Privacy: Stay away from Windows 10

Bleipriester

Bleipriester

Freedom!
Nov 14, 2012
31,950
4,124
1,140
Doucheland
Whether there is a possibility that the following Windows 10 traffic analysis is a fake or not, it cannot be risked by people being in their right mind. Windows 10 is an always on keylogger, all your input will be sent to Microsoft. If you have a microphone, Microsoft receives all what you say. Microsoft will be indexing all your files, just when you start a local search for a popular movie or similar. When you plug in your webcam, you giving a free webcam show to Microsoft as large as 35 MB. If Windows 10 is idle for about 15 minuted, it will start recording your home, sending it to MS. Nothing of that can be turned off. So when you have Windows 10 running, it is about time to format c: and use another operating System.

"A Traffic Analysis of Windows 10
Note: Some readers have commented that the original source for the article is of questionably validity. If anyone can confirm or refute the original author's finding with actual data, please let me know in the comments, and I'll update this post accordingly.

Some Czech guy did a traffic analysis of data produced by Windows 10, and released his findings the other day. His primary thesis was that Windows 10 acts more like a terminal than an operating system -- because of the extent of the "cloud" integration, a large portion of the OS functions are almost dependent on remote (Microsoft's) servers. The amount of collected information, even with strict privacy settings, is quite alarming.

Information transmitted
All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:

oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com

There isn't a clear purpose for this, considering there there's no autocorrect/prediction anywhere in the OS (There is autocorrect in certain text fields, but the supposed purpose for transmitting these keystrokes is to improve autocorrect across devices. Whether a full keylog is necessary for this (as opposed to just corrections) is questionable. Furthermore, this appears to still occur even if the user is not signed in to a Microsoft account, eliminating the "across devices" benefit. Perhaps there is a global autocorrect dictionary that benefits all users, but the privacy implications of an un-disableable always-on keylogger outweigh these potential benefits.). The implications of this are significant: because this is an OS-level keylogger, all the data you're trying to transmit securely is now sitting on some MS server. This includes passwords and encrypted chats. This also includes the on-screen keyboard, so there is no way to authenticate to a website without MS also getting your password.

Telemetry is sent once per 5 minutes, to:

vortex.data.microsoft.com
vortex-win.data.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net

You might think that "telemetry" has to do with OS usage or similar... turns out it's telemetry about the user. For example, typing a phone number anywhere into the Edge browser transmits it to the servers above. In another example, typing the name of any popular movie into your local file search starts a telemetry process that indexes all media files on your computer and transmits them to:

df.telemetry.microsoft.com
reports.wes.df.telemetry.microsoft.com
cs1.wpc.v0cdn.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com

It's hard to imagine any purpose for this other than the obvious piracy crackdown possiblities.

When a webcam is first enabled, ~35mb of data gets immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net

Everything that is said into an enabled microphone is immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.urs.microsoft.com
cs1.wpc.v0cdn.net
statsfe1.ws.microsoft.com

If this weren't bad enough, this behaviour still occurs after Cortana is fully disabled/uninstalled. It's speculated that the purpose of this function to build up a massive voice database, then tie those voices to identities, and eventually be able to identify anyone simply by picking up their voice, whether it be a microphone in a public place or a wiretap on a payphone.

Interestingly, if Cortana is enabled, the voice is first transcribed to text, then the transcription is sent to:

pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com
df.telemetry.microsoft.com

If Windows is left unattended for ~15 mins, a large volume of traffic starts being transmitted to various servers. This may be the raw audio data, rather than just samples.

Other concerns
While the inital reflex may be to block all of the above servers via HOSTS, it turns out this won't work: Microsoft has taken the care to hardcode certain IPs, meaning that there is no DNS lookup and no HOSTS consultation. However, if the above servers are blocked via HOSTS, Windows will pretend to be crippled by continuously throwing errors, while still maintaining data collection in the background. Other than an increase in errors, HOSTS blocking did not affect the volume, frequency, or rate of data being transmitted.

Original article, credit AE News"

root@localghost:~#
 
There are scary features as far back as Win7.. I noticed that when I went to "save as" a file -- previous Win versions put up the file structure browse box and left it to you to navigate to the directory. Usually the default was the LAST directory you stored to.

But in Win7 -- I started to notice an uncanny ability for the OS to PREDICT what directory I would store it in. As it would open the browse dialog with (more often than not) a great guess as to where I wanted a file. So for instance -- if you have 22 client directories and you just pasted up some notes on one of them in Word -- the save as would navigate to THAT CLIENT directory. OOOOOOOOOOOOOOOOAH.

I'm convinced they are cataloging the content of your documents, extracting key search terms and comparing them to what RECENT work you are doing.

Haven't verified this -- but I'm sure SOMETHING is going on.. Now it could be innocent. As in Microsoft attempting to "help" you work. But the question comes up -- if they are cataloging and analyzing your work content -- where ELSE might that be useful to them. Hence MAYBE those Win10 features in the OP.

Should this be the case -- pretty much end of the line for Microsoft for ANY business applications.. Buy stock in Linux variants just in case.. Right now...
 
flacaltenn said:
There are scary features as far back as Win7.. I noticed that when I went to "save as" a file -- previous Win versions put up the file structure browse box and left it to you to navigate to the directory. Usually the default was the LAST directory you stored to.

But in Win7 -- I started to notice an uncanny ability for the OS to PREDICT what directory I would store it in. As it would open the browse dialog with (more often than not) a great guess as to where I wanted a file. So for instance -- if you have 22 client directories and you just pasted up some notes on one of them in Word -- the save as would navigate to THAT CLIENT directory. OOOOOOOOOOOOOOOOAH.

I'm convinced they are cataloging the content of your documents, extracting key search terms and comparing them to what RECENT work you are doing.

Haven't verified this -- but I'm sure SOMETHING is going on.. Now it could be innocent. As in Microsoft attempting to "help" you work. But the question comes up -- if they are cataloging and analyzing your work content -- where ELSE might that be useful to them. Hence MAYBE those Win10 features in the OP.

Should this be the case -- pretty much end of the line for Microsoft for ANY business applications.. Buy stock in Linux variants just in case.. Right now...
Click to expand...
I never heard about that feature or faced it.
 
Bleipriester said:
flacaltenn said:
There are scary features as far back as Win7.. I noticed that when I went to "save as" a file -- previous Win versions put up the file structure browse box and left it to you to navigate to the directory. Usually the default was the LAST directory you stored to.

But in Win7 -- I started to notice an uncanny ability for the OS to PREDICT what directory I would store it in. As it would open the browse dialog with (more often than not) a great guess as to where I wanted a file. So for instance -- if you have 22 client directories and you just pasted up some notes on one of them in Word -- the save as would navigate to THAT CLIENT directory. OOOOOOOOOOOOOOOOAH.

I'm convinced they are cataloging the content of your documents, extracting key search terms and comparing them to what RECENT work you are doing.

Haven't verified this -- but I'm sure SOMETHING is going on.. Now it could be innocent. As in Microsoft attempting to "help" you work. But the question comes up -- if they are cataloging and analyzing your work content -- where ELSE might that be useful to them. Hence MAYBE those Win10 features in the OP.

Should this be the case -- pretty much end of the line for Microsoft for ANY business applications.. Buy stock in Linux variants just in case.. Right now...
Click to expand...
I never heard about that feature or faced it.
Click to expand...

Are you regularly storing a lot of docs in folders? Not images or media, but MicroSoft Office or NotePad type text files??
 
Last edited:
flacaltenn said:
Bleipriester said:
flacaltenn said:
There are scary features as far back as Win7.. I noticed that when I went to "save as" a file -- previous Win versions put up the file structure browse box and left it to you to navigate to the directory. Usually the default was the LAST directory you stored to.

But in Win7 -- I started to notice an uncanny ability for the OS to PREDICT what directory I would store it in. As it would open the browse dialog with (more often than not) a great guess as to where I wanted a file. So for instance -- if you have 22 client directories and you just pasted up some notes on one of them in Word -- the save as would navigate to THAT CLIENT directory. OOOOOOOOOOOOOOOOAH.

I'm convinced they are cataloging the content of your documents, extracting key search terms and comparing them to what RECENT work you are doing.

Haven't verified this -- but I'm sure SOMETHING is going on.. Now it could be innocent. As in Microsoft attempting to "help" you work. But the question comes up -- if they are cataloging and analyzing your work content -- where ELSE might that be useful to them. Hence MAYBE those Win10 features in the OP.

Should this be the case -- pretty much end of the line for Microsoft for ANY business applications.. Buy stock in Linux variants just in case.. Right now...
Click to expand...
I never heard about that feature or faced it.
Click to expand...

Are you regularly storing a lot of docs in folders? Not images or media, but MicroSoft Office type files??
Click to expand...
No. But Office has a default location for saved documents: user\documents.
 
Bleipriester said:
Whether there is a possibility that the following Windows 10 traffic analysis is a fake or not, it cannot be risked by people being in their right mind. Windows 10 is an always on keylogger, all your input will be sent to Microsoft. If you have a microphone, Microsoft receives all what you say. Microsoft will be indexing all your files, just when you start a local search for a popular movie or similar. When you plug in your webcam, you giving a free webcam show to Microsoft as large as 35 MB. If Windows 10 is idle for about 15 minuted, it will start recording your home, sending it to MS. Nothing of that can be turned off. So when you have Windows 10 running, it is about time to format c: and use another operating System.

"A Traffic Analysis of Windows 10
Note: Some readers have commented that the original source for the article is of questionably validity. If anyone can confirm or refute the original author's finding with actual data, please let me know in the comments, and I'll update this post accordingly.

Some Czech guy did a traffic analysis of data produced by Windows 10, and released his findings the other day. His primary thesis was that Windows 10 acts more like a terminal than an operating system -- because of the extent of the "cloud" integration, a large portion of the OS functions are almost dependent on remote (Microsoft's) servers. The amount of collected information, even with strict privacy settings, is quite alarming.

Information transmitted
All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:

oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com

There isn't a clear purpose for this, considering there there's no autocorrect/prediction anywhere in the OS (There is autocorrect in certain text fields, but the supposed purpose for transmitting these keystrokes is to improve autocorrect across devices. Whether a full keylog is necessary for this (as opposed to just corrections) is questionable. Furthermore, this appears to still occur even if the user is not signed in to a Microsoft account, eliminating the "across devices" benefit. Perhaps there is a global autocorrect dictionary that benefits all users, but the privacy implications of an un-disableable always-on keylogger outweigh these potential benefits.). The implications of this are significant: because this is an OS-level keylogger, all the data you're trying to transmit securely is now sitting on some MS server. This includes passwords and encrypted chats. This also includes the on-screen keyboard, so there is no way to authenticate to a website without MS also getting your password.

Telemetry is sent once per 5 minutes, to:

vortex.data.microsoft.com
vortex-win.data.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net

You might think that "telemetry" has to do with OS usage or similar... turns out it's telemetry about the user. For example, typing a phone number anywhere into the Edge browser transmits it to the servers above. In another example, typing the name of any popular movie into your local file search starts a telemetry process that indexes all media files on your computer and transmits them to:

df.telemetry.microsoft.com
reports.wes.df.telemetry.microsoft.com
cs1.wpc.v0cdn.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com

It's hard to imagine any purpose for this other than the obvious piracy crackdown possiblities.

When a webcam is first enabled, ~35mb of data gets immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net

Everything that is said into an enabled microphone is immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.urs.microsoft.com
cs1.wpc.v0cdn.net
statsfe1.ws.microsoft.com

If this weren't bad enough, this behaviour still occurs after Cortana is fully disabled/uninstalled. It's speculated that the purpose of this function to build up a massive voice database, then tie those voices to identities, and eventually be able to identify anyone simply by picking up their voice, whether it be a microphone in a public place or a wiretap on a payphone.

Interestingly, if Cortana is enabled, the voice is first transcribed to text, then the transcription is sent to:

pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com
df.telemetry.microsoft.com

If Windows is left unattended for ~15 mins, a large volume of traffic starts being transmitted to various servers. This may be the raw audio data, rather than just samples.

Other concerns
While the inital reflex may be to block all of the above servers via HOSTS, it turns out this won't work: Microsoft has taken the care to hardcode certain IPs, meaning that there is no DNS lookup and no HOSTS consultation. However, if the above servers are blocked via HOSTS, Windows will pretend to be crippled by continuously throwing errors, while still maintaining data collection in the background. Other than an increase in errors, HOSTS blocking did not affect the volume, frequency, or rate of data being transmitted.

Original article, credit AE News"

root@localghost:~#
Click to expand...
Turn off all the sharing with Microsoft features and don't use IE or whatever they're calling it now. It's not hard to do.
 
Thanks for your hysterical post but I've posted at least five threads showing exactly what you can do to stop Win10 sending browsing and other information to other websites.

Did you bother to read ANY of them?
 
Ringel05 said:
Bleipriester said:
Whether there is a possibility that the following Windows 10 traffic analysis is a fake or not, it cannot be risked by people being in their right mind. Windows 10 is an always on keylogger, all your input will be sent to Microsoft. If you have a microphone, Microsoft receives all what you say. Microsoft will be indexing all your files, just when you start a local search for a popular movie or similar. When you plug in your webcam, you giving a free webcam show to Microsoft as large as 35 MB. If Windows 10 is idle for about 15 minuted, it will start recording your home, sending it to MS. Nothing of that can be turned off. So when you have Windows 10 running, it is about time to format c: and use another operating System.

"A Traffic Analysis of Windows 10
Note: Some readers have commented that the original source for the article is of questionably validity. If anyone can confirm or refute the original author's finding with actual data, please let me know in the comments, and I'll update this post accordingly.

Some Czech guy did a traffic analysis of data produced by Windows 10, and released his findings the other day. His primary thesis was that Windows 10 acts more like a terminal than an operating system -- because of the extent of the "cloud" integration, a large portion of the OS functions are almost dependent on remote (Microsoft's) servers. The amount of collected information, even with strict privacy settings, is quite alarming.

Information transmitted
All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:

oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com

There isn't a clear purpose for this, considering there there's no autocorrect/prediction anywhere in the OS (There is autocorrect in certain text fields, but the supposed purpose for transmitting these keystrokes is to improve autocorrect across devices. Whether a full keylog is necessary for this (as opposed to just corrections) is questionable. Furthermore, this appears to still occur even if the user is not signed in to a Microsoft account, eliminating the "across devices" benefit. Perhaps there is a global autocorrect dictionary that benefits all users, but the privacy implications of an un-disableable always-on keylogger outweigh these potential benefits.). The implications of this are significant: because this is an OS-level keylogger, all the data you're trying to transmit securely is now sitting on some MS server. This includes passwords and encrypted chats. This also includes the on-screen keyboard, so there is no way to authenticate to a website without MS also getting your password.

Telemetry is sent once per 5 minutes, to:

vortex.data.microsoft.com
vortex-win.data.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net

You might think that "telemetry" has to do with OS usage or similar... turns out it's telemetry about the user. For example, typing a phone number anywhere into the Edge browser transmits it to the servers above. In another example, typing the name of any popular movie into your local file search starts a telemetry process that indexes all media files on your computer and transmits them to:

df.telemetry.microsoft.com
reports.wes.df.telemetry.microsoft.com
cs1.wpc.v0cdn.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com

It's hard to imagine any purpose for this other than the obvious piracy crackdown possiblities.

When a webcam is first enabled, ~35mb of data gets immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net

Everything that is said into an enabled microphone is immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.urs.microsoft.com
cs1.wpc.v0cdn.net
statsfe1.ws.microsoft.com

If this weren't bad enough, this behaviour still occurs after Cortana is fully disabled/uninstalled. It's speculated that the purpose of this function to build up a massive voice database, then tie those voices to identities, and eventually be able to identify anyone simply by picking up their voice, whether it be a microphone in a public place or a wiretap on a payphone.

Interestingly, if Cortana is enabled, the voice is first transcribed to text, then the transcription is sent to:

pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com
df.telemetry.microsoft.com

If Windows is left unattended for ~15 mins, a large volume of traffic starts being transmitted to various servers. This may be the raw audio data, rather than just samples.

Other concerns
While the inital reflex may be to block all of the above servers via HOSTS, it turns out this won't work: Microsoft has taken the care to hardcode certain IPs, meaning that there is no DNS lookup and no HOSTS consultation. However, if the above servers are blocked via HOSTS, Windows will pretend to be crippled by continuously throwing errors, while still maintaining data collection in the background. Other than an increase in errors, HOSTS blocking did not affect the volume, frequency, or rate of data being transmitted.

Original article, credit AE News"

root@localghost:~#
Click to expand...
Turn off all the sharing with Microsoft features and don't use IE or whatever they're calling it now. It's not hard to do.
Click to expand...
Thanks for that great advice. Seems, I just have missed the option to turn off the always-on keylogger and the bug. Cannot read something about the "disable free webcam shows", either.
 
Bleipriester said:
Ringel05 said:
Bleipriester said:
Whether there is a possibility that the following Windows 10 traffic analysis is a fake or not, it cannot be risked by people being in their right mind. Windows 10 is an always on keylogger, all your input will be sent to Microsoft. If you have a microphone, Microsoft receives all what you say. Microsoft will be indexing all your files, just when you start a local search for a popular movie or similar. When you plug in your webcam, you giving a free webcam show to Microsoft as large as 35 MB. If Windows 10 is idle for about 15 minuted, it will start recording your home, sending it to MS. Nothing of that can be turned off. So when you have Windows 10 running, it is about time to format c: and use another operating System.

"A Traffic Analysis of Windows 10
Note: Some readers have commented that the original source for the article is of questionably validity. If anyone can confirm or refute the original author's finding with actual data, please let me know in the comments, and I'll update this post accordingly.

Some Czech guy did a traffic analysis of data produced by Windows 10, and released his findings the other day. His primary thesis was that Windows 10 acts more like a terminal than an operating system -- because of the extent of the "cloud" integration, a large portion of the OS functions are almost dependent on remote (Microsoft's) servers. The amount of collected information, even with strict privacy settings, is quite alarming.

Information transmitted
All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:

oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com

There isn't a clear purpose for this, considering there there's no autocorrect/prediction anywhere in the OS (There is autocorrect in certain text fields, but the supposed purpose for transmitting these keystrokes is to improve autocorrect across devices. Whether a full keylog is necessary for this (as opposed to just corrections) is questionable. Furthermore, this appears to still occur even if the user is not signed in to a Microsoft account, eliminating the "across devices" benefit. Perhaps there is a global autocorrect dictionary that benefits all users, but the privacy implications of an un-disableable always-on keylogger outweigh these potential benefits.). The implications of this are significant: because this is an OS-level keylogger, all the data you're trying to transmit securely is now sitting on some MS server. This includes passwords and encrypted chats. This also includes the on-screen keyboard, so there is no way to authenticate to a website without MS also getting your password.

Telemetry is sent once per 5 minutes, to:

vortex.data.microsoft.com
vortex-win.data.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net

You might think that "telemetry" has to do with OS usage or similar... turns out it's telemetry about the user. For example, typing a phone number anywhere into the Edge browser transmits it to the servers above. In another example, typing the name of any popular movie into your local file search starts a telemetry process that indexes all media files on your computer and transmits them to:

df.telemetry.microsoft.com
reports.wes.df.telemetry.microsoft.com
cs1.wpc.v0cdn.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com

It's hard to imagine any purpose for this other than the obvious piracy crackdown possiblities.

When a webcam is first enabled, ~35mb of data gets immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net

Everything that is said into an enabled microphone is immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.urs.microsoft.com
cs1.wpc.v0cdn.net
statsfe1.ws.microsoft.com

If this weren't bad enough, this behaviour still occurs after Cortana is fully disabled/uninstalled. It's speculated that the purpose of this function to build up a massive voice database, then tie those voices to identities, and eventually be able to identify anyone simply by picking up their voice, whether it be a microphone in a public place or a wiretap on a payphone.

Interestingly, if Cortana is enabled, the voice is first transcribed to text, then the transcription is sent to:

pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com
df.telemetry.microsoft.com

If Windows is left unattended for ~15 mins, a large volume of traffic starts being transmitted to various servers. This may be the raw audio data, rather than just samples.

Other concerns
While the inital reflex may be to block all of the above servers via HOSTS, it turns out this won't work: Microsoft has taken the care to hardcode certain IPs, meaning that there is no DNS lookup and no HOSTS consultation. However, if the above servers are blocked via HOSTS, Windows will pretend to be crippled by continuously throwing errors, while still maintaining data collection in the background. Other than an increase in errors, HOSTS blocking did not affect the volume, frequency, or rate of data being transmitted.

Original article, credit AE News"

root@localghost:~#
Click to expand...
Turn off all the sharing with Microsoft features and don't use IE or whatever they're calling it now. It's not hard to do.
Click to expand...
Thanks for that great advice. I just missed the option to turn out the keylogger and the bug. Cannot read something about the "disable free webcam shows", either.
Click to expand...
Local login and don't use IE (Edge).
 
longknife said:
Thanks for your hysterical post but I've posted at least five threads showing exactly what you can do to stop Win10 sending browsing and other information to other websites.

Did you bother to read ANY of them?
Click to expand...
Why do you create five threads on how to turn off Windows 10´s spying while you yet have to learn what a task manager is? Can´t you imagine, this malware cannot be prevented from spying on you except by deleting it completely? Not nice, to reply like that to my thread that is only meant to help you.
 
Last edited:
Ringel05 said:
Bleipriester said:
Ringel05 said:
Bleipriester said:
Whether there is a possibility that the following Windows 10 traffic analysis is a fake or not, it cannot be risked by people being in their right mind. Windows 10 is an always on keylogger, all your input will be sent to Microsoft. If you have a microphone, Microsoft receives all what you say. Microsoft will be indexing all your files, just when you start a local search for a popular movie or similar. When you plug in your webcam, you giving a free webcam show to Microsoft as large as 35 MB. If Windows 10 is idle for about 15 minuted, it will start recording your home, sending it to MS. Nothing of that can be turned off. So when you have Windows 10 running, it is about time to format c: and use another operating System.

"A Traffic Analysis of Windows 10
Note: Some readers have commented that the original source for the article is of questionably validity. If anyone can confirm or refute the original author's finding with actual data, please let me know in the comments, and I'll update this post accordingly.

Some Czech guy did a traffic analysis of data produced by Windows 10, and released his findings the other day. His primary thesis was that Windows 10 acts more like a terminal than an operating system -- because of the extent of the "cloud" integration, a large portion of the OS functions are almost dependent on remote (Microsoft's) servers. The amount of collected information, even with strict privacy settings, is quite alarming.

Information transmitted
All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:

oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com

There isn't a clear purpose for this, considering there there's no autocorrect/prediction anywhere in the OS (There is autocorrect in certain text fields, but the supposed purpose for transmitting these keystrokes is to improve autocorrect across devices. Whether a full keylog is necessary for this (as opposed to just corrections) is questionable. Furthermore, this appears to still occur even if the user is not signed in to a Microsoft account, eliminating the "across devices" benefit. Perhaps there is a global autocorrect dictionary that benefits all users, but the privacy implications of an un-disableable always-on keylogger outweigh these potential benefits.). The implications of this are significant: because this is an OS-level keylogger, all the data you're trying to transmit securely is now sitting on some MS server. This includes passwords and encrypted chats. This also includes the on-screen keyboard, so there is no way to authenticate to a website without MS also getting your password.

Telemetry is sent once per 5 minutes, to:

vortex.data.microsoft.com
vortex-win.data.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net

You might think that "telemetry" has to do with OS usage or similar... turns out it's telemetry about the user. For example, typing a phone number anywhere into the Edge browser transmits it to the servers above. In another example, typing the name of any popular movie into your local file search starts a telemetry process that indexes all media files on your computer and transmits them to:

df.telemetry.microsoft.com
reports.wes.df.telemetry.microsoft.com
cs1.wpc.v0cdn.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com

It's hard to imagine any purpose for this other than the obvious piracy crackdown possiblities.

When a webcam is first enabled, ~35mb of data gets immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net

Everything that is said into an enabled microphone is immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.urs.microsoft.com
cs1.wpc.v0cdn.net
statsfe1.ws.microsoft.com

If this weren't bad enough, this behaviour still occurs after Cortana is fully disabled/uninstalled. It's speculated that the purpose of this function to build up a massive voice database, then tie those voices to identities, and eventually be able to identify anyone simply by picking up their voice, whether it be a microphone in a public place or a wiretap on a payphone.

Interestingly, if Cortana is enabled, the voice is first transcribed to text, then the transcription is sent to:

pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com
df.telemetry.microsoft.com

If Windows is left unattended for ~15 mins, a large volume of traffic starts being transmitted to various servers. This may be the raw audio data, rather than just samples.

Other concerns
While the inital reflex may be to block all of the above servers via HOSTS, it turns out this won't work: Microsoft has taken the care to hardcode certain IPs, meaning that there is no DNS lookup and no HOSTS consultation. However, if the above servers are blocked via HOSTS, Windows will pretend to be crippled by continuously throwing errors, while still maintaining data collection in the background. Other than an increase in errors, HOSTS blocking did not affect the volume, frequency, or rate of data being transmitted.

Original article, credit AE News"

root@localghost:~#
Click to expand...
Turn off all the sharing with Microsoft features and don't use IE or whatever they're calling it now. It's not hard to do.
Click to expand...
Thanks for that great advice. I just missed the option to turn out the keylogger and the bug. Cannot read something about the "disable free webcam shows", either.
Click to expand...
Local login and don't use IE (Edge).
Click to expand...
This isn´t helping. You did not read the report.
 
Bleipriester said:
Ringel05 said:
Bleipriester said:
Ringel05 said:
Bleipriester said:
Whether there is a possibility that the following Windows 10 traffic analysis is a fake or not, it cannot be risked by people being in their right mind. Windows 10 is an always on keylogger, all your input will be sent to Microsoft. If you have a microphone, Microsoft receives all what you say. Microsoft will be indexing all your files, just when you start a local search for a popular movie or similar. When you plug in your webcam, you giving a free webcam show to Microsoft as large as 35 MB. If Windows 10 is idle for about 15 minuted, it will start recording your home, sending it to MS. Nothing of that can be turned off. So when you have Windows 10 running, it is about time to format c: and use another operating System.

"A Traffic Analysis of Windows 10
Note: Some readers have commented that the original source for the article is of questionably validity. If anyone can confirm or refute the original author's finding with actual data, please let me know in the comments, and I'll update this post accordingly.

Some Czech guy did a traffic analysis of data produced by Windows 10, and released his findings the other day. His primary thesis was that Windows 10 acts more like a terminal than an operating system -- because of the extent of the "cloud" integration, a large portion of the OS functions are almost dependent on remote (Microsoft's) servers. The amount of collected information, even with strict privacy settings, is quite alarming.

Information transmitted
All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:

oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com

There isn't a clear purpose for this, considering there there's no autocorrect/prediction anywhere in the OS (There is autocorrect in certain text fields, but the supposed purpose for transmitting these keystrokes is to improve autocorrect across devices. Whether a full keylog is necessary for this (as opposed to just corrections) is questionable. Furthermore, this appears to still occur even if the user is not signed in to a Microsoft account, eliminating the "across devices" benefit. Perhaps there is a global autocorrect dictionary that benefits all users, but the privacy implications of an un-disableable always-on keylogger outweigh these potential benefits.). The implications of this are significant: because this is an OS-level keylogger, all the data you're trying to transmit securely is now sitting on some MS server. This includes passwords and encrypted chats. This also includes the on-screen keyboard, so there is no way to authenticate to a website without MS also getting your password.

Telemetry is sent once per 5 minutes, to:

vortex.data.microsoft.com
vortex-win.data.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net

You might think that "telemetry" has to do with OS usage or similar... turns out it's telemetry about the user. For example, typing a phone number anywhere into the Edge browser transmits it to the servers above. In another example, typing the name of any popular movie into your local file search starts a telemetry process that indexes all media files on your computer and transmits them to:

df.telemetry.microsoft.com
reports.wes.df.telemetry.microsoft.com
cs1.wpc.v0cdn.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com

It's hard to imagine any purpose for this other than the obvious piracy crackdown possiblities.

When a webcam is first enabled, ~35mb of data gets immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net

Everything that is said into an enabled microphone is immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.urs.microsoft.com
cs1.wpc.v0cdn.net
statsfe1.ws.microsoft.com

If this weren't bad enough, this behaviour still occurs after Cortana is fully disabled/uninstalled. It's speculated that the purpose of this function to build up a massive voice database, then tie those voices to identities, and eventually be able to identify anyone simply by picking up their voice, whether it be a microphone in a public place or a wiretap on a payphone.

Interestingly, if Cortana is enabled, the voice is first transcribed to text, then the transcription is sent to:

pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com
df.telemetry.microsoft.com

If Windows is left unattended for ~15 mins, a large volume of traffic starts being transmitted to various servers. This may be the raw audio data, rather than just samples.

Other concerns
While the inital reflex may be to block all of the above servers via HOSTS, it turns out this won't work: Microsoft has taken the care to hardcode certain IPs, meaning that there is no DNS lookup and no HOSTS consultation. However, if the above servers are blocked via HOSTS, Windows will pretend to be crippled by continuously throwing errors, while still maintaining data collection in the background. Other than an increase in errors, HOSTS blocking did not affect the volume, frequency, or rate of data being transmitted.

Original article, credit AE News"

root@localghost:~#
Click to expand...
Turn off all the sharing with Microsoft features and don't use IE or whatever they're calling it now. It's not hard to do.
Click to expand...
Thanks for that great advice. I just missed the option to turn out the keylogger and the bug. Cannot read something about the "disable free webcam shows", either.
Click to expand...
Local login and don't use IE (Edge).
Click to expand...
This isn´t helping. You did not read the report.
Click to expand...
Not sure it true but I turned off the Cloud which is where it's probably coming from so I saw nothing. However for me it's now a mute point, I just reverted back to Win 7. I will make sure everything in 7 is locked down.
 
Ringel05 said:
Bleipriester said:
Ringel05 said:
Bleipriester said:
Ringel05 said:
Bleipriester said:
Whether there is a possibility that the following Windows 10 traffic analysis is a fake or not, it cannot be risked by people being in their right mind. Windows 10 is an always on keylogger, all your input will be sent to Microsoft. If you have a microphone, Microsoft receives all what you say. Microsoft will be indexing all your files, just when you start a local search for a popular movie or similar. When you plug in your webcam, you giving a free webcam show to Microsoft as large as 35 MB. If Windows 10 is idle for about 15 minuted, it will start recording your home, sending it to MS. Nothing of that can be turned off. So when you have Windows 10 running, it is about time to format c: and use another operating System.

"A Traffic Analysis of Windows 10
Note: Some readers have commented that the original source for the article is of questionably validity. If anyone can confirm or refute the original author's finding with actual data, please let me know in the comments, and I'll update this post accordingly.

Some Czech guy did a traffic analysis of data produced by Windows 10, and released his findings the other day. His primary thesis was that Windows 10 acts more like a terminal than an operating system -- because of the extent of the "cloud" integration, a large portion of the OS functions are almost dependent on remote (Microsoft's) servers. The amount of collected information, even with strict privacy settings, is quite alarming.

Information transmitted
All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:

oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com

There isn't a clear purpose for this, considering there there's no autocorrect/prediction anywhere in the OS (There is autocorrect in certain text fields, but the supposed purpose for transmitting these keystrokes is to improve autocorrect across devices. Whether a full keylog is necessary for this (as opposed to just corrections) is questionable. Furthermore, this appears to still occur even if the user is not signed in to a Microsoft account, eliminating the "across devices" benefit. Perhaps there is a global autocorrect dictionary that benefits all users, but the privacy implications of an un-disableable always-on keylogger outweigh these potential benefits.). The implications of this are significant: because this is an OS-level keylogger, all the data you're trying to transmit securely is now sitting on some MS server. This includes passwords and encrypted chats. This also includes the on-screen keyboard, so there is no way to authenticate to a website without MS also getting your password.

Telemetry is sent once per 5 minutes, to:

vortex.data.microsoft.com
vortex-win.data.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net

You might think that "telemetry" has to do with OS usage or similar... turns out it's telemetry about the user. For example, typing a phone number anywhere into the Edge browser transmits it to the servers above. In another example, typing the name of any popular movie into your local file search starts a telemetry process that indexes all media files on your computer and transmits them to:

df.telemetry.microsoft.com
reports.wes.df.telemetry.microsoft.com
cs1.wpc.v0cdn.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com

It's hard to imagine any purpose for this other than the obvious piracy crackdown possiblities.

When a webcam is first enabled, ~35mb of data gets immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net

Everything that is said into an enabled microphone is immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.urs.microsoft.com
cs1.wpc.v0cdn.net
statsfe1.ws.microsoft.com

If this weren't bad enough, this behaviour still occurs after Cortana is fully disabled/uninstalled. It's speculated that the purpose of this function to build up a massive voice database, then tie those voices to identities, and eventually be able to identify anyone simply by picking up their voice, whether it be a microphone in a public place or a wiretap on a payphone.

Interestingly, if Cortana is enabled, the voice is first transcribed to text, then the transcription is sent to:

pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com
df.telemetry.microsoft.com

If Windows is left unattended for ~15 mins, a large volume of traffic starts being transmitted to various servers. This may be the raw audio data, rather than just samples.

Other concerns
While the inital reflex may be to block all of the above servers via HOSTS, it turns out this won't work: Microsoft has taken the care to hardcode certain IPs, meaning that there is no DNS lookup and no HOSTS consultation. However, if the above servers are blocked via HOSTS, Windows will pretend to be crippled by continuously throwing errors, while still maintaining data collection in the background. Other than an increase in errors, HOSTS blocking did not affect the volume, frequency, or rate of data being transmitted.

Original article, credit AE News"

root@localghost:~#
Click to expand...
Turn off all the sharing with Microsoft features and don't use IE or whatever they're calling it now. It's not hard to do.
Click to expand...
Thanks for that great advice. I just missed the option to turn out the keylogger and the bug. Cannot read something about the "disable free webcam shows", either.
Click to expand...
Local login and don't use IE (Edge).
Click to expand...
This isn´t helping. You did not read the report.
Click to expand...
Not sure it true but I turned off the Cloud which is where it's probably coming from so I saw nothing. However for me it's now a mute point, I just reverted back to Win 7. I will make sure everything in 7 is locked down.
Click to expand...
I would even consider a clean setup. What exactly are you going to disable in Win7?
 
Bleipriester said:
Ringel05 said:
Bleipriester said:
Ringel05 said:
Bleipriester said:
Ringel05 said:
Turn off all the sharing with Microsoft features and don't use IE or whatever they're calling it now. It's not hard to do.
Click to expand...
Thanks for that great advice. I just missed the option to turn out the keylogger and the bug. Cannot read something about the "disable free webcam shows", either.
Click to expand...
Local login and don't use IE (Edge).
Click to expand...
This isn´t helping. You did not read the report.
Click to expand...
Not sure it true but I turned off the Cloud which is where it's probably coming from so I saw nothing. However for me it's now a mute point, I just reverted back to Win 7. I will make sure everything in 7 is locked down.
Click to expand...
I would even consider a clean setup. What exactly are you going to disable in Win7?
Click to expand...
Probably nothing I need to since I uninstalled IE, don't think that is an option in Win 10. The only way Microsoft can communicate with my systems is if they do so through Firefox cause they're not getting through my firewall unless I let them.
 
Bleipriester said:
Ringel05 said:
Bleipriester said:
Ringel05 said:
Bleipriester said:
Ringel05 said:
Turn off all the sharing with Microsoft features and don't use IE or whatever they're calling it now. It's not hard to do.
Click to expand...
Thanks for that great advice. I just missed the option to turn out the keylogger and the bug. Cannot read something about the "disable free webcam shows", either.
Click to expand...
Local login and don't use IE (Edge).
Click to expand...
This isn´t helping. You did not read the report.
Click to expand...
Not sure it true but I turned off the Cloud which is where it's probably coming from so I saw nothing. However for me it's now a mute point, I just reverted back to Win 7. I will make sure everything in 7 is locked down.
Click to expand...
I would even consider a clean setup. What exactly are you going to disable in Win7?
Click to expand...
Oh yeah, I found this:

How to Uninstall Microsoft Spying Updates from Windows 7/8
 
Ringel05 said:
Bleipriester said:
Ringel05 said:
Bleipriester said:
Ringel05 said:
Bleipriester said:
Thanks for that great advice. I just missed the option to turn out the keylogger and the bug. Cannot read something about the "disable free webcam shows", either.
Click to expand...
Local login and don't use IE (Edge).
Click to expand...
This isn´t helping. You did not read the report.
Click to expand...
Not sure it true but I turned off the Cloud which is where it's probably coming from so I saw nothing. However for me it's now a mute point, I just reverted back to Win 7. I will make sure everything in 7 is locked down.
Click to expand...
I would even consider a clean setup. What exactly are you going to disable in Win7?
Click to expand...
Probably nothing I need to since I uninstalled IE, don't think that is an option in Win 10. The only way Microsoft can communicate with my systems is if they do so through Firefox cause they're not getting through my firewall unless I let them.
Click to expand...
I disabled everything with the Windows Firewall and allow only some programs that require Internet like Cyberfox but I am currently experimenting with Endpoint Protection. This tool has an unbeaten variety of options and also features a firewall. it is going to require some induction.
 
Ringel05 said:
Bleipriester said:
Ringel05 said:
Bleipriester said:
Ringel05 said:
Bleipriester said:
Thanks for that great advice. I just missed the option to turn out the keylogger and the bug. Cannot read something about the "disable free webcam shows", either.
Click to expand...
Local login and don't use IE (Edge).
Click to expand...
This isn´t helping. You did not read the report.
Click to expand...
Not sure it true but I turned off the Cloud which is where it's probably coming from so I saw nothing. However for me it's now a mute point, I just reverted back to Win 7. I will make sure everything in 7 is locked down.
Click to expand...
I would even consider a clean setup. What exactly are you going to disable in Win7?
Click to expand...
Oh yeah, I found this:

How to Uninstall Microsoft Spying Updates from Windows 7/8
Click to expand...
Checked some and don´t have them. I only install security updates that I get via an updatepack. Thanks, though.
 
You must log in or register to reply here.

Went ahead and upgraded

< Previous Thread

Just spent an hour

Next Thread >

Similar threads

Ringel05
Windows 12?
2 3
Replies
47
Views
1K
Resnic
Resnic
martybegan
NYPD sergeants’ union warns anti-police NY pols to stay away from slain cop Jonathan Diller’s funeral
Replies
13
Views
213
Rambunctious
Rambunctious
Ringel05
Zorin OS 16.2, Best Alternative to Windows?
2
Replies
20
Views
1K
The Duke
The Duke
Resnic
Microsoft collects a staggering amount of data off windows 11. Video shows difference between 11 and previous windows.
Replies
2
Views
183
iamwhatiseem
iamwhatiseem
excalibur
Biden Admin Reduces Savings Estimate for Americans Switching Away From Gas Stoves: Industry Group
Replies
4
Views
139
Independentthinker
Independentthinker

Latest Discussions

RhodyPatriot
Revealed: Biden Crime Family was in business with state sponsor of terrorism QATAR when Joe got his $200k check
2 3
Replies
42
Views
227
RhodyPatriot
RhodyPatriot
elektra
Jan. 6th, The Law, and Nancy Pelosi's Dereliction of Duty
9 10 11
Replies
210
Views
1K
elektra
elektra
H
Why isn't the Biden administration investigating George Soros and his funding of the college anti-Jewish protests?
4 5 6
Replies
102
Views
430
john doe 101
J
skye
BREAKING: Arizona Republican Party Declares Covid-19 Injections Biological and Technological Weapons, Passes Ban the Jab Resolution!
Replies
17
Views
31
Lastamender
Lastamender
Mortimer
Zone1 Racial Taxonomy of a few relatives of my mum typical balkan gypsies
Replies
0
Views
1
Mortimer
Mortimer
View more…

Forum List

Back
Top