Author Topic: Windows is getting disgusting  (Read 158502 times)

0 Members and 1 Guest are viewing this topic.

Offline eugenenine

  • Frequent Contributor
  • **
  • Posts: 830
  • Country: us
Re: Windows is getting disgusting
« Reply #800 on: February 23, 2017, 03:23:58 pm »
You can use an android without google though, simply don't sign in and use other services (for example I sync my data via owncloud).  Or you could even even re-flash your android with one of the modded images without the google software.  So you still have some choice there.
 

Offline GonzoTheGreat

  • Regular Contributor
  • *
  • Posts: 102
  • Country: aq
Re: Windows is getting disgusting
« Reply #801 on: March 19, 2019, 11:21:38 pm »
Quote from: https://gist.github.com/xvitaly/eafa75ed2cb79b3bd4e9#gistcomment-2835441


All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:
oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com

Telemetry is sent once per 5 minutes, to:
vortex.data.microsoft.com
vortex-win.data.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net

Typing the name of any popular movie into your local file search starts a telemetry process that indexes all media files on your computer and transmits them to:
df.telemetry.microsoft.com
reports.wes.df.telemetry.microsoft.com
cs1.wpc.v0cdn.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com

When a webcam is first enabled, ~35mb of data gets immediately transmitted to:
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net

Everything that is said into an enabled microphone is immediately transmitted to:
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.urs.microsoft.com
cs1.wpc.v0cdn.net
statsfe1.ws.microsoft.com

This behaviour still occurs after Cortana is fully disabled/uninstalled.

Interestingly, if Cortana is enabled, the voice is first transcribed to text, then the transcription is sent to:


pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com
df.telemetry.microsoft.com

While the inital reflex may be to block all of the above servers via HOSTS, it turns out this won't work: Microsoft has taken the care to hardcode certain IPs,
meaning that there is no DNS lookup and no HOSTS consultation. However, if the above servers are blocked via HOSTS, Windows will pretend to be crippled by continuously throwing errors, while still maintaining data collection in the background. Other than an increase in errors, HOSTS blocking did not affect the volume, frequency, or rate of data being transmitted.

http://archive.today/2016.06.09-060928/http://www.wilderssecurity.com/threads/list-of-windows-7-telemetry-updates-to-avoid.379151/page-3
More:
sqm.telemetry.microsoft.com

telecommand.telemetry.microsoft.com

adaptv-pubnet.telemetryaudit.com

spc--cehhhdngdgedkhcfhekgjhje.telemetryverification.net

1009 spc--cehhhdngdgedkhcfhekgjhje.telemetryverification.net 1

This domain resolved normally. You can block this domain or block similar domains .


1010 au--cebhjdeeihkhghcdcejcidada1.telemetryverification.net 1
1011 au--3b154063ceihcdihbdbgdejhbdcdhenea5.telemetryverification.net 1
1012 au--cebhjdeeihkhghcdcejcidadceihcdihbdbgdejhbdcdhenea2.telemetryverification.net 1
1013 au--ceihcdihbdbgdejhbdcdhenea3.telemetryverification.net 1
1014 au--cejehfjfchggmeidkfpenepgceihcdihbdbgdejhbdcdhenea7.telemetryverification.net 1
1015 au--cejehfjfchggmeidkfpenepga6.telemetryverification.net

au--3b154063a4.telemetryverification.net


**I don't think a hosts file can stop this crap. They just use random odd urls to use telemetry.


I really have done a great deal to stop all this and they still found ways around it. and this is just win7, imagine what 10 is doing**

http://archive.today/2016.11.12-050656/http://www.dslreports.com/forum/r30222844-Stop-Windows-10-From-Spying-On-You-36-DNS-Addresses-to-host-file

http://archive.today/2015.09.15-020602/https://localghost.org/posts/a-traffic-analysis-of-windows-10

http://archive.today/2016.06.09-060606/http://www.wilderssecurity.com/threads/list-of-windows-7-telemetry-updates-to-avoid.379151/page-2

http://archive.fo/2018.02.14-202231/http://forum.notebookreview.com/threads/windows7-8-updates-to-hide-to-prevent-windows-10-upgrade-disable-telemetry.780476/
 
The following users thanked this post: chickenHeadKnob, German_EE, Mortymore

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 4012
  • Country: au
Re: Windows is getting disgusting
« Reply #802 on: March 20, 2019, 07:37:04 am »
Speaking of Windows telemetry, I've had DNS blocking on my network for a while and despite only having 1 Windows machine on my network, it still generates the vast majority of blocked requests (see attached screen shot).
 

Offline rdl

  • Super Contributor
  • ***
  • Posts: 3033
  • Country: us
Re: Windows is getting disgusting
« Reply #803 on: March 20, 2019, 10:01:50 am »
Speaking of Windows telemetry, I've had DNS blocking on my network for a while and despite only having 1 Windows machine on my network, it still generates the vast majority of blocked requests (see attached screen shot).

What kind of set up is needed to do that?
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 15462
  • Country: gb
Re: Windows is getting disgusting
« Reply #804 on: March 20, 2019, 10:06:41 am »
Just to note on telemetry, even the server versions (2019+) and the enterprise editions report telemetry when it's turned off now.

The company I am currently consulting with consider this to be a grave enough security risk they are planning a whole site migration to RHEL / CentOS at the moment which is paying the bills nicely. So thanks Microsoft!  :-DD
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 4012
  • Country: au
Re: Windows is getting disgusting
« Reply #805 on: March 20, 2019, 10:29:20 am »
Speaking of Windows telemetry, I've had DNS blocking on my network for a while and despite only having 1 Windows machine on my network, it still generates the vast majority of blocked requests (see attached screen shot).

What kind of set up is needed to do that?

The screen shot is taken from the Pi-hole admin interface, running on an actual Raspberry Pi (and works very well). That is my network's primary DNS and DHCP server.

On top of that, I use the Ghostery and Adblock Plus plugins for Opera. I get absolutely zero ads (even video ads on YouTube are completely blocked on my desktop machine).

I also do some blacklisting at the firewall, but that's just a personal list I've created.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 15462
  • Country: gb
Re: Windows is getting disgusting
« Reply #806 on: March 20, 2019, 10:36:33 am »
Are you sure it works for telemetry?

A lot of the telemetry stuff in windows falls back to internal hard coded addresses if the DNS entry doesn't work.
 

Offline magic

  • Super Contributor
  • ***
  • Posts: 2322
  • Country: pl
Re: Windows is getting disgusting
« Reply #807 on: March 20, 2019, 10:39:14 am »
Wow, I've never imagined Windows could fall so low so fast. The last version I liked was 98, the last version I used was XP. Hopefully it will stay that way forever.

Just to note on telemetry, even the server versions (2019+) and the enterprise editions report telemetry when it's turned off now.
Absolute madness. Westerners are surely spineless sheep who will put up with absolutely anything so it's fair game I guess, but to do the same to companies which need data confidentiality and have regulations to comply with? I don't understand what those people are thinking. :-//
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 15462
  • Country: gb
Re: Windows is getting disgusting
« Reply #808 on: March 20, 2019, 10:42:01 am »
That's precisely why the fintech market is moving away from it. We're not putting up with it. It's just hard to shift 20 years of investment.

They want us in the cloud too, which isn't happening for a lot of companies.

One of the real problems is there is a lot of investment in Microsoft .Net and they expect users to take on telemetry with that now too. Take a look at this thread: https://github.com/dotnet/cli/issues/3093

MSFT do whatever they want. Total assholes and deserve to burn now.

Edit: to note, the process I am currently providing is going from manually deployed ancient Manually installed Windows Server + SQL Server + MSMQ + .Net to Automated CentOS + PostgreSQL + RabbitMQ + python/C. The cost is 1/5th and the performance is 2-3x greater.
« Last Edit: March 20, 2019, 10:45:51 am by bd139 »
 

Online wraper

  • Supporter
  • ****
  • Posts: 11714
  • Country: lv
Re: Windows is getting disgusting
« Reply #809 on: March 20, 2019, 10:54:47 am »
 

Offline madires

  • Super Contributor
  • ***
  • Posts: 5317
  • Country: de
  • A qualified hobbyist ;)
Re: Windows is getting disgusting
« Reply #810 on: March 20, 2019, 11:30:57 am »
With all the telemetry, which can't be turned off completely, any EU business or organization using Win10 is basically violating the GDPR. Imagine you are ill and see the doctor. As the doctor documents your visit MS gets a copy. This is an absolute no-no!
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 15462
  • Country: gb
Re: Windows is getting disgusting
« Reply #811 on: March 20, 2019, 11:35:57 am »
They're not. You just have to document it in your organisational security policy. If the breach takes place due to an infiltration event and the infiltrator is identifiable and you complied with your own security policy and that was deemed practical and reasonable, MSFT have to answer to it, not you. Lots of companies spent a lot of money working this out last year.
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 4012
  • Country: au
Re: Windows is getting disgusting
« Reply #812 on: March 20, 2019, 11:51:17 am »
Are you sure it works for telemetry?

A lot of the telemetry stuff in windows falls back to internal hard coded addresses if the DNS entry doesn't work.

Yup, which is where my firewall blacklist comes in. DNS blocking is just one of several security techniques I use, even at home.

Nothing leaves my network without me knowing about it.
 

Offline harnon

  • Regular Contributor
  • *
  • Posts: 215
  • Country: au
  • Is this thing on?
    • My Personal Website
Re: Windows is getting disgusting
« Reply #813 on: March 20, 2019, 12:04:07 pm »
Yikes! All that telemetry is a bit  :-[ 

Nothing leaves my network without me knowing about it.

Are you using a Pi-hole @Halcyon? I was looking at it the other day as something to do with a Raspberry Pi that's just getting dusty. Maybe I'll move it a bit up the todo list!
 

Offline RoGeorge

  • Super Contributor
  • ***
  • Posts: 2430
  • Country: ro
Re: Windows is getting disgusting
« Reply #814 on: March 20, 2019, 12:17:43 pm »
Nothing leaves my network without me knowing about it.

That is just what you *wish* to achieve.  An external firewall might help, but there is no guarantee that the wish really happens.

Everybody should keep that in mind at all times.

Online bd139

  • Super Contributor
  • ***
  • Posts: 15462
  • Country: gb
Re: Windows is getting disgusting
« Reply #815 on: March 20, 2019, 12:21:39 pm »
There is a guarantee if you deny all traffic then whitelist what you need.

I only don't do this because I don't really care.
 

Offline RoGeorge

  • Super Contributor
  • ***
  • Posts: 2430
  • Country: ro
Re: Windows is getting disgusting
« Reply #816 on: March 20, 2019, 12:37:24 pm »
There is a guarantee if you deny all traffic then whitelist what you need.

Still NO guarantee.  That is exactly what I am trying to highlight.

There are all kind of side channel leaks.  In theory, you are correct, because you assume all the devices are doing only what it is supposed to be doing, and nothing more.  This doesn't happen in real life.  Never.  There is always something we didn't think about it yet, but someone else might already discover it and exploit it.

Online bd139

  • Super Contributor
  • ***
  • Posts: 15462
  • Country: gb
Re: Windows is getting disgusting
« Reply #817 on: March 20, 2019, 12:46:11 pm »
That's possible but the whole point is to make that difficult to exploit if it does happen using carefully layered architecture and security policies. Never rely on just one security control!

Knowing what risks lead to exfiltration is step one. mitigation, step 2. monitoring, step 3. prevention, step 4.
 

Offline Alex Nikitin

  • Super Contributor
  • ***
  • Posts: 1021
  • Country: gb
  • Femtoampnut and Tapehead.
    • A.N.T. Audio
Re: Windows is getting disgusting
« Reply #818 on: March 20, 2019, 12:55:52 pm »
There is a guarantee if you deny all traffic then whitelist what you need.

I only don't do this because I don't really care.

All computer users go through three stages in respect of Internet security:

1) Ignorance - "I know nothing".

2) Paranoia - "I am scared of everything".

3) Enlightenment - "I don't care" . 

 ;)

Cheers

Alex
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 15462
  • Country: gb
Re: Windows is getting disgusting
« Reply #819 on: March 20, 2019, 01:02:49 pm »
It’s my job to care about this unfortunately. I just don’t take the work home  :-DD
 

Offline NiHaoMike

  • Super Contributor
  • ***
  • Posts: 6344
  • Country: us
  • "Don't turn it on - Take it apart!"
    • Facebook Page
Re: Windows is getting disgusting
« Reply #820 on: March 20, 2019, 01:31:21 pm »
I wonder if there have been any attempts to feed the telemetry fake data. Or more to it, selectively amplify/repeat real data to distort the data distribution.
Cryptocurrency has taught me to love math and at the same time be baffled by it.

Cryptocurrency lesson 0: Altcoins and Bitcoin are not the same thing.
 

Offline SiliconWizard

  • Super Contributor
  • ***
  • Posts: 5441
  • Country: fr
Re: Windows is getting disgusting
« Reply #821 on: March 20, 2019, 02:24:38 pm »
MS just released an "update" for Windows 7 which will serve as a reminder starting jan. 2020 to annoy the hell out of people who will still be using 7. This update is optional  for now, but I wouldn't count on that forever.

I wonder how MS can get away with all this telemetry data. This is a huge security (and obviously privacy, but many people seem not to care in the least anymore, so talking about privacy is like pissing against the wind these days) concern. It's getting even worse than plain viruses. Keyboard, camera, microphone, data... hello? At least with viruses, you have an opportunity to get rid of them. If you're half-computer savvy, you'll certainly prefer taking the risk of getting a virus than having this shit running at all times behind your back.

If MS don't get their act together, Windows will be past history here.

@madires: unfortunately, they are only partly violating the GPDR, or maybe even not at all. Two key points IMO: first, if MS claims they are only storing and using this data after anonymizing it, they can claim it's not personal data anymore. What guarantee we have about this anonymization, I bet very few even know for sure, but I'm not counting on a squad of EU experts going to MS headquarters to audit them :-DD, so this is probably all based on declarative statements if MS is ever asked about it, at least for now. Second, even if personal data is not anonymized, all the GPDR really implies as far as I've gotten it is that the company has to tell people about it and give them access to the data the company holds about them. It doesn't prevent the companies from collecting data. So all you can do is opt out.

 

Online bd139

  • Super Contributor
  • ***
  • Posts: 15462
  • Country: gb
Re: Windows is getting disgusting
« Reply #822 on: March 20, 2019, 02:26:53 pm »
They're already in trouble: https://www.theregister.co.uk/2018/11/16/microsoft_gdpr/

EU will fuck them up pretty hard the moment there's evidence their product has leaked personal data.

They will keep doing it until it's a shareholder profit risk.
 

Offline rdl

  • Super Contributor
  • ***
  • Posts: 3033
  • Country: us
Re: Windows is getting disgusting
« Reply #823 on: March 20, 2019, 03:03:44 pm »
Microsoft gets away with this crap because you basically have to agree to it in order to use any of their products or services. The smartest thing to do is avoid them as much as possible.

https://privacy.microsoft.com/en-US/privacystatement

Just scroll down to this part and start reading.

The data we collect...


 

Offline james_s

  • Super Contributor
  • ***
  • Posts: 12244
  • Country: us
Re: Windows is getting disgusting
« Reply #824 on: March 20, 2019, 04:12:21 pm »
MS just released an "update" for Windows 7 which will serve as a reminder starting jan. 2020 to annoy the hell out of people who will still be using 7. This update is optional  for now, but I wouldn't count on that forever.

I'm ever more glad that I disabled updates completely 3 years ago after the GWX fiasco. Updates have caused far more damage, grief and wasted hours than they have prevented. It's asinine that they abuse the update process in order to push crap. It should be possible to get security fixes only rather than mixing those with features. I don't want my operating system to be a service, I want it to stay out of my way and let me work.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf