Even With Telemetry Disabled, Windows 10 Talks To Dozens of Microsoft Servers

An esteemed reader writes: Curious about the various telemetry and personal information being collected by Windows 10, one user installed Windows 10 Enterprise and disabled all of the telemetry and reporting options. Then he configured his router to log all the connections that happened anyway. Even after opting out wherever possible, his firewall captured Windows making around 4,000 connection attempts to 93 different IP addresses during an 8 hour period, with most of those IPs controlled by Microsoft. Even the enterprise version of Windows 10 is checking in with Redmond when you tell it not to — and it's doing so frequently.

Surprised?

[gstoddart]

Is anybody surprised by this?

Microsoft has pretty clearly telegraphed they don't give a shit about what the people who own the machines want, and they're going to do whatever the fuck they want.

That Microsoft is doing this is surprising in no way to me.

Microsoft simply can't be trusted to not just do what they please here.

Re:Surprised?

[gstoddart]

In fairness, with enough resources, Vista didn't suck nearly as bad as people said it did .. I ran it on a quad core machine with 8GB of RAM until a year ago, and it was just fine.

But Microsoft has gone from "Vista sucks and Windows 8 was kind of annoying" to "actively not trustworthy" in this -- this is saying "we don't give a crap about what you are willing to let us do, we're going to do it anyway".

Sorry, but, no way this is anything but Microsoft deciding they'll get your data no matter your opinion.

Re:Surprised?

[alvinrod]

There's a strange type of inertia that applies to large companies. Even when they completely screw the pooch, they tend to hang on for years and years after the fact. RIM (or BlackBerry since they renamed themselves) are still around even though they haven't do anything relevant in years. Hell, even Real Networks is still around, seemingly stuck in some endless buffering state where they just can't die, and AOL still has 2 million dial-up subscribers. The technology graveyard is full of zombies.

Re:Surprised?

[JustAnotherOldGuy]

Microsoft has pretty clearly telegraphed they don't give a shit about what the people who own the machines want, and they're going to do whatever the fuck they want.

And this is it in a nutshell. Microsoft is going to do whatever they want with your PC, and that's that.

I just installed Linux Mint as a test to see how it works, and so far I'm liking it a lot. I was driven to do this by the near-certainty that MS will force Win 10 on home users like me no matter what they do or don't want, and no matter what we "opt-out" of.

It's only a matter of time, and short of completely disconnecting my PC from the net, I don't see how I can prevent them from doing a stealth or forced upgrade. If I manage to completely block all their servers (unlikely) my guess is that my 100% legal copy of Win 7 will just stop working one day and won't function again until I "upgrade".

So I may be switching to Linux Mint sooner that I thought, but so far Mint seems to be great, super simple to install and it runs like a champ. And with Wine I can use some of the little Windows apps that I've grown dependent on until I find replacements for them.

So keep pushing Microsoft, you'll push me right over to Linux.

Re:Surprised?

[gl4ss]

yeah difference with vista and 8/10(same fucking thing) is that vista they tried to make usable and with 8/10 theyre trying to use the customer.

Re:Surprised?

[interval1066]

Say hello to the Xbox One screen saver fiasco.

Re:Surprised?

[sims+2]

Performance wise yes with enough resources it was fine. But the oem's never sold stock systems with "enough" for the entire time vista was on the market.
The low end systems today with windows 10 still don't have the power to make vista work as intended.
Plus i've never encountered a windows vista system with more than 4GB stock memory most came with just 2GB or less.
Windows 7 handles it a bit better. However there is currently a bug with the windows update process and any system with less than 4GB of memory will page out to disk while trying to install the second set of 124 updates. Msft hasn't admitted to that yet either though.

Imho no one anywhere should even have the option to buy a new windows system with less than 4GB.

Re:Surprised?

[Midnight+Thunder]

No I was surprised that they were able to stay in business after the launch of vista and the windows 8 disaster.

Given the alternatives, I am not surprised people have stayed with them. Not, because the alternatives are bad, but because of the investment in terms of money and human skill sets.

The real alternatives are MacOS and Linux, but they have their own issues. MacOS limits your hardware choice to one company, even if some may argue it is the 'more user friendly OS' and Linux still doesn't feel like it has the user facing polish it could have, then add to the fact that there doesn't seem to be a desktop UI that seems to have a strong continual investment in improving the experience that the lowest common denominator of uses would appreciate.

The way I see it:
    - Linux is a great server OS, but weak on the desktop
    - MacOS is strong on the desktop, but weak on the server
    - Windows is average everywhere

The above also indicates why I believe many companies choose Windows: it may not be the best at anything, but works well enough for must general use cases and allow companies to deal with one vendor and not need a high level of expertise.

Re:Surprised?

[interval1066]

Not even close to being true.

Re:Surprised?

[gstoddart]

Performance wise yes with enough resources it was fine. But the oem's never sold stock systems with "enough" for the entire time vista was on the market.

Well, was that Microsoft lying about minimum requirements, or OEMs ignoring them?

Because, really, way back in the day with Windows 3.11 when machines were sold with 4MB of RAM ... it was still unusable with only one application running.

Companies have been selling Windows machines with too damned little RAM for 25 years.

Re:Surprised?

[gstoddart]

Boo hoo .. the multi-billion dollar corporation who spends billions of dollars annually can't maintain product releases and instead has decided the world gets to be their beta testers as they go to a shitty rolling release of incomplete software they've announced they'll force people to get.

I'm sorry, are we supposed to feel sorry because MS no longer wishes to to proper release engineering and life cycle management of their products? All so they can jam ads and analytics into our machines without our permission?

Fuck that.

Re:Surprised?

[sims+2]

Microsoft lying about minimum requirements.
The question is why?
It doesn't really cost msft anything to change the arbitrary requirements. They ought to have been upped to 4GB years ago.
At the same time they could have written the system in such a way that it didn't use 2.7GB while updating.

Vista was bad for performance and the UAC was extra naggy by default they even scaled UAC back by default in windows 7+
8/8.1 has a terrible stock ui without a touch screen (should have been a system requirement if they were going to tell everyone else to gtfo) better with classic shell.
10 is a compromise between 7 and 8 but the start menu is still screwed up.

Re:Surprised?

[ttucker]

During the Windows 8 disaster, the Linux community was making the same mistake of forcing their users into a new UI paradigm that they didn't want....

Re:Surprised?

[Archtech]

There's a strange type of inertia that applies to large companies. Even when they completely screw the pooch, they tend to hang on for years and years after the fact.

The bigger and more hierarchical the company, the greater the power of groupthink. It gets so that nobody who tells the truth and talks about the real facts and figures can survive within about five levels of management of the executive suite. Anyone who does immediately gets the bum's rush: incompetence, insubordination, bad judgement, blamed for someone else's incompetence or malfeasance, face doesn't fit, socially inept, politically incorrect... the list goes one for ever.

Hence the top management never gets to hear the truth; everything they do is praised to the skies. And they start to think they are wonderful, too, until they hit the wall at 90 mph. Sorry to Godwin, but Hitler was one of the all-time classic examples. For years he kept firing the best generals until he was surrounded by mediocre yes-men; then he probably wondered why nobody could get anything done.

If the truth were known, our corporations are infested by thousands of would-be Hitlers who lack what it takes even to be a petty tyrant.

Re:Surprised?

[sims+2]

I want a UI that looks like it was ripped out of windows nt.
and is light weight enough to handle 10 file windows in under 100MB of ram.

I want my os to run my programs and work with my existing equipment.

I don't however have any need for the os to have pretty graphics and flashy transitions.

At work our machines run one program only the mouse is only used twice a day once to start the program and once to shut the computer down at the end of the day.
The program runs full screen so all of the terminals look identical regardless of the underlying os.

If we actually closed at the same time each day with minimal scripting we could eliminate the mouse entirely.

If your at home and you play a game most of those run full screen too so all the ui needs to be is easy to use, stable and lightweight.

Last I looked at ubuntu they had switched to this flashy graphic designed for touch screen gnome ui.
I don't feel that's better than win 7. Gnome didn't used to look flashy that was KDE's thing but now they both look flashy what happened?

Keep in mind walmart largest retailer in the country is still today using IBM checkout systems. Why? because K.I.S.S

Re:Surprised?

> Mac OS limits your hardware choice to one company, even if some may argue it is the 'more user friendly OS'

I believe we can say Apple is not user's money friendly.

Perhaps they don't want to risk their end-user business model; if they could create a separate company for the enterprise market, maybe that could work.

> and Linux still doesn't feel like it has the user facing polish it could have

Well, things can be improved, for sure, but I feel it's already on par with Mac OS. And it has been ahead of Windows for some time already...

> then add to the fact that there doesn't seem to be a desktop UI that seems to have a strong continual investment in improving the experience that the lowest common denominator of uses would appreciate

Unity is the classical counter-example here, but I must recognize Gnome serves LCD uses very well, though I'm really more a KDE|Xfce user.

KDE has been shown to unsuspecting users as the new Windows interface and has been praised to no end. As I work with Windows 7, I must cringe everyday about how less friendly it is -- even if compared to Xfce.

Recently, I've been testing KDE Plasma and found it _very_ good looking and polished; for comparison with Windows 10, I didn't try it yet, but from Youtube videos, Deepin looks on par if not better than W10 experience.

> - Linux is a great server OS, but weak on the desktop

Not really. I've been using since many years and it has constantly improved by leaps and bounds. I'm willing to admit it has some distance to cover regarding games, but that doesn't mind at all on the enterprise and I'd say most end-users are not gamers -- they really want to make homework, create pdfs, use spreadsheets, watch Internet videos, watch multimedia created with their smart phones... lots and lots of things which don't really require Windows.

Linux has some really nice offerings on the desktop besides Ubuntu.

> - MacOS is strong on the desktop, but weak on the server

They seem not interested in servers. For the prices they charge, they also seem not interested in desktops; for them, it appears, it's a post-PC world.

> - Windows is average everywhere
> The above also indicates why I believe many companies choose Windows: it may not be the best at anything, but works well enough for must general use cases and allow companies to deal with one vendor and not need a high level of expertise.

A valid point, no doubt. And therein lies the source of our problems: whatever Windows does, someone does that better. It's hard to live with a product perceived as inferior. But most know no other alternative. So Linux and BSD (Mac OS included) are not to blame, in fact...

Another point is that companies really need someone to talk to. Apple has a lot of ground to cover on that regard (and I believe they probably should start a division if they ever want to be relevant here), Linux has some companies which don't care about the desktop (Red Hat), some that care (Canonical) and are slowly becoming relevant and others IMHO who are too small or somewhat undecided (e.g. SuSE).

In my country, if I were a company, I bet I could easily hire someone for in-premises Windows desktop support; not so sure with Canonical. For servers, I bet it would be easy to get contacted by Red Hat, SuSE or Oracle.

For end-users, things are surprisingly easier because: a. nobody gets good Windows support anyway and b. Linux support on the Internet is first-quality.

Re:Surprised?

[AmiMoJo]

I read TFA, the guy is an idiot and screwed up the test.

He configured the router to drop all connections. So Windows tries to access Windows Update, and it fails. So it tries the next server on the list, which fails. Strange, the interface has an IP address, try the next one...

Windows also has this thing called the Out Of Box Experience. It's been there since at least 98, probably before. The first time you log in, it runs a few things so you can choose your preferences and set important stuff up. If you ignore it, it will carry on looking for updates from the Windows Store, updates for live tiles in the start menu etc.

Every OS enables a load of crap by default. This is not surprising at all.

Unlike the guy in TFA, I bothered to do this properly. If you disable everything and don't use Windows Store apps then the only traffic is to Windows Update.

This is what happens when your source is a Reddit knock-off full of people who found Reddit too civil.

Re:Surprised?

[vux984]

Read the article, temetry wasn't disabled.

If I read the actual article correctly, it was just a Vanilla install of Windows 10 enterprise. There was no active attempt to disable or block any of the actual telemetry features at all. He did go through the customized install and turned off the 'cloud/personalization/sync options there', but that's it.

The actual telemetry features would still have been on.

Not to mention all the usual windows features that phone home:

Everything from windows update, to time sync, to the regular ping it does to see if you have internet connectivity would have still been on.

I'm guessing all the live tiles in his start menu were still on too, so they'd have been pulling ads and updates, etc.

Seriously... it's an interesting exercise and an interesting article about what one's computer is doing. But it doesn't show what anybody here is really concluding.

Re:Surprised?

[JustAnotherOldGuy]

While I'm right there with you in the frustration, and I fully despise the spying shit, I do understand why MS wouldnt want many flavors of their OS out in the wild. It's more things to patch, update, and support.

Yes, I get that, and I totally understand the reasons why they want to kill off all the older versions. That said, however, I like Win 7 and I'd like to keep using it. It works very well for me and I see no reason to change or upgrade at this time, especially if it's going to be forced on me. I'd bet that it will break some of my devices (scanners and other peripherals) and getting drivers for older gear for Win 10 is probably going to be impossible.

Is HP or Canon or Samsung going to take the time to write drivers for gear that's 5 years old but still works perfectly? Probably not, which means I'll have to buy new stuff just to stay at the same level of capability.

That's not even factoring in the telemetry, which by all reports seems to be incredibly invasive. I don't want my PC to be a data point for Microsoft's global analytics program.

Sorry, Microsoft, you're one "upgrade" away from losing me as a user forever. The day I wake up and find that they've turned my PC into a Win 10 box or borked it until I upgrade, it's over. Like I said, so far Linux Mint has been an ideal solution for me- it works. It does what I need. It was easy to install. It runs all of the applications I typically need. And it doesn't report every *&$%#! keystroke and web page back to Microsoft.

Seriously, I'm liking Mint so much that I may switch regardless of whether they force an upgrade on me or not. Yes, I'm sure there will be some pain as I scrounge about for stuff like a decent graphics program and a few other tools, but for me personally there's nothing I'm using that can't be replaced with a Linux alternative. Hell, half the stuff I use is web-based so most of it won't even be an issue.

I need a good text and programming editor. I need a decent FTP/SFTP program. I need a replacement for a regex tool called "Regex Coach", a replacement for a text search & replace tool called BKReplacem, a good DVD/CD burner, a modest audio editor, and that's about it. Everything else is already there as far as I can see. I'm looking for their replacements right now (and I'd welcome any suggestions you all may have).

So go ahead, Microsoft, pull that trigger. See what happens next. My PC will drop off of your radar, never to be seen again.

Re:Surprised?

[Anne+Thwacks]

If a company chooses Unix, then they're "locked in" to Unix, as well. The idea that there's some kind of MS-specific "lock in" is hogwash.

Except that, for the most part, Command line and APIs, even for X in Unix have changed little since 1978, so the "lock-in" is more the equivalent of having the odd pillow between you and where you want to go than the Windows/Apple 10 foot high concrete wall.

In the main, Unix API changes are for very good reasons (Unity and systemd being very visible, but highly atypical examples), whereas Windows API changes are intentional, put there to force upgrades on the user base for commercial reasons.

Once a company chooses Unix, it is hard to imagine they would go back, except at the point of a gun.

Re: Surprised?

[Billly+Gates]

Alright let's stop and just look what you wrote?

Now imagine what Joe Six pack owned in 2006? Probably a 1 core Pentium 4 with 512 megs of ram. Maybe a geek would own 1 gig and an athlonxp for a high end system middle 2000s as that is what I owned. I was helping an exgf reimage her laptop yesterday which was an AMD a4 1250 APU ssslllloooowww 1 gig netbook 1/3 the speed of an atom.

No kidding. But here is the kicker I sent to cpuboss.com to see how slow that thing was if 3 of them are as fast as a cell phone. The Pentium IV was slower. Literally opening a webpage took 100 cpu and 20 seconds to load if it had ajax. Outlook com is what slowed it.

That my friend was what people experienced Vista on??! Also the kernels got smaller and lighter since. 7 to 8 ran better.

Needless to say I put gwx control panel to block 10 and put 8.1 with classic start. I told her not to upgrade as her identity was stolen once and 10 was more bloated for such limited hardware.

Windows 7 was a much better OS and could sleep properly with only using 2 gigs instead of 4.

Re:Surprised?

[Ol+Olsoc]

gstoddart spare us your unoriginal mongoloid cretin scribblings!

I've been happy to disagree with gstoddart in the past, but he is 100 percent correct, and you dear AC - have gone full potato.

Re:Surprised?

[HiThere]

Well, Linux is not only weak on the desktop, it doesn't even have one. Now KDE, Gnome, Mate, xfce, etc., they have desktops. The problem is that there are too many for a new user to wrap their mind around. I find that KDE is the best general desktop, with xfce next. Gnome used to be right up there, and for awhile Gnome2 was ahead of KDE4, but Gnome3 I find totally useless. (Some people seem to like it.) xfce works well in low resource environments, though if you've got a really low resource environment, there are other options...but they aren't suitable for a new user.

The problem is desktop applications. This has largely been well addressed, but not totally. There are still niches that are not well served by Linux based programs. And sometimes the problem is that people just don't want to learn a new program...which can be the real problem even though it may manifest as complaints about missing features that aren't really used.

FWIW, after decades of redoing work, I decided that proprietary file formats were totally unacceptable. So for me Linux is the far superior system.

Re:Surprised?

[kuzb]

This is indicative of a more serious problem - the fact that Linux and FOSS zealotry is so great that they can't be bothered to learn anything about the systems they're attacking. Half the people I run in to who are like this think Windows 10 is just Windows 98 with a new skin.

Windows has faults - I think we can all agree on that. However if you're going to attack something at a fundamental level, you really should know that something well enough to understand what you're talking about. I find it doubtful that you can have that deep understanding if you've spent the last decade actively avoiding it.

As a community, we need to actively discourage FUD in all its forms - even when it's FUD that is attacking something we may not like.

Re:Surprised?

[HiThere]

Well, if that's so then their cheapest solution should be to replace the current system with a virtual system running MSVista (or earlier) and a tight firewall around all internet connections to prevent virus infections. By firewall I don't just mean a set of IPTables, I means something that will sanitize outgoing, and probably incoming, messages. What the firewall would allow would need to depend on the required connections, of course, but it should certainly limit the IPs that binary messages could be sent to or be accepted from.

Re:Surprised?

[NormalVisual]

Anyone who does immediately gets the bum's rush: incompetence, insubordination, bad judgement, blamed for someone else's incompetence or malfeasance, face doesn't fit, socially inept, politically incorrect... the list goes one for ever.

It's not just big companies where this happens, and it's not limited to the C-levels and their minions. In my experience, there are far too many in management at all levels that can't deal with the blow to the ego of being told that choices that they've made aren't good ones. Rather than actually think about what they've been told, they perceive it as unwarranted personal criticism even in the face of overwhelming objective evidence.

Re:Surprised?

[encad]

Your probably right, but all this wouldn't happen, if Microsoft would clearly (and hopefully auditable) state, what they actually transmit and how to stop it (in every version).
Most of this FUD is allowed to spread, because everyone, with the exception of very large enterprise customers, is left in the dark.
The stuff with retrofitting the invasive telemetry into 7/8/8.1 and pushing every private customer very hard to updates wasn't helpful either.

So for me personally this W7 machine will be the last with windows, running as long as somehow possible. I don't want cloud stuff (not working on 1 Mbps connections), I don't want telemetry I can't control or shut off and, last but not least, I still have no freaking idea on the future use of a W10 license (rebuild of maschine, failing parts, yadda yadda yadda).

Re:Surprised?

[Lumpy]

No not KISS.... CHEAP.

Walmart still uses those out of date IBM systems because they will have to rip out the IBM backend as well. changing over to something newer means millions of dollars.

Re:Surprised?

[fnj]

For years [Hitler] kept firing the best generals

I'm afraid you need a citation for this. At least up until the 20 July plot at which point defeat was inevitable anyway, the only significant case that comes to mind is the dismissal of Gerd von Rundstedt, and that was at least 50% a resignation. And Hitler quickly recognized his mistake and restored von Rundstedt.

Now, Stalin was the real example. Shortly before WW2 he purged 5 of his 7 Field Marshalls, 13 of his 15 Army Commanders, 50 of 57 Corps Commanders, 154 of 186 Division Commanders, 16 of 16 Army Commissars, 25 oi 28 Corps Commissars and 8 of 9 Admirals. This was part of a great reign of terror that ripped through the USSR, in which 680,000 persons were executed by being shot in the head. Counting deaths in vicious "detention" in the Gulag and other consequential deaths, it is estimated that 1.2 million died.

There was another purge in 1941, right during the German invasion.

Many of those purged were "executed" - basically murdered.

This insanity was one of the chief reasons why in the initial stages of Operation Barbarossa the Germans cut through the USSR like a knife through butter, despite USSR superiority in numbers and advantage of defense.

Re:Surprised?

[vux984]

So what?

He said he turned off all options that appeared. e.g. he did what a human being without specialized knowledge of Windows group policy would have done.

Precisely. And the article summary that got posted to slashdot, what does THAT say? That even with all telemetry turned off that windows 10 was phoning home left and right. That's not even slightly accurate, is it? And that's not acceptable either.

He left windows update running on a fresh install, and a shit pile of network activity happened as he monitored the next 8 hours after a fresh install.

Holy crap... call the papers! Lets collectively lose our shit!

Why is this acceptable?

Its not acceptable. Windows should give users more control. But that's not the point.

The point is that this isn't a list of 90+ ip addresses that were "surreptitiously contacted" after all telemetry was turned off. Telemetry wasn't turned off. Windows updates wasn't turned off. The internet connectivity check was running, the internet time sync was running, etc...

This is as ridiculous as cataloging all the bacteria on your body after taking a shower, and then losing your shit that the shower utterly failed to get you clean. The shower did what it was supposed to do; it's not defective. And half the bacteria that you cataloged was gut bacteria that should be there. And you didn't separate any of that out.

Re:Surprised?

[Jack+Griffin]

Once a company chooses Unix, it is hard to imagine they would go back, except at the point of a gun.

A lot of companies gave up on Unix and migrated to Linux...

Re:Surprised?

[Reziac]

Yeah, that's a good way to put it. My grok of Win10 is that it's really an interface to the Windows Store. Basically an attempt to use the desktop to cash in on the smartphone "store" concept.

Re:Surprised?

[houghi]

Did they want the UI change of Windows version to Windows version? My guess is no. People in general do not want change, unless they request it themselves AND are involved in the change process.

Windows is forcing change to users and it works. I believe XFCE and LXDE looks more like Windows than Windows.

The difference? Pre-installation. That makes people use Android. It makes people use MacOS and it makes people use Windows version whatever comes with their machine.

Except for the few elite here, people go to the store to buy a PC. They go home and turn it on. When the machine is slow, they go back to the store and buy a new one. Only a few will go for an OS. Now go to the store and ask for a Linux machine. If lucky, they will sell you an Android tablet.

And why do they get sold? Because they are pre-installed. No pre-installation, no usage in serious numbers.

That isn't trustful.

[jellomizer]

For the enterprise version we really need it predictable so it can be managed. Even if talking to MS is harmless and overall a good thing, it means you are having your computer talk to something you may not want too.

At work we are still on Windows 7 with little chance going over to 10 because of stuff like this. (I would prefer Linux, but our management is stuck in the 1990s)

Re:That isn't trustful.

[Bite+The+Pillow]

Can't wait until the DoD moves forward with Windows 10 and defense contractors have to disable this telemetry reporting.

There will be a way, at that point, or there will be problems.

Re:That isn't trustful.

[interval1066]

He doesn't have to. Hordes of engineers are constantly looking at open source, when some one finds such code the tech media is pretty good at reporting it. Strawman arguments do not become us...

Re:That isn't trustful.

[MightyMartian]

I think being open about what is being transmitted would help. I concede that in modern operating environments, there's a lot of checking for updates and patches, and while we do run a Windows Update Server at the main office (mainly to save some bandwidth and give us more granular control over updates), many of our road warriors and people at the branch offices still have their computers being updated directly by Windows own update services. That means data on software installed is going to Microsoft's servers, but the trade off is we keep our systems up to date.

However, we have a number of government contracts that require safe storage of data, including assuring that no confidential data is transmitted to unauthorized third parties or out of the country. At that point it gets iffy, and I'm trying to put my head around whether "telemetry" data puts us at risk in the breach of contract department. Particularly now as we just got a three year extension on contract which will take us through 2019, we are preparing for large scale upgrades. We've already updated our Windows servers to 2012 R2, and are now in the process of deciding whether to go through the irritation of Windows 7 licenses, or just jump to Windows 10, which has been working fairly well in our test environment.

Microsoft needs to come clean here, and explain what exactly is being sent to their servers.

Re:That isn't trustful.

[Anne+Thwacks]

W10 Defense Edition

Windows for Warships?

privacy and security.

[sumdumass]

I'm not sure how any company or business that deals with information that requires security by law could be using Windows 10. It would seem that defense contractors, law enforcement, financial and tax services as well as anyone subject to hippa laws would be in default automatically because what is sent is not documented.

Maybe it is time for a class action or something to get it turned off for real.

Re:privacy and security.

[hawkinspeter]

Additionally, I wonder how this is treated under EU privacy laws. Is the data staying within EU borders (from machines running in the EU) because if not, it could be breaching those laws.

Re:privacy and security.

[cfalcon]

> If MS was collecting information like that wouldn't they be in equally as much trouble?

NO! Read your Windows 10 EULA. It points to the privacy agreement, and that says that you give legal permission for all your keystrokes to be sent to Microsoft, along with pretty much everything else. Microsoft believes they are covered legally- the EULA grants vastly more invasive stuff than the software provides... so far...

Re:privacy and security.

[ray-auch]

AFAIK EU privacy laws apply to data pertaining to an "identified or identifiable natural person". What such data is being transmitted, what even _could_ be transmitted from a clean installed system (in TFA) that has never been logged into?

Unless you can answer that question, there is no evidence of any breach of law.

Further, the data only needs to stay within EU borders if it originates there, where was the test system? MS has extensive server and CDN presence within the EU, it is unlikely that the OS would fail to use those if they are the closest.

This is big news, actually

[cfalcon]

The Microsoft shills normally go down one of these paths:

1)- "You can turn it off if you pay for it"
(this ignores that you can't really buy enterprise and is malicious behavior in general, ignores that you can't turn stuff off in pro- but now it ALSO ignores that EVEN ENTERPRISE HAS NO TOGGLES!)

So it's BIG news because it means that even Enterprise is tucked into their botnet.

2)- "But google does this on their phone OS"
(this ignores that a phone OS isn't the same as a desktop OS, ignores that phones are pretty terrible at privacy and that this is due to several vendor lock-ins that don't have good outs, ignores that there's phones that DON'T do this, and is just generally so full of false equivalences that it's ludicrous on the face of it)

3)- "I have nothing to hide / you're old if you care"
(this is something a marketer would say, not a rational person- no one actually wants to buy or use spy tech)

4)- 'You can turn it off"
(this article is the latest showing that NO YOU CANNOT- someone will post one of the scripts or spybots or whatever that purports to disable it, and might even, but if you need some crazy tech solution to get your OS to MAYBE not spy on you ludicrously, it's a terrible OS)

So finding it in Enterprise destroys (1) even further, and is interesting for (4) as well.

I'm sure it won't stop them shills shilling though.

Re:This is big news, actually

[kheldan]

3)- "I have nothing to hide / you're old if you care"

I, and I'll easily assume that many, many others, are getting pretty damned sick and tired of hearing that line from idiots who have been so thoroughly indoctrinated, that they probably don't even consciously know that they're parroting it. It is a fact that, after a certain point in the development of a human being, desiring privacy is a normal, natural, healthy thing for a person to want. Not wanting or caring about your private life being private is an abberation, a sign that something is wrong. This whole faux culture of 'sharing everything with everyone' is some sort of a sickness and it needs to stop.

By the way, cfalcon, just to be sure you understand me: I'm agreeing with you on all counts, not attacking you.

Re:This is big news, actually

[Beeftopia]

3)- "I have nothing to hide / you're old if you care"

Response: "I may have nothing to hide, but my personal information is none of your gorram business."

If my information is valuable to you, you need to compensate me for it, if I'm interested in selling it. You have no right to take what is mine.

Re:This is big news, actually

[interval1066]

I don't know about Ubuntu but the flavors of Linux I use most frequently don't appear to be connecting to anything other than the usual network services during a simple audit of network activity I've conducted; just the usual dns queries, web requests, smtp connections, time updates, etc. And I've walled them off completely they still boot normally, so, whatever.

Re:Why are you surprised?

[unixisc]

Any monetary transactions I do these days is on my PC-BSD laptop or on either of my phones. I don't keep ANY financial stuff on my Windows laptop. Which btw, the only reason I have is that my work requires it. For all personal stuff, it's PC-BSD

Re: Seriously?

Hpw about if the NSA and google stopped doing it? How about microsoft doesnt do it. How about instead of cheering them on and saying, "if others are doing it why cant an OS" you just go die in a fire?

Telemetry confirmed?

[Vegan+Cyclist]

Has anyone analyzed the data being sent? Or is this a big assumption? Could this be other apps that were installed by default 'calling home'? I'm not doubting that MS might do this, but in all fairness, this seems example seems like unsubstantial speculation....and a pretty weak 'test to boot. Remember that high school class who put sprouts by a wifi router and found the 'closer plants died'? I did the same thing for fun, and found the closer sprouts actually grew faster and more abundantly, probably since they were warmer. Shouldn't we suspend judgement until further tests and confirmation is made...?

Re:Does it affect functionality at all?

[NormAtHome]

My question is: If you're running a small business with 20-50 computers running 10 Pro and each machine is phoning home even 1,000 times a day, how much is that effecting your internet connection? How much more traffic is your network having to handle? What kind of performance hit are your computers, network and internet taking?

Blocking connections probably increases attempts

[enosys]

If you block connections, what would have normally been one successful connection can become many connection attempts. It's also possible that retries for the same thing would use different IP addresses. Someone needs to try an experiment like this without the blocking. A log of the data being transmitted would also be interesting. A lot of that is probably encrypted, but https monitoring via wildcard certificate MITM could capture some in decrypted form.

Re:How does Ubuntu Linux compare?

[cfalcon]

> Ubuntu is worse, actually.
Lie.

>Not only does it send searches,
You can turn off the search send. It's being removed soon. If you care, don't use Ubuntu, use any other Linux. There's no one else providing distros of Windows to run to when Microsoft fails. They have failed.

> but each individual library or package can phone home to a different developer with different information collected about your system

First, it asks you each time, you can uncheck a box.
Second, here's your fix:

apt-get remove apport

Did you want to keep it around? Edit /etc/default/apport and change "enabled" to 0. Then it won't launch on boot.

It's optional, it can be disabled, and it asks you each fucking time anyway.

> There's also more incentive for Linux software to monetize user activity
There's no incentive for Linux (a kernel) to do this. There's no incentive for Linux as a general OS to do this. There is incentive for SOME companies that have Linux distributions to try to "monetize users", but you can, of course, simply not use their products- because Linux is a whole set of distributions.

Are you done with the fud? We'll never know AC, we'll never know.

Re:How does Ubuntu Linux compare?

[cfalcon]

He's talking about apport, I'm pretty sure. I responded to that. He's also pretending that a box you can uncheck using a program you can disable or uninstall in one single distro out of hundreds (and not even the most common one) is the same or worse than Microsoft dumping data that only they can decrypt over thousands of connections silently.

More analysis required

[GuB-42]

One problem with the approach used is that the firewall is configured to drop all connections. This is not a realistic picture.
An analysis of the content would also be interesting because even with telemetry disabled, there are plenty of reason for connecting to Microsoft servers such as software updates. Most of them are port 80 and port 443. Port 80 is normal http traffic and is easy to analyse, port 443 is encrypted so it is a bit harder but if you can add your own certificate authority to the windows install, you can try doing man-in-the-middle. There is also UDP port 3544 which is related to IPv4 - IPv6 transition, which in itself is probably harmless but may hide other connection attempts (that's one of the reasons why you won't get a realistic picture by dropping everything).

The only thing this experiment tells us is that Windows communicates with MS servers even with telemetry disabled. It smells but without further analysis, it is not very useful information.

The way to fight this

[execthis]

So I can log into a terminal session on my home router. The router also supports blocking hosts by either IP address or by hostname. Somewhere on it those hosts must be in a config file, and I can probably just edit that file via a console. This means I can run a script. A script that can periodically check for an updated list of hosts to block. Either I or someone else can maintain such a list.

This list puts all their shit out of business. This is the way of the future then. I look forward to the new generation of broadband modems coming out to support blocklist technology exactly for this purpose: To block evil companies from spying on and tracking us.

My guess is, if the author were to carefully track this, that eventually it will be noticed that, following upcoming system updates to Windows, that the hosts he has listed will magically change and there will be new ones. Microsoft and its evil cohorts can easily shuffle around IP addresses in response to this. So running a blocklist filter on home broadband modems/routers is the way to go now for the future of privacy.

Re:The way to fight this

[execthis]

You mean I'm actually expecting you to be able to read?!?

So cute!

Re:The way to fight this

[Calydor]

He's not talking about the Windows HOSTS file, but a list on the router - a piece of hardware that is NOT running Windows 10.

Yet.

Re:The way to fight this

[mikael]

Sure you can block one IP address at a time. Then they'll switch to a range of IP addresses, then funnel *everything* through a single IP address with a proxy server. I got fed up of constantly seeing IP traffic sent out, so tried blocking things. I'm using Privacy Badger:

https://en.wikipedia.org/wiki/...

Safe Browsing also stores a mandatory preferences cookie on the computer which the US National Security Agency allegedly uses to identify individual computers for purposes of exploitation.

https://www.mozilla.org/en-US/...

"Add-ons Blocklist: Firefox contacts Mozilla once per day to check for add-on information to check for malicious add-ons. This includes, for example: browser version, OS and version, locale, total number of requests, time of last request, time of day, IP address, and the list of add-ons you have installed. You can turn off metadata updates at any time, but it may leave you open to security vulnerabilities."

"To help display relevant snippets, Firefox sends Mozilla a monthly request to look up your location at a country level using your IP address. We then send that country level information back to Firefox, where it's stored locally. Firefox will then choose snippets to show you based on the locally stored country information."

Re:The way to fight this

[KGIII]

LOL Except Windows 10 doesn't actually use the hosts file for this. They're hard-coded IP addresses and you can't block them with the hosts file. You can add 'em all you want, it won't help. Folks have shown video of this. They've added the domains to the hosts file and then used Wireshark (that's what the interface looked like, as I recall) and there's still outbound communication with the very same IP addresses at the very same level. Nope, hosts isn't gonna cut it.

Re:The way to fight this

[Opportunist]

[...] but you'll also lost OneDrive, Cortana and even Bing[...].

And nothing of value was lost.

Re:The way to fight this

[Jack+Griffin]

Sure you can block one IP address at a time. Then they'll switch to a range of IP addresses

Might be easier just to whitelist addresses instead. My browsing habits have slowly whittled down to a few regulars, Slashdot, wikipedia, youtube, and a few local resources etc. It wouldn't be too hard to have a browser plug-in that updates your router whitelist, and block everything else en masse.

Re:It'd be interesting...

[cfalcon]

> Will Win10 stop working?

Not yet it won't. That's the game the Windows users are playing right now- a bunch of firewall settings. Some data is passed ignoring hosts files, so there's talk about an application firewall so you can keep using Windows.

Of course, all Microsoft has to do is a throw Switch-A and everything changes and all those guys have to change their block settings, or throw Switch-B and your system stops working if it hasn't spied on you in a while.

But in the meantime, Windows users are so desperate that they are basically considering building and using a guard.

How bad is it?

[reboot246]

Are we to the point of a class action lawsuit or a Congressional investigation?

If all we're talking about is everybody here boycotting Microsoft, it's not going to work. We're a very tiny percentage of computer users.

What realistically can be done about it?

There is some traffic users might want

[cohomology]

[ I can't tell if others have commented on this ]

The kind of traffic matters. Some external communication is reasonable.

NTP, to synchronize clocks.
Checking for certificate revocation.
Checking for the existence of security updates.
Downloading lists of sites known to be malicious.

You can take responsibility for these functions, but servers need to get them done.

Know the limits of any OS

[AHuxley]

Only use Microsoft to play computer games on. Keep that AV updated and use real OS's for other tasks.

Re:One other idea

[KGIII]

I don't think I've ever once said this -- or anything like it. But, it's seemingly reached that point. I guess, if I'm going to say it, I should make it a point to say it differently, perhaps better, than others. So...

If you have to go through all of that just to have your OS behave the way you tell it to behave, if you have to use hardware to stop your computer from doing what you tell it to do, if you have to work to keep things from the OS vendor, then do you *really* trust the OS at all? Do you really feel so compelled to use it?

http://cdimage.ubuntu.com/lubu...

That said, I don't use Windows. If I were using Windows, I'd leave the telemetry data enabled. Yes, I'd let them collect that data - knowingly and willfully. I'd rather they have my data (it's seemingly anonymous and they've a decent history at keeping that data in their own hands and a vested interest in keeping that data for themselves) about my computer usage so that they could understand how I used my computer and what hardware I was using. It'd mean a greater potential for a better computing experience.

So, I'd leave it enabled. However, I can understand that some folks don't want it enabled and I think the OS should obey that choice. Off means off - not partially off. I use Linux but not because I want to keep my computer usage metrics from Microsoft nor because I have a dislike for proprietary software. I use Linux because I like to break stuff and learn new things. Breaking and fixing is how I learn.

But, if you've gotta go through all those hoops then should you trust it at all? At that point, you might as well go with a whitelist approach. Or, really, you might as well find an alternative even if it means some sacrifice. I wasn't learning anything new with Microsoft products so I simply stopped using them. I doubt you'd have the same motives as I. I do know that if I wanted to disable telemetry and had to go through all of that, I'd use a whole other OS instead.