Im sorry, but this is excessive. edit: Moar FUD!

Toggle sidebar Toggle sidebar
blackangst1

blackangst1

Lifer
Feb 23, 2005
22,902
2,359
126
Yeah yeah yeah another Windows spies on me thread. But, the difference is someone took the time to actually document the details.

First, the link.

In summary:
In a Voat thread last week, a user by the name of CheesusCrust published his findings after running a network traffic analysis relating to the telemetry and surveillance features of Windows 10. The results were troubling, to say the least.

While setting up a fresh copy of Windows 10 Enterprise Edition on VirtualBox, the user went through and disabled all three pages of tracking options, one by one. He then left the computer running for eight hours overnight, and returned to find that Windows 10 had attempted to contact 51 Microsoft IP addresses 5,508 times.

After 30 hours, over 112 IP addresses had been contacted.

The user attempted the same experiment once again with a fresh install of Windows 10 as well as a third party tool called DisableWinTracking. He discovered that the name of the tool is slightly misleading, as Windows 10 had contacted 30 IP addresses 2,758 times in the same 30 hour time frame.
Click to expand...

Original story HERE

Holy shit!
 
TheELF

TheELF

Diamond Member
Dec 22, 2012
4,027
753
126
blackangst1 said:
Yeah yeah yeah another Windows spies on me thread. But, the difference is someone took the time to actually document the details.
Click to expand...
Yeah cause it's 1999 and the PC only connects to the net for spying...
Was he logged in with a microsoft account?
Desktop settings get uploaded to the cloud now,just like chrome bookmarks,and I'm guessing they will be checked for synchronisation every now and then.
The same goes for the cloud drive if he logged in with an account that has files on there they were being downloaded.
Windows updates will check for updates and especially on a new installation there will be a lot of files downloaded also they now work with P2P technology,very handy for mobile devices and not only,still accounts for a lot of traffic.

And all of this is before mentioning the obvious, all the metro apps are updating the weather/news-headlines/game offers and so on.
 
Ketchup

Ketchup

Elite Member
Sep 1, 2002
14,559
248
106
I am going to look up some more just because, but the first one I looked up is 23.217.138.18. It is assigned to https://www.akamai.com/

Considering that 10 comes with OneDrive, seeing pings to a cloud services provider is not surprising at all. Especially if CheesusCrust was signed into his Microsoft account at the time.

What I would be interested to know if if this person did a similar test with Windows 8 or 7. I am guessing not.
 
RampantAndroid

RampantAndroid

Diamond Member
Jun 27, 2004
6,591
3
81
Windows also pings a time server regularly. There are a TON of things, either built into Windows or otherwise that will hit the network. In the day and age where we've got Akamai you could end up hitting multiple IPs depending on load even.

I've said before and I'll say again: to do a proper investigation of this, you need to be installing Fiddler, installing its certificate and turning on HTTPS decryption. Fiddler is network witchcraft...and assuming that the data is being sent as text (and not binary or something) it'll be readable in Fiddler.
 
MagnusTheBrewer

MagnusTheBrewer

IN MEMORIAM
Jun 19, 2004
24,122
1,594
126
This is 2016. Does anyone running ANY OS be it Linux or Bob or, BEOS think their internet usage and computing habits are anonymous?
 
Last edited:
blackangst1

blackangst1

Lifer
Feb 23, 2005
22,902
2,359
126
Ketchup said:
I am going to look up some more just because, but the first one I looked up is 23.217.138.18. It is assigned to https://www.akamai.com/

Considering that 10 comes with OneDrive, seeing pings to a cloud services provider is not surprising at all. Especially if CheesusCrust was signed into his Microsoft account at the time.

What I would be interested to know if if this person did a similar test with Windows 8 or 7. I am guessing not.
Click to expand...

I wondered the same thing so I asked on his thread
 
SparkyJJO

SparkyJJO

Lifer
May 16, 2002
13,357
7
81
While I do not recall exact details I had run wireshark once on my old XP laptop when trying to diagnose a network problem, and even back then doing "nothing" still had a lot of IP pinging going on.

The important part is not that things are getting pinged or establishing connection, but rather what exactly that connection is for. Hopefully he can clarify, or dig deeper and find out more, otherwise the info isn't really all that useful.
 
Red Squirrel

Red Squirrel

No Lifer
May 24, 2003
70,630
13,820
126
www.anyf.ca
Yeah I really don't like the idea of my computer connecting or interacting with that many outside servers. There's just no reason for it. This whole cloud movement is ridiculous especially in an age where our privacy is constantly being attacked by the government and corporations, we need to do more to protect our privacy instead of just giving it up. Worse is the general public eat up all this because of the coolness factor.

It's one of the reasons I run Linux now. Even with all the crap disabled in windows I still would not feel secure. Though I still like running a packet sniffer once in a while just to make sure there's nothing weird going on my network, and it's kinda interesting to see even local traffic.
 
KeithP

KeithP

Diamond Member
Jun 15, 2000
5,664
202
106
Well a Voat thread from CheesusCrust is definitive proof in my book. Even though he offers no information on any data that actually identified the user was transmitted, I am off Windows 10 for sure! :rolleyes:

-KeithP
 
Rhonda the Sly

Rhonda the Sly

Senior member
Nov 22, 2007
818
4
76
CheesusCrust said:
I have configured the DD-WRT router to drop and log all connection attempts via iptables through the DD-WRT router by Windows 10 Enterprise.
Click to expand...
The thing about this is that if Windows (or almost any piece of software) doesn't connect on it's first attempt, it will try again at some interval. Note that, from Window's perspective, the PC probably appears to connected to a network but is timing out when sending requests (someone else may need to back me up on that). There's no telling how many of those requests were "duplicates," so to speak.

In the table before the comments it looks like most of the identified IPs are Windows Update and Search/Cortana updates (for whatever reason they update independently of the rest of Window and the App Store).
 
Last edited:
Elixer

Elixer

Lifer
May 7, 2002
10,371
762
126
KeithP said:
Well a Voat thread from CheesusCrust is definitive proof in my book. Even though he offers no information on any data that actually identified the user was transmitted, I am off Windows 10 for sure! :rolleyes:

-KeithP
Click to expand...

Hey, it was posted on the internet, it must be true! :colbert:

Let's take a look at what you can disable on Win 10 Enterprise edition:
https://technet.microsoft.com/en-us/library/mt577208(v=vs.85).aspx
Now, since they turned off the "3 pages", what does that bring to the table?
IC845157.png

So, a simple look at the table will show us that you need to do more than what this person did.
Like...
When you enable the Don't search the web or display web results in Search Group Policy, you can control the behavior of whether Cortana searches the web to display web results. However, this policy only covers whether or not web search is performed. There could still be a small amount of network traffic to Bing.com to evaluate if certain Cortana components are up-to-date or not. In order to turn off that network activity completely, you can create a Windows Firewall rule to prevent outbound traffic.
Click to expand...
and so on...

So, is this anything new? Nope.
Was this version of Windows configured correct to disable everything? Nope.
Should it be easier to stop everything? Yep.
 
TeknoBug

TeknoBug

Platinum Member
Oct 2, 2013
2,084
31
91
Thing is, the Enterprise version shouldn't have that happen when you turn off all the tracking/privacy stuff.

You can add all those IPs to the HOSTS file in Windows\system32\ETC folder and all that traffic should stop.
 
Last edited:
balloonshark

balloonshark

Diamond Member
Jun 5, 2008
7,157
3,625
136
I'm far from an expert but I always thought you were more secure when your computer is not connecting in/out or listening on ports all the time. All it takes is one vulnerability in whatever is connecting in/out and you could be in trouble. Nobody seems to talk about that fact though.
 
Q

quikah

Diamond Member
Apr 7, 2003
4,205
749
126
TeknoBug said:
Thing is, the Enterprise version shouldn't have that happen when you turn off all the tracking/privacy stuff.

You can add all those IPs to the HOSTS file in Windows\system32\ETC folder and all that traffic should stop.
Click to expand...

To turn off in Enterprise you need to use group policy. The "tester" just used the GUI.

The methodology and analysis is so bad it just makes me cringe. The fact that this has become a news story is sad and pathetic and just proves that most tech "journalists" don't know jack about technology.

I have no idea what he was thinking when he set his firewall to drop everything. A good 50%+ of the connections are probably just retries. There is a default set of tiles (news, weather, store, etc.) that poll for updates regularly, windows activation, etc. None of this stuff is spying.

Guess the "tester" finally figured out what an embarrassment his test was since he deleted his post/username on voat.
 
E

Executioner

Senior member
Oct 24, 1999
783
9
81
Microsoft’s telemetry U-turn?

LOL another Forbes article. Maybe MS got so much blow back from all of their telemetry, which they never came out and stated what was actually collected, according to this article in Forbes, they plan to make a change.

In short: Microsoft is taking action. It has decided to release updates “later this year” which will enable users to fully control all background telemetry and data tracking and, if desired, disable it completely. Microsoft also asked me to stress that disabling these background operations is something it would “strongly recommend against”.

So should we get out our party hats and cheer? Yes and no.
Click to expand...

http://www.forbes.com/sites/gordonk...mpaign=yahootix&partner=yahootix#1312b6a39743
 
SparkyJJO

SparkyJJO

Lifer
May 16, 2002
13,357
7
81
Hey, even though I think some people are blowing it way out of proportion, if they are listening enough to it to make changes based on it then cool. They didn't always used to listen that well or that quickly.

That said, I'm sure there are people who will never, ever be happy no matter what MS does or does not do.
 
D

Dude111

Golden Member
Jan 19, 2010
1,497
7
81
blackangst1 said:
Holy shit!
Click to expand...
Yes which is why they are tryingh to FORCE everyone to WIn10 so they can be spied on also!! (Older OS's they dont have as much spying ability)

RESISTANCE IS THE ONLY WAY FORWARD!!!!!!!!!
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom