Even With Telemetry Disabled, Windows 10 Talks To Dozens of Microsoft Servers

An esteemed reader writes: Curious about the various telemetry and personal information being collected by Windows 10, one user installed Windows 10 Enterprise and disabled all of the telemetry and reporting options. Then he configured his router to log all the connections that happened anyway. Even after opting out wherever possible, his firewall captured Windows making around 4,000 connection attempts to 93 different IP addresses during an 8 hour period, with most of those IPs controlled by Microsoft. Even the enterprise version of Windows 10 is checking in with Redmond when you tell it not to — and it's doing so frequently.

Surprised?

[gstoddart]

Is anybody surprised by this?

Microsoft has pretty clearly telegraphed they don't give a shit about what the people who own the machines want, and they're going to do whatever the fuck they want.

That Microsoft is doing this is surprising in no way to me.

Microsoft simply can't be trusted to not just do what they please here.

Re:Surprised?

[gstoddart]

In fairness, with enough resources, Vista didn't suck nearly as bad as people said it did .. I ran it on a quad core machine with 8GB of RAM until a year ago, and it was just fine.

But Microsoft has gone from "Vista sucks and Windows 8 was kind of annoying" to "actively not trustworthy" in this -- this is saying "we don't give a crap about what you are willing to let us do, we're going to do it anyway".

Sorry, but, no way this is anything but Microsoft deciding they'll get your data no matter your opinion.

Re:Surprised?

[JustAnotherOldGuy]

Microsoft has pretty clearly telegraphed they don't give a shit about what the people who own the machines want, and they're going to do whatever the fuck they want.

And this is it in a nutshell. Microsoft is going to do whatever they want with your PC, and that's that.

I just installed Linux Mint as a test to see how it works, and so far I'm liking it a lot. I was driven to do this by the near-certainty that MS will force Win 10 on home users like me no matter what they do or don't want, and no matter what we "opt-out" of.

It's only a matter of time, and short of completely disconnecting my PC from the net, I don't see how I can prevent them from doing a stealth or forced upgrade. If I manage to completely block all their servers (unlikely) my guess is that my 100% legal copy of Win 7 will just stop working one day and won't function again until I "upgrade".

So I may be switching to Linux Mint sooner that I thought, but so far Mint seems to be great, super simple to install and it runs like a champ. And with Wine I can use some of the little Windows apps that I've grown dependent on until I find replacements for them.

So keep pushing Microsoft, you'll push me right over to Linux.

Re:Surprised?

[sims+2]

Performance wise yes with enough resources it was fine. But the oem's never sold stock systems with "enough" for the entire time vista was on the market.
The low end systems today with windows 10 still don't have the power to make vista work as intended.
Plus i've never encountered a windows vista system with more than 4GB stock memory most came with just 2GB or less.
Windows 7 handles it a bit better. However there is currently a bug with the windows update process and any system with less than 4GB of memory will page out to disk while trying to install the second set of 124 updates. Msft hasn't admitted to that yet either though.

Imho no one anywhere should even have the option to buy a new windows system with less than 4GB.

Re:Surprised?

[Midnight+Thunder]

No I was surprised that they were able to stay in business after the launch of vista and the windows 8 disaster.

Given the alternatives, I am not surprised people have stayed with them. Not, because the alternatives are bad, but because of the investment in terms of money and human skill sets.

The real alternatives are MacOS and Linux, but they have their own issues. MacOS limits your hardware choice to one company, even if some may argue it is the 'more user friendly OS' and Linux still doesn't feel like it has the user facing polish it could have, then add to the fact that there doesn't seem to be a desktop UI that seems to have a strong continual investment in improving the experience that the lowest common denominator of uses would appreciate.

The way I see it:
    - Linux is a great server OS, but weak on the desktop
    - MacOS is strong on the desktop, but weak on the server
    - Windows is average everywhere

The above also indicates why I believe many companies choose Windows: it may not be the best at anything, but works well enough for must general use cases and allow companies to deal with one vendor and not need a high level of expertise.

Re:Surprised?

[gstoddart]

Performance wise yes with enough resources it was fine. But the oem's never sold stock systems with "enough" for the entire time vista was on the market.

Well, was that Microsoft lying about minimum requirements, or OEMs ignoring them?

Because, really, way back in the day with Windows 3.11 when machines were sold with 4MB of RAM ... it was still unusable with only one application running.

Companies have been selling Windows machines with too damned little RAM for 25 years.

Re:Surprised?

[sims+2]

Microsoft lying about minimum requirements.
The question is why?
It doesn't really cost msft anything to change the arbitrary requirements. They ought to have been upped to 4GB years ago.
At the same time they could have written the system in such a way that it didn't use 2.7GB while updating.

Vista was bad for performance and the UAC was extra naggy by default they even scaled UAC back by default in windows 7+
8/8.1 has a terrible stock ui without a touch screen (should have been a system requirement if they were going to tell everyone else to gtfo) better with classic shell.
10 is a compromise between 7 and 8 but the start menu is still screwed up.

Re:Surprised?

[Archtech]

There's a strange type of inertia that applies to large companies. Even when they completely screw the pooch, they tend to hang on for years and years after the fact.

The bigger and more hierarchical the company, the greater the power of groupthink. It gets so that nobody who tells the truth and talks about the real facts and figures can survive within about five levels of management of the executive suite. Anyone who does immediately gets the bum's rush: incompetence, insubordination, bad judgement, blamed for someone else's incompetence or malfeasance, face doesn't fit, socially inept, politically incorrect... the list goes one for ever.

Hence the top management never gets to hear the truth; everything they do is praised to the skies. And they start to think they are wonderful, too, until they hit the wall at 90 mph. Sorry to Godwin, but Hitler was one of the all-time classic examples. For years he kept firing the best generals until he was surrounded by mediocre yes-men; then he probably wondered why nobody could get anything done.

If the truth were known, our corporations are infested by thousands of would-be Hitlers who lack what it takes even to be a petty tyrant.

Re:Surprised?

[sims+2]

I want a UI that looks like it was ripped out of windows nt.
and is light weight enough to handle 10 file windows in under 100MB of ram.

I want my os to run my programs and work with my existing equipment.

I don't however have any need for the os to have pretty graphics and flashy transitions.

At work our machines run one program only the mouse is only used twice a day once to start the program and once to shut the computer down at the end of the day.
The program runs full screen so all of the terminals look identical regardless of the underlying os.

If we actually closed at the same time each day with minimal scripting we could eliminate the mouse entirely.

If your at home and you play a game most of those run full screen too so all the ui needs to be is easy to use, stable and lightweight.

Last I looked at ubuntu they had switched to this flashy graphic designed for touch screen gnome ui.
I don't feel that's better than win 7. Gnome didn't used to look flashy that was KDE's thing but now they both look flashy what happened?

Keep in mind walmart largest retailer in the country is still today using IBM checkout systems. Why? because K.I.S.S

Re:Surprised?

> Mac OS limits your hardware choice to one company, even if some may argue it is the 'more user friendly OS'

I believe we can say Apple is not user's money friendly.

Perhaps they don't want to risk their end-user business model; if they could create a separate company for the enterprise market, maybe that could work.

> and Linux still doesn't feel like it has the user facing polish it could have

Well, things can be improved, for sure, but I feel it's already on par with Mac OS. And it has been ahead of Windows for some time already...

> then add to the fact that there doesn't seem to be a desktop UI that seems to have a strong continual investment in improving the experience that the lowest common denominator of uses would appreciate

Unity is the classical counter-example here, but I must recognize Gnome serves LCD uses very well, though I'm really more a KDE|Xfce user.

KDE has been shown to unsuspecting users as the new Windows interface and has been praised to no end. As I work with Windows 7, I must cringe everyday about how less friendly it is -- even if compared to Xfce.

Recently, I've been testing KDE Plasma and found it _very_ good looking and polished; for comparison with Windows 10, I didn't try it yet, but from Youtube videos, Deepin looks on par if not better than W10 experience.

> - Linux is a great server OS, but weak on the desktop

Not really. I've been using since many years and it has constantly improved by leaps and bounds. I'm willing to admit it has some distance to cover regarding games, but that doesn't mind at all on the enterprise and I'd say most end-users are not gamers -- they really want to make homework, create pdfs, use spreadsheets, watch Internet videos, watch multimedia created with their smart phones... lots and lots of things which don't really require Windows.

Linux has some really nice offerings on the desktop besides Ubuntu.

> - MacOS is strong on the desktop, but weak on the server

They seem not interested in servers. For the prices they charge, they also seem not interested in desktops; for them, it appears, it's a post-PC world.

> - Windows is average everywhere
> The above also indicates why I believe many companies choose Windows: it may not be the best at anything, but works well enough for must general use cases and allow companies to deal with one vendor and not need a high level of expertise.

A valid point, no doubt. And therein lies the source of our problems: whatever Windows does, someone does that better. It's hard to live with a product perceived as inferior. But most know no other alternative. So Linux and BSD (Mac OS included) are not to blame, in fact...

Another point is that companies really need someone to talk to. Apple has a lot of ground to cover on that regard (and I believe they probably should start a division if they ever want to be relevant here), Linux has some companies which don't care about the desktop (Red Hat), some that care (Canonical) and are slowly becoming relevant and others IMHO who are too small or somewhat undecided (e.g. SuSE).

In my country, if I were a company, I bet I could easily hire someone for in-premises Windows desktop support; not so sure with Canonical. For servers, I bet it would be easy to get contacted by Red Hat, SuSE or Oracle.

For end-users, things are surprisingly easier because: a. nobody gets good Windows support anyway and b. Linux support on the Internet is first-quality.

Re:Surprised?

[AmiMoJo]

I read TFA, the guy is an idiot and screwed up the test.

He configured the router to drop all connections. So Windows tries to access Windows Update, and it fails. So it tries the next server on the list, which fails. Strange, the interface has an IP address, try the next one...

Windows also has this thing called the Out Of Box Experience. It's been there since at least 98, probably before. The first time you log in, it runs a few things so you can choose your preferences and set important stuff up. If you ignore it, it will carry on looking for updates from the Windows Store, updates for live tiles in the start menu etc.

Every OS enables a load of crap by default. This is not surprising at all.

Unlike the guy in TFA, I bothered to do this properly. If you disable everything and don't use Windows Store apps then the only traffic is to Windows Update.

This is what happens when your source is a Reddit knock-off full of people who found Reddit too civil.

Re:Surprised?

[Anne+Thwacks]

If a company chooses Unix, then they're "locked in" to Unix, as well. The idea that there's some kind of MS-specific "lock in" is hogwash.

Except that, for the most part, Command line and APIs, even for X in Unix have changed little since 1978, so the "lock-in" is more the equivalent of having the odd pillow between you and where you want to go than the Windows/Apple 10 foot high concrete wall.

In the main, Unix API changes are for very good reasons (Unity and systemd being very visible, but highly atypical examples), whereas Windows API changes are intentional, put there to force upgrades on the user base for commercial reasons.

Once a company chooses Unix, it is hard to imagine they would go back, except at the point of a gun.

Re:Surprised?

[Ol+Olsoc]

gstoddart spare us your unoriginal mongoloid cretin scribblings!

I've been happy to disagree with gstoddart in the past, but he is 100 percent correct, and you dear AC - have gone full potato.

Re:Surprised?

[HiThere]

Well, Linux is not only weak on the desktop, it doesn't even have one. Now KDE, Gnome, Mate, xfce, etc., they have desktops. The problem is that there are too many for a new user to wrap their mind around. I find that KDE is the best general desktop, with xfce next. Gnome used to be right up there, and for awhile Gnome2 was ahead of KDE4, but Gnome3 I find totally useless. (Some people seem to like it.) xfce works well in low resource environments, though if you've got a really low resource environment, there are other options...but they aren't suitable for a new user.

The problem is desktop applications. This has largely been well addressed, but not totally. There are still niches that are not well served by Linux based programs. And sometimes the problem is that people just don't want to learn a new program...which can be the real problem even though it may manifest as complaints about missing features that aren't really used.

FWIW, after decades of redoing work, I decided that proprietary file formats were totally unacceptable. So for me Linux is the far superior system.

Re:Surprised?

[encad]

Your probably right, but all this wouldn't happen, if Microsoft would clearly (and hopefully auditable) state, what they actually transmit and how to stop it (in every version).
Most of this FUD is allowed to spread, because everyone, with the exception of very large enterprise customers, is left in the dark.
The stuff with retrofitting the invasive telemetry into 7/8/8.1 and pushing every private customer very hard to updates wasn't helpful either.

So for me personally this W7 machine will be the last with windows, running as long as somehow possible. I don't want cloud stuff (not working on 1 Mbps connections), I don't want telemetry I can't control or shut off and, last but not least, I still have no freaking idea on the future use of a W10 license (rebuild of maschine, failing parts, yadda yadda yadda).

Re:Surprised?

[fnj]

For years [Hitler] kept firing the best generals

I'm afraid you need a citation for this. At least up until the 20 July plot at which point defeat was inevitable anyway, the only significant case that comes to mind is the dismissal of Gerd von Rundstedt, and that was at least 50% a resignation. And Hitler quickly recognized his mistake and restored von Rundstedt.

Now, Stalin was the real example. Shortly before WW2 he purged 5 of his 7 Field Marshalls, 13 of his 15 Army Commanders, 50 of 57 Corps Commanders, 154 of 186 Division Commanders, 16 of 16 Army Commissars, 25 oi 28 Corps Commissars and 8 of 9 Admirals. This was part of a great reign of terror that ripped through the USSR, in which 680,000 persons were executed by being shot in the head. Counting deaths in vicious "detention" in the Gulag and other consequential deaths, it is estimated that 1.2 million died.

There was another purge in 1941, right during the German invasion.

Many of those purged were "executed" - basically murdered.

This insanity was one of the chief reasons why in the initial stages of Operation Barbarossa the Germans cut through the USSR like a knife through butter, despite USSR superiority in numbers and advantage of defense.

That isn't trustful.

[jellomizer]

For the enterprise version we really need it predictable so it can be managed. Even if talking to MS is harmless and overall a good thing, it means you are having your computer talk to something you may not want too.

At work we are still on Windows 7 with little chance going over to 10 because of stuff like this. (I would prefer Linux, but our management is stuck in the 1990s)

Re:That isn't trustful.

[Bite+The+Pillow]

Can't wait until the DoD moves forward with Windows 10 and defense contractors have to disable this telemetry reporting.

There will be a way, at that point, or there will be problems.

Re:That isn't trustful.

[MightyMartian]

I think being open about what is being transmitted would help. I concede that in modern operating environments, there's a lot of checking for updates and patches, and while we do run a Windows Update Server at the main office (mainly to save some bandwidth and give us more granular control over updates), many of our road warriors and people at the branch offices still have their computers being updated directly by Windows own update services. That means data on software installed is going to Microsoft's servers, but the trade off is we keep our systems up to date.

However, we have a number of government contracts that require safe storage of data, including assuring that no confidential data is transmitted to unauthorized third parties or out of the country. At that point it gets iffy, and I'm trying to put my head around whether "telemetry" data puts us at risk in the breach of contract department. Particularly now as we just got a three year extension on contract which will take us through 2019, we are preparing for large scale upgrades. We've already updated our Windows servers to 2012 R2, and are now in the process of deciding whether to go through the irritation of Windows 7 licenses, or just jump to Windows 10, which has been working fairly well in our test environment.

Microsoft needs to come clean here, and explain what exactly is being sent to their servers.

privacy and security.

[sumdumass]

I'm not sure how any company or business that deals with information that requires security by law could be using Windows 10. It would seem that defense contractors, law enforcement, financial and tax services as well as anyone subject to hippa laws would be in default automatically because what is sent is not documented.

Maybe it is time for a class action or something to get it turned off for real.

Re:privacy and security.

[hawkinspeter]

Additionally, I wonder how this is treated under EU privacy laws. Is the data staying within EU borders (from machines running in the EU) because if not, it could be breaching those laws.

Re:This is big news, actually

[kheldan]

3)- "I have nothing to hide / you're old if you care"

I, and I'll easily assume that many, many others, are getting pretty damned sick and tired of hearing that line from idiots who have been so thoroughly indoctrinated, that they probably don't even consciously know that they're parroting it. It is a fact that, after a certain point in the development of a human being, desiring privacy is a normal, natural, healthy thing for a person to want. Not wanting or caring about your private life being private is an abberation, a sign that something is wrong. This whole faux culture of 'sharing everything with everyone' is some sort of a sickness and it needs to stop.

By the way, cfalcon, just to be sure you understand me: I'm agreeing with you on all counts, not attacking you.

Telemetry confirmed?

[Vegan+Cyclist]

Has anyone analyzed the data being sent? Or is this a big assumption? Could this be other apps that were installed by default 'calling home'? I'm not doubting that MS might do this, but in all fairness, this seems example seems like unsubstantial speculation....and a pretty weak 'test to boot. Remember that high school class who put sprouts by a wifi router and found the 'closer plants died'? I did the same thing for fun, and found the closer sprouts actually grew faster and more abundantly, probably since they were warmer. Shouldn't we suspend judgement until further tests and confirmation is made...?

Re:This is big news, actually

[Beeftopia]

3)- "I have nothing to hide / you're old if you care"

Response: "I may have nothing to hide, but my personal information is none of your gorram business."

If my information is valuable to you, you need to compensate me for it, if I'm interested in selling it. You have no right to take what is mine.

Blocking connections probably increases attempts

[enosys]

If you block connections, what would have normally been one successful connection can become many connection attempts. It's also possible that retries for the same thing would use different IP addresses. Someone needs to try an experiment like this without the blocking. A log of the data being transmitted would also be interesting. A lot of that is probably encrypted, but https monitoring via wildcard certificate MITM could capture some in decrypted form.

Re:How does Ubuntu Linux compare?

[cfalcon]

> Ubuntu is worse, actually.
Lie.

>Not only does it send searches,
You can turn off the search send. It's being removed soon. If you care, don't use Ubuntu, use any other Linux. There's no one else providing distros of Windows to run to when Microsoft fails. They have failed.

> but each individual library or package can phone home to a different developer with different information collected about your system

First, it asks you each time, you can uncheck a box.
Second, here's your fix:

apt-get remove apport

Did you want to keep it around? Edit /etc/default/apport and change "enabled" to 0. Then it won't launch on boot.

It's optional, it can be disabled, and it asks you each fucking time anyway.

> There's also more incentive for Linux software to monetize user activity
There's no incentive for Linux (a kernel) to do this. There's no incentive for Linux as a general OS to do this. There is incentive for SOME companies that have Linux distributions to try to "monetize users", but you can, of course, simply not use their products- because Linux is a whole set of distributions.

Are you done with the fud? We'll never know AC, we'll never know.

Re:This is big news, actually

[interval1066]

I don't know about Ubuntu but the flavors of Linux I use most frequently don't appear to be connecting to anything other than the usual network services during a simple audit of network activity I've conducted; just the usual dns queries, web requests, smtp connections, time updates, etc. And I've walled them off completely they still boot normally, so, whatever.

More analysis required

[GuB-42]

One problem with the approach used is that the firewall is configured to drop all connections. This is not a realistic picture.
An analysis of the content would also be interesting because even with telemetry disabled, there are plenty of reason for connecting to Microsoft servers such as software updates. Most of them are port 80 and port 443. Port 80 is normal http traffic and is easy to analyse, port 443 is encrypted so it is a bit harder but if you can add your own certificate authority to the windows install, you can try doing man-in-the-middle. There is also UDP port 3544 which is related to IPv4 - IPv6 transition, which in itself is probably harmless but may hide other connection attempts (that's one of the reasons why you won't get a realistic picture by dropping everything).

The only thing this experiment tells us is that Windows communicates with MS servers even with telemetry disabled. It smells but without further analysis, it is not very useful information.

The way to fight this

[execthis]

So I can log into a terminal session on my home router. The router also supports blocking hosts by either IP address or by hostname. Somewhere on it those hosts must be in a config file, and I can probably just edit that file via a console. This means I can run a script. A script that can periodically check for an updated list of hosts to block. Either I or someone else can maintain such a list.

This list puts all their shit out of business. This is the way of the future then. I look forward to the new generation of broadband modems coming out to support blocklist technology exactly for this purpose: To block evil companies from spying on and tracking us.

My guess is, if the author were to carefully track this, that eventually it will be noticed that, following upcoming system updates to Windows, that the hosts he has listed will magically change and there will be new ones. Microsoft and its evil cohorts can easily shuffle around IP addresses in response to this. So running a blocklist filter on home broadband modems/routers is the way to go now for the future of privacy.

Re:The way to fight this

[Opportunist]

[...] but you'll also lost OneDrive, Cortana and even Bing[...].

And nothing of value was lost.