music.

It is, as the article suggests, the price of convenience. It would be nice though if you had the option to turn off those conveniences if you don't want them.

There is a Vas Deferens between what Spotlight (for "Spotlight Suggestions") and iTunes does and what Windows 10 is doing. For one thing, Apple is straightforward about what is, and what is not, sent to Apple and/or Microsoft from Spotlight. And more importantly, Apple has a nice, simple GUI way to disable "Spotlight Suggestions".

As far as iTunes goes, if you are referring to the "Genius" feature, unless you turn on iTunes Match, you can disable the Genius feature (which I think is now called "Share details about your library with Apple"). If you are referring to retrieving CD Song Names and other info from the internet, you can disable that, too. Both are available as simple GUI checkboxes in iTunes' Preferences, along with the SWITCHABLE "Share details about your library with Apple", "Limit Ad Tracking", "Automatically download album artwork", "Always check for available downloads", "Sync playback information across devices", "Sync podcase subscriptions and settings", and "check for new software updates automatically".

So, compare that with what TFA says about Windows 10 still leaking data no-matter-what, and I think that any sensible person will agree that there is virtually no comparison between the two "mindsets".

Re:Probably just not optimized yet

[cfalcon]

No. It's not PEBKAC. Go fucking research. To stop Windows from talking, you need several privacy toggles, some of which won't toggle all the way. Then you need a registry workaround, because Windows is so about user friendliness that you need to modify DWORDS in their shitted up binary fuckfest. Then you need to disable like three services, and remove two binaries. Then you need a big hosts file, and that's becoming an issue because Windows will actually work around a hosts file in some cases, using a list of known IPs specifically to circumvent that. So for now, you can block them on your external firewall.

Eventually, you'll need a dedicated Application Firewall to block all that plus the mandatory Windows Update- you obviously don't want to allow Windows Update unless and until the Application Firewall has updated rules, because we can assume Microsoft will sidestep them weekly if allowed to. The advantage of that approach is that Microsoft can't beat it- it's not on their computer- and further, that you can eventually deep packet inspect and sanitize, allowing the use of Cortana with just the information YOU want to share with her.

Again, really, we need to get off Microcock. This level of drama- needing a second computer to use your first computer- is absolutely insane. But for those that want all those lesser applications that only have Windows support, this will be the option.

Re:This is starting to get annoying

[gstoddart]

Which are you annoyed at?

The fact that it's getting posted, or the fact that Microsoft is acting like such major assholes?

Everything about Windows 10 seems to be saying "we don't give a fuck about you peons, we'll do any damned thing we want".

Re:Windows 8 is suddenly looking good ..

[WaffleMonster]

Windows 7 is looking even better. Staying put.

In windows 7 I disabled every call home excuse under the sun from UI, group policy, CLI, scheduler... Must have spent hours disabling various bullshit yet despite considerable efforts windows 7 still keeps making connections to settings.data.microsoft.com, telemetry.microsoft.com with nothing running, with updates set to manual while doing absolutely nothing but executing tcpdump. In the end I gave up and blackholed these sites in DNS to get it to stop.

To be clear I am not nor would I ever make the lame argument that windows 7 does it too as an excuse to give win10 a pass or cover to try and justify a fundamentally indefensible activity. Microsoft's squandering of their customers trust will ultimately only end badly for them. Wireshark is your friend... try it and see what all windows 7 is doing don't assume that Windows 7 is trustworthy.

--
"Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary."

Those who believe enterprise version is safe ...

[Taco+Cowboy]

... are idiots

Telemetry and error reporting cannot be effectively disabled on 10, because Microsoft refuses to make Enterprise available via retail channels

There is one thing about the masses - they believe in whatever they were told, such as "Users of Enterprise version of Win 10 can disable spying"

Just because they say the enterprise version can disable spying does not mean:

1. It is true
_and_
2. It will always be true

Remember this thing - Windows 10, unlike prior versions of Windows, is an "in progress" project, which means, Microsoft gets to add it, or take out, any function/feature it wants.

The hundreds of millions of users of Windows worldwide used to be the customers of Microsoft, used to be, because as of now, they have become Microsoft's product, to be packaged and sold to Microsoft's new crop of customers - the ad agencies, spook agencies, data miners, and so on, and so forth ...