Click to Translate to English Click to Translate to French  Click to Translate to Spanish  Click to Translate to German  Click to Translate to Italian  Click to Translate to Japanese  Click to Translate to Chinese Simplified  Click to Translate to Korean  Click to Translate to Arabic  Click to Translate to Russian  Click to Translate to Portuguese


Forum Home Forum Home > Off Topic Rooms > The Dungeon
  New Posts New Posts RSS Feed - Windows 10
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

Online Discussion: Tracking new emerging diseases and the next pandemic.

Windows 10

 Post Reply Post Reply
Author
Message
Kay View Drop Down
Adviser Group
Adviser Group
Avatar

Joined: October 22 2014
Location: OHIO
Status: Offline
Points: 7205
Post Options Post Options   Thanks (0) Thanks(0)   Quote Kay Quote  Post ReplyReply Direct Link To This Post Topic: Windows 10
    Posted: August 19 2015 at 4:08pm
http://localghost.org/
 

A Traffic Analysis of Windows 10

Note: Some readers have commented that the original source for the article is of questionably validity. If anyone can confirm or refute the original author's finding with actual data, please let me know in the comments, and I'll update this post accordingly.

Some Czech guy did a traffic analysis of data produced by Windows 10, and released his findings the other day. His primary thesis was that Windows 10 acts more like a terminal than an operating system -- because of the extent of the "cloud" integration, a large portion of the OS functions are almost dependent on remote (Microsoft's) servers. The amount of collected information, even with strict privacy settings, is quite alarming.

Information transmitted

All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:

oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com

There isn't a clear purpose for this, considering there there's no autocorrect/prediction anywhere in the OS (There is autocorrect in certain text fields, but the supposed purpose for transmitting these keystrokes is to improve autocorrect across devices. Whether a full keylog is necessary for this (as opposed to just corrections) is questionable. Furthermore, this appears to still occur even if the user is not signed in to a Microsoft account, eliminating the "across devices" benefit. Perhaps there is a global autocorrect dictionary that benefits all users, but the privacy implications of an un-disableable always-on keylogger outweigh these potential benefits.). The implications of this are significant: because this is an OS-level keylogger, all the data you're trying to transmit securely is now sitting on some MS server. This includes passwords and encrypted chats. This also includes the on-screen keyboard, so there is no way to authenticate to a website without MS also getting your password.

Telemetry is sent once per 5 minutes, to:

vortex.data.microsoft.com
vortex-win.data.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net

You might think that "telemetry" has to do with OS usage or similar... turns out it's telemetry about the user. For example, typing a phone number anywhere into the Edge browser transmits it to the servers above. In another example, typing the name of any popular movie into your local file search starts a telemetry process that indexes all media files on your computer and transmits them to:

df.telemetry.microsoft.com
reports.wes.df.telemetry.microsoft.com
cs1.wpc.v0cdn.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com

It's hard to imagine any purpose for this other than the obvious piracy crackdown possiblities.

When a webcam is first enabled, ~35mb of data gets immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net

Everything that is said into an enabled microphone is immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.urs.microsoft.com
cs1.wpc.v0cdn.net
statsfe1.ws.microsoft.com

If this weren't bad enough, this behaviour still occurs after Cortana is fully disabled/uninstalled. It's speculated that the purpose of this function to build up a massive voice database, then tie those voices to identities, and eventually be able to identify anyone simply by picking up their voice, whether it be a microphone in a public place or a wiretap on a payphone.

Interestingly, if Cortana is enabled, the voice is first transcribed to text, then the transcription is sent to:

pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com
df.telemetry.microsoft.com

If Windows is left unattended for ~15 mins, a large volume of traffic starts being transmitted to various servers. This may be the raw audio data, rather than just samples.

Other concerns

While the inital reflex may be to block all of the above servers via HOSTS, it turns out this won't work: Microsoft has taken the care to hardcode certain IPs, meaning that there is no DNS lookup and no HOSTS consultation. However, if the above servers are blocked via HOSTS, Windows will pretend to be crippled by continuously throwing errors, while still maintaining data collection in the background. Other than an increase in errors, HOSTS blocking did not affect the volume, frequency, or rate of data being transmitted.

Original article, credit AE News

Posted  by localghost.
Back to Top
Jen147 View Drop Down
Moderator
Moderator
Avatar

Joined: March 23 2013
Status: Offline
Points: 17004
Post Options Post Options   Thanks (1) Thanks(1)   Quote Jen147 Quote  Post ReplyReply Direct Link To This Post Posted: August 26 2015 at 7:17am
Windows 10 is spying on almost everything you do – here’s how to opt out
 
Jul 31, 2015
 

Windows 10 is amazing. Windows 10 is fantastic. Windows 10 is glorious. Windows 10 is faster, smoother and more user-friendly than any Windows operating system that has come before it. Windows 10 is everything Windows 8 should have been, addressing nearly all of the major problems users had with Microsoft’s previous-generation platform in one fell swoop.

But there’s something you should know: As you read this article from your newly upgraded PC, Windows 10 is also spying on nearly everything you do.

It’s your own fault if you don’t know that Windows 10 is spying on you. That’s what people always say when users fail to read through a company’s terms of service document, right?

Well, here is Microsoft’s 12,000-word service agreement. Some of it is probably in English. We’re pretty sure it says you can’t steal Windows or use Windows to send spam, and also that Microsoft retains the right to take possession of your first-born child if it so chooses. And that’s only one of several documents you’ll have to read through.

Actually, here’s one excerpt from Microsoft’s privacy statement that everyone can understand:

Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to: 1.comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies; 2.protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or serious injury of anyone; 3.operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or 4.protect the rights or property of Microsoft, including enforcing the terms governing the use of the services – however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Microsoft, we will not inspect a customer’s private content ourselves, but we may refer the matter to law enforcement.

If that sentence sent shivers down your spine, don’t worry. As invasive as it is, Microsoft does allow Windows 10 users to opt out of all of the features that might be considered invasions of privacy. Of course, users are opted in by default, which is more than a little disconcerting, but let’s focus on the solution.

Rock Paper Shotgun has broken things down into four main bullet points that will guide you through regaining control of your personal data.

First, you’ll want to open Settings and click on Privacy. There, you’ll find 13 different screens — yes, 13 — to go through, and you’ll want to disable anything that seems worrying. The blog notes that most of the important settings can be found on the General tab, though other tabs are important as well. For example, you’ll definitely want to adjust what types of data each app on your system can access.

Next, users should consider dumping Cortana. Yes, the voice-driven assistant is easily one of the best new features in Windows 10, but it also plays fast and loose with your data. As a result, many users will find that the benefits do not outweigh the risks.

For the third task, you’ll have to venture outside the confines of your PC and hit the web. Perhaps this is a good opportunity to check out Microsoft’s nifty new Edge browser. In it, click on this link and set both “Personalised ads in this browser” and “Personalised ads wherever I use my Microsoft account” to off. This will disable Microsoft’s Google-style ad tracking features.

The last tip is one that most users will likely forgo, as it is a bit excessive. Rock Paper Shotgun recommends removing your Microsoft account from Windows 10 completely and using a newly made local account instead. This way, Microsoft doesn’t grab hold of all your data to sync it across machines. To us that’s a great and useful feature, but if you want to kill it just follow the link below in our source section for complete instructions and plenty more details.

Back to Top
Jen147 View Drop Down
Moderator
Moderator
Avatar

Joined: March 23 2013
Status: Offline
Points: 17004
Post Options Post Options   Thanks (0) Thanks(0)   Quote Jen147 Quote  Post ReplyReply Direct Link To This Post Posted: August 26 2015 at 7:19am

6 free tools that stop Windows 10 from spying on everything you do

Back to Top
Jen147 View Drop Down
Moderator
Moderator
Avatar

Joined: March 23 2013
Status: Offline
Points: 17004
Post Options Post Options   Thanks (0) Thanks(0)   Quote Jen147 Quote  Post ReplyReply Direct Link To This Post Posted: August 26 2015 at 7:21am

Windows 10: The first 5 things you need to do immediately after you install it

Back to Top
Jen147 View Drop Down
Moderator
Moderator
Avatar

Joined: March 23 2013
Status: Offline
Points: 17004
Post Options Post Options   Thanks (0) Thanks(0)   Quote Jen147 Quote  Post ReplyReply Direct Link To This Post Posted: August 26 2015 at 7:23am
Back to Top
Jen147 View Drop Down
Moderator
Moderator
Avatar

Joined: March 23 2013
Status: Offline
Points: 17004
Post Options Post Options   Thanks (0) Thanks(0)   Quote Jen147 Quote  Post ReplyReply Direct Link To This Post Posted: August 26 2015 at 7:28am
My son is a senior this year but taking dual enrollment college classes, so for his 18th b'day we got him a MacBook Pro.  I am SO fed up! with Windows PC's.  I'm tired of the BSOD's, tired of the complicated updating, forced to either pay for virus/firewall/malware protection or search on my own for free programs that can be complicated to set up, run, create compatibility with other free programs & update.  I'm tired of having to find graphics card drivers on my own & update & just hope & pray something doesn't go wrong and it's been about 50% of the time something did, had to roll back drivers & try again or just give up.  So my next PC will be a Mac.
 
Anyone want to debate what's better Mac or Windows?  I've never owned a Mac so maybe I'll get just as bad or worse, but I'm willing to risk it.
Back to Top
 Post Reply Post Reply
  Share Topic   

Quick Reply
Name:

Message:
   NoFollow is applied to all links from this forum
 Enable BBcodes
Security Code:
Code Image - Please contact webmaster if you have problems seeing this image code  Refresh Refresh Image
Please enter the Security Code exactly as shown in image format.
Cookies must be enabled on your web browser.

Forum Jump Forum Permissions View Drop Down