ZDNet Writer Downplays Windows 10's Phoning-Home Habits

jones_supa writes: Gordon F. Kelly of Forbes whipped up a frenzy over Windows 10 when a Voat user found out in a little experiment that the operating system phones home thousands of times a day. ZDNet's Ed Bott has written a follow-up where he points out how the experiment should not be taken too dramatically. 602 connection attempts were to 192.168.1.255 using UDP port 137, which means local NetBIOS broadcasts. Another 630 were DNS requests. Next up was 1,619 dropped connection attempts to address 94.245.121.253, which is a Microsoft Teredo server. The list goes on with NTP, random HTTP requests, and various cloud hosts which probably are reached by UWP apps. He summarizes by saying that a lot of connections are not at all about telemetry. However, what kind of telemetry and data-mined information Windows specifically sends still remains largely a mystery; hopefully curious people will do analysis on the operating system and network traffic sent by it.

What about

[NotInHere]

Adding [forbes.com] to forbes links on the front page?

Not only am I bothred by the phone-home,

I am bothered by the explicit policy of tracking everything I do within my OS. That is the real issue. That is why I am leaving Windows forever.

Re:Not only am I bothred by the phone-home,

[BarbaraHudson]

And what business is of theirs what software I'm running and how often I'm using it? It's not their computer. Also, the article writer attempted to minimize the consequences by saying that you can greatly limit the amount of requests in Windows Enterprise. The majority of users are not using the Enterprise edition.

What an obvious apologist/shill.

Re:Not only am I bothred by the phone-home,

[F.Ultra]

True that Ubuntu did it by default before (they have since disabled it) but you could easily disable it via the GUI settings. I disabled it and unless I actively do something with the network like surf the web with Firefox or stream music then a "sudo tcpdump -nvpi eth0" on my Ubuntu shows absolutely no connection attemps from my machine what so ever, all that I see is some other machine on the network sending broadcast ARP requests for the MAC of the defautl gateway.

f.ultra@ubuntu:~$ sudo tcpdump -nvpi eth0
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
19:49:51.946496 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:49:53.996275 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:49:56.054219 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:49:58.136104 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:00.221756 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:02.276667 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:04.353056 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:06.431986 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:08.520302 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:10.584220 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:12.625328 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:14.712258 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:16.782389 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:18.856272 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46

And it goes on and on like that for hours, so no most Linux distros does not do some of this too.

Re:Not only am I bothred by the phone-home,

[The-Ixian]

Yeah, and when I read about this test for the first time this was my criticism exactly.

If you have a machine that is phoning home, you are only going to generate more connections as the software re-queues and retries the failed connections.

If you want to do a real analysis, you would allow all the connections and count/trace those.

To block everything and then count/trace, you are being inaccurate at best and disingenuous at worst.

wtf is this article

[LichtSpektren]

Apparently it's some apologism for Windows 10, but an unbelievably poor one. "Oh no, no no! Please don't panic because Windows phones home to over 100 different servers even when you turn the telemetry off. It's probably, eh... nobody's quite sure, but I'm sure everything will be okay!"

Relax folks, not every Win10 packet is spying data

[JoeyRox]

This is supposed to be comforting?

What kind of telemetry

[Dunbal]

They gave away at least a few billion dollars' worth of revenue when they gave away Windows 10 for free. So the kind of telemetry they are collecting is at least worth a few billion dollars. Anyone who says different is lying. There is no free lunch.

Re:What kind of telemetry

[LichtSpektren]

They gave away at least a few billion dollars' worth of revenue when they gave away Windows 10 for free. So the kind of telemetry they are collecting is at least worth a few billion dollars. Anyone who says different is lying. There is no free lunch.

I would like to augment your point by commenting that Microsoft isn't just *giving* Win10 away, they're *foisting* it as hard as it can, likely breaking quite a few laws in the process.

So that means the profit they're expected to make off of people running Win10 must vastly exceed the cost of making Win10, AND the cost of fighting off all the lawsuits in the process of ramming Win10 onto peoples' computers. One could argue that perhaps they're expecting all that profit to come from people being exposed to the built-in advertisements and the Windows Store, or people so pleased with the OS that they run out and buy a Surface/Xbox/WinPhone, but does anybody really believe that?

Re:What kind of telemetry

[hairyfeet]

Actually allow me to correct your correction as MSFT is giving away absolutely nothing as a full version (not the "super duper extra spyware" insider edition) of Windows 10 Requires a legal key from 7 or 8 which currently costs as of this writing between $100-$200 dollars and there are several reports of users trying to go back to Windows 7 after the 30 days to find THEIR KEYS ARE NOW INVALIDATED. I can attest to this being true as I've had to talk to more damned third world MSFT flunkies than I ever cared to thanks to this very issue.

So the REAL cost of Windows 10 is currently between $100- $200 USD, that is the cost of the Windows 7 or 8 key you are giving up by taking this "free OS" and not going for the super duper extra spyware insider edition......sorry but that is the most fucking expensive "free OS" I've ever seen in my life and why we need to kill that "Oh its free you can't complain" bullshit because that is what it is, total bullshit!

Re:No worse than iPhone

[LichtSpektren]

You can't even listen to music on OS X or iPhone without the software contacting Apple.

I'm quite tired of this nonsense rebuttal. When you use an Apple application, it contacts Apple's servers to see if there are updates available--you can turn that off as well. In contrast, when do you even the most mundane things in Win10 (with the telemetry turned off, mind you), the OS contacts over 100 different domains: https://github.com/WindowsLies...

Why the fuck does Win10 contact telemetry.appex.bing.net, ad.doubleclick.net, and watson.live.com whenever you open the fucking Notepad?

poison the data

[frovingslosh]

Some of use don't have the luxury of not using Windows, either because we need to run applications that are only on Windows or we work with or support others who cannot be forced off Windows. What we really need is a hardware firewall that blocks all access to Microsoft domain names and IP addresses. Or even better one that sends bad data to Microsoft. Maybe a nice little distributed computing project would be to know what data Microsoft is collecting and the write and distribute software that keeps feeding Microsoft bogus data to make their data collection less useful. If enough people ran such software, and I believe a lot of people would gladly do it no matter if the were Windows or Linux users, Microsoft might get the message and cut this out.

Re:poison the data

[jenningsthecat]

...What we really need is a hardware firewall that blocks all access to Microsoft domain names and IP addresses.

I recall reading within the past week, (probably in connection with Office 365), that some functionality was simply broken when telemetry was disabled beyond what the OS itself allows users to disable. Perhaps that breakage only applies to Microsoft applications; but if it doesn't already apply to third party programs, and indeed to the OS proper, I'm sure Microsoft will fix that 'oversight' sooner-rather-than-later in a mandatory update.

Or even better one that sends bad data to Microsoft. Maybe a nice little distributed computing project would be to know what data Microsoft is collecting and the write and distribute software that keeps feeding Microsoft bogus data to make their data collection less useful.

I think with Windows 10 we're seeing the advent of a brand of distributed computing in which 'error checking' takes place between MS servers and your computer. MS gets to define what an 'error' is; if the data your computer sends back to the mothership isn't what MS is expecting, they will simply discard it. And they may disable part or all of your OS functionality as well. Coming up with an algorithm which can successfully fool Redmond while sending false information might be quite a programming exercise.

...Microsoft might get the message and cut this out.

Not a chance. The only thing that will get Microsoft's attention is customers jumping ship in droves. And we all know that ain't gonna happen. Too many people don't understand where this is all going, and most of the rest simply don't care.

Re:poison the data

[jabberw0k]

we work with or support others who cannot be forced off Windows

If you help perpetuate such environments, you are being an Enabler in an abusive relationship. Stop doing that.

This is exactly what's wrong with Slashdot

The article claiming Windows 10 telemetry phoned home a ridiculous amount of times even when disabled was false. The user who conducted the experiment set telemetry to basic rather than turning it off. Furthermore, some of the apps that might make connections, what's known as the Windows out of the box experience, were not disabled. Furthermore, the router was configured to drop all outbound connections. As a result, the failed attempts to connect resulted in retrying or connecting to different mirrors over and over again. For some services like Windows Update this is completely reasonable behavior, otherwise they'd be vulnerable to a denial of service attack against the update server. The methodology exaggerated the amount of connections made by Windows while not even properly disabling telemetry. These are the facts. One reputable Slashdot user noted that when telemetry was disabled fully in the Enterprise version of Windows and all of the other apps were disabled, the only outbound connections were, in fact, Windows Update.

Despite the facts, Slashdot users complain about any story that suggests that Windows 10 telemetry isn't as severe as it's made out to be and accuse the authors of being Microsoft shills. Furthermore, these Slashdot users get modded up, and the parent is at +4 insightful. It seems that facts are optional in these discussions, and that's a shame. Those who make such false claims about Linux distros such as Ubuntu are rightly accused of being trolls and modded accordingly. But doing that to Microsoft is insightful.

Those of you who post such things and mod up such posts should be ashamed of yourselves. If privacy advocates want to be taken seriously, the discussions need to be based on facts instead of FUD. There are real issues with Windows telemetry namely that users are automatically opted in without being prompted, that Microsoft hasn't disclosed what data are sent to them, and that only the Enterprise versions of Windows 10 can fully disable the telemetry. These are real issues. But when there's so much FUD and misinformation, it damages the credibility of those who raise very legitimate objections. You should be ashamed of yourself for posting false information because it does a disservice to those with very real concerns about privacy.

Re:What the actual fuck

[thegarbz]

Even after the moronic voat user was shown to have completely screwed up the entire test slashdot is here referencing it yet again as fact? The new editors - just as shitty as the old ones.

a) timothy is not a new editor.
b) this article is talking about how garbage the results are.
c) old users still the same bitchy unappeasable old users.