aviv00 Posted October 9, 2014 Posted October 9, 2014 (edited) Notices-Before The panic began, please note its only opinion calling Telemetry a Keylogger-This Topic is about ensure Keylogger/ Telemetry is disabled as much as possible but we cant be certain, Althoughafter Testing its working as shouldTested On Lited Windows 10 Enterprise 2015 LTSB N 10240 / 29.7.2015 BuildI don't see the weird dns packets in server 2016 build 10.0.10514[Guide]Way to Disable Keylogger/ Telemetry v3.1Removing packages with Powershell script, need to run as TrustedInstallerPackages like: Windows defender, Telemetry, Onedrive, Cortana...#PreparationIf u have OS with another lang change "*en-US*,*en-*Package*" to your langIf u gonna use the script for online / current OSjust change the z: to c:, /image:temp to /online, cd "HKLM:\111\... to cd "HKLM:\Software\...and also skip the hiving and unloading the regFor mounted wim, copy dism folder with lastest dism version, cmd to mount:#Mountdism\dism /Mount-Wim /WimFile:install.wim /index:1 /MountDir:temp /ScratchDir:.#Removing packages### Fully Automatic Removing Packages / Lite'en Windows 10 / 8.x, by Lite8@MDL / Aviv00@MSFN ####Get packages list excluding en-us packages$s = dir .\Windows\servicing\Packages\*.cat -Exclude *en-US*,*en-*Package*# Filter Packages$s = (dir $s -Include *WindowsFeedback*,*Windows-Skype-ORTC*,*Windows-Prerelease*,*Windows-DiagTrack*,*Windows-ContactSupport*,*OneCore-Maps*,*OneDrive*,*TroubleShooting*,*Search2*,*Cortana*,*Xbox*,*Defender* -Exclude *AutoMerged-xbox*).BaseName#Count$s; $s.count# Hive regreg.exe load HKLM\111 ".\Windows\System32\config\software"#cd "HKLM:\111\Microsoft\windows\CurrentVersion\Component Based Servicing\Packages"# Remove Owners from reg$s | foreach { join-path $PSItem \owners | rd }#z:# save reg and unhivereg.exe unload HKLM\111# remove packages$s | foreach { dism /ScratchDir:. /image:temp /Remove-Package /PackageName:$PSItem }#Finalizing#Cleanupdism\dism /image:temp /Cleanup-Image /StartComponentCleanup /ResetBase#Commitdism\dism /Commit-Wim /MountDir:temp /ScratchDir:.#Exportdism\dism /Export-Image /SourceImageFile:install.wim /SourceIndex:1 /DestinationImageFile:install2.wim; if u use ramdisk like me copy install2 to another folder and format the ramdisk to save time#OneDrive remove servicesc delete OneSyncSvcsc delete OneSyncSvc_24f3aFor Enterprise - open cmd.exe with admin run the code(credit goes to murphy78)Tested on EnterpriseREG ADD HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection\ /v AllowTelemetry /t REG_DWORD /d 0 /fUse this Also for Other EditionsRun cmd as adminthen start the processuse Sc.exe to delete the 3 servicesrun this:sc delete dmwappushsvcsc delete diagnosticshub.standardcollector.servicesc delete diagtrack#Deny Diagnosis Folderand deny system accessing the file AutoLogger-Diagtrack-Listener.etl with caclsicacls "C:\ProgramData\Microsoft\Diagnosis" /remove:g system /inheritance:r /deny system:(OI)(CI)f#Blocking Cortana v1.1Change Search in Firewall advanced to blockor run this in cmd with adminPowershell Set-NetFirewallRule -DisplayName search -Action BlockDisabling "Windows Connect Now - Config Registrar"Powershell Set-service wcncsvc -StartupType disabled::todo#OneDrive#Removing MetroAppsExtreme / TESTERS ONLY / ADVANCED USERSThis Method should break Internet connective for the OS internal partsFirefox and standalone application can connect outsideif application use Internal connective OS's components it should breakand might block backdoors planted in OSStep1Run autoruns.exeUncheck hide windows entriesSearch for v6then uncheck them if u cant uncheck remove themto restore default settings runnetsh winsock resetSteps2MMC -> add snaps-in "cert" -> Computer account, set the cert like in the picture belowhttp://i59.tinypic.com/24gul9t.jpgSemi-Extreme - Lossing ipv6 protocolExplaining - Windows 10 might use those protocols to tunneling the data out to internet.the whole idea of this Method eventually to disable totally network protocols that integrate to OSwhich make IE / OS unable to go out because i dont trust the OS disabling IPv6Powershell Set-service Tcpip6 -StartupType disabledPowershell Set-service wanarpv6 -StartupType disabledPowershell Set-service iphlpsvc -StartupType disabledIndex(Please PM to add More to Index):http://forums.mydigitallife.info/threads/57339-Guide-Way-to-Disable-Keylogger?p=1028934&viewfull=1#post1028934 reg by Michel Edited January 14, 2016 by aviv00 2
Tripredacus Posted October 10, 2014 Posted October 10, 2014 Has there been any proof that it is actually performing keylogging?
gendouhydeist Posted October 13, 2014 Posted October 13, 2014 http://thehackernews.com/2014/10/download-Windows-10-keylogger.htmlthere is according to this article
jaclaz Posted October 13, 2014 Posted October 13, 2014 http://thehackernews.com/2014/10/download-Windows-10-keylogger.htmlthere is according to this article Well, NO. That article, like a zillion other similar articles, points out how by accepting their privacy policy you allow them to keylog, which does not mean that there is (at the moment) a keylogger, nor that it is activated. What Trip is asking is actual proof that such keylogger:a. existsb. is active jaclaz
dencorso Posted October 14, 2014 Posted October 14, 2014 Yes, there's no proof whatever of such keylogger's existence, up to now. And that begs the question: can it possibly, despite not existing (as seems to be the case) be actually already activated?
jaclaz Posted October 14, 2014 Posted October 14, 2014 Yes, there's no proof whatever of such keylogger's existence, up to now. And that begs the question: can it possibly, despite not existing (as seems to be the case) be actually already activated? Well, the point is that they are allowed (by you) to use one. Whether it is there and can be remotely activated, or it can be downloaded automagically (and as well activated) does not change the authorization you gave them to use one. It is entirely possible that the provision is the result of some retarded MS engineer mis-explaining the "feature" to a retarded MS attorney (or that the latter mis-understood the former), or it could be just a "preventive", "demonstrative" provision, just a social experiment to see how much retarded are the final users, still it represents one of the reasons why I put to use my good ol'sticks (the 10 feet ones that were too d@mn heavy for NOT touching Vista ) for NOT touching the stupid new OS: http://www.msfn.org/board/topic/125258-nlite-and-microxp/#entry807225 Let's put this into perspective. When you want to track usage of a product, you ask (possibly politely) your customers (final users) to provide feedback, usually by asking them to fill a questionnaire or poll. When you want to beta test something, you find a number of beta testersthat usually are a restricted number of "advanced" users asking them to report bugs, inconsistencies, provide suggestions, etc. In any case BOTH approaches have two key characteristics: 1. it is done on a voluntary basis 2. the user knows EXACTLY the information that he/she provides No issues with #1. Many about #2. Now, IF the data gathered and collected was in the form of a plain .txt file (or a .xls, or a .mdb or the awful .xml, etc. or the format was OPEN and a viewer for it was provided) AND the feedback would consist of a limited (human readable) amount of data (say compressed into an archive) and sent to MS - say - once a week AND there would be an explicit consent required to send the data AND the data was collected in a public searchable/accessible database (in an anonymous form) THEN MAYBE I could THINK of sending them some detail on the usage I make of the OS. That is a generic issue with any kind of statistical result, if no RAW data is public, the results may well be wrong or manipulated. Remember that Windows 8/8.1 is (according to them) the result of telemetry/users feedback, so, someone, somewhere and en masse must have made them think that it was a good idea. OR they lied to us, inventing the consensus that never was (and this is not a good precedent record). jaclaz This is connected with oligarchy AND NOT democracy, the process implies that there are a number of people that have a certain number of working neurons and use them when providing feedback.
NoelC Posted October 15, 2014 Posted October 15, 2014 Trust mother Microsoft. She will take care of you. In all seriousness, what makes you think they weren't tracking everything you were doing already? Their foot is already WAY in your door, and has been for years. We install software and scramble security features to prevent automatic installation of software. Yet most folks leave Windows configured to install updates automatically. Many use cloud services and back up their private data to who knows where. Yes, fully half the people in the world are of below average intelligence. Thing is, something holds Microsoft back from being completely stupid about it, though... If someone DOES have private information Microsoft has collected get out by Microsoft's own negligence, just think of the liability! Stupid EULA that no one reads notwithstanding, they have a LOT to lose in a serious lawsuit. -Noel
jaclaz Posted October 16, 2014 Posted October 16, 2014 Yes, fully half the people in the world are of below average intelligence.No. Fully half the people in the world may be ignorant, in the sense of not knowing or not knowing enough about something (ignorance has nothing to do with intelligence or lack of it, and can usually be cured ). Please take note how "serious lawsuit" could be considered an oximoron , and you need a special license to post one of those on MSFN Seriously, the point is IMHO not much about the actual data (if any), but about the concept, you are asked to authorize the collection of *any* data in an unspecified amount, with unspecified means, and without any control on which data is collected and transmitted. I personally find this a "serious" issue. jaclaz.
NoelC Posted October 16, 2014 Posted October 16, 2014 Don't get me wrong, I'm with you - online privacy is a VERY serious issue. But it's been a long time an issue; there's nothing special about now, except that maybe the powers that be are pushing the boundaries a little further. "Online privacy" - there's your oxymoron. -Noel
NoelC Posted October 16, 2014 Posted October 16, 2014 (edited) By the way, regarding Microsoft having a size 13 boot in the door... I see that Microsoft, with the latest spate of Win 8.1 updates, restored all the root namespaces that I keep removing (without downside) to make Explorer work the way I want it. I see that they did something to have Internet Explorer prompt again to ask "Use Recommended Settings?" - which in my case are FAR less secure than those I have chosen. Most anyone who doesn't understand that the question really means "Return IE to default settings or keep using those you've set" would take the recommendation. These are just the parts that are easy to see. So my tongue-in-cheek comment above ("Trust mother Microsoft") is actually more than a joke. It's real. By choosing to use Windows - any version that runs on modern hardware - you are implicitly choosing to trust Microsoft - to partner with them, no ifs ands or buts. Either you're with them or against them. There's no middle ground that everyone loves to think exists, where you've bought software that does what you want, when you want, without ulterior motives. Where YOU'RE in charge. It's simply not there. It's up to you to decide whether partnering with Microsoft provides value. Recall what a big deal it was when Microsoft announced they'd stop supporting XP? OMG! So many people worried that XP would just stop working the very next day. Perhaps they should rejoice instead! No longer is Microsoft drop-loading whatever they want into your XP system. Chances are it will remain as stable as it is, and no new spying will take place. Imagine the sheer psychological power in convincing sheeple that instability - Microsoft being able to change your OS at will through automatic updates - is somehow preferable over stability. It's the same power they're trying to wield by telling people that Windows 10 is an all-new marvel. Everyone needs to leave behind the misconception that by falling in with the crowd they're making the right decision. Right now! Note that I did not say that this would mean you would stop using Microsoft software. Use it as long as you get value from it, but go into the partnership with your eyes open! And always remember that All Your Datas Are Belong To Microsoft. I agree - "No". I was wrong - more than half the people of this world are stupid. And ignorant. And whether a cure exists is irrelevant, they're already stuck in the web. -Noel Edited October 16, 2014 by NoelC
NoelC Posted October 16, 2014 Posted October 16, 2014 Recall what a big deal it was when Microsoft announced they'd stop supporting XP? OMG! So many people worried that XP would just stop working the very next day. Perhaps they should rejoice instead! No longer is Microsoft drop-loading whatever they want into your XP system. Chances are it will remain as stable as it is, and no new spying will take place. But WAIT! Dropping support doesn't mean what it sounds like! I just fired up an XP VM to check, and lo and behold there's an October 2014 "Malicious Software Removal Tool" sitting there waiting in Windows Update. Malicious by whose definition, I wonder? Stopping support indeed! -Noel
jaclaz Posted October 16, 2014 Posted October 16, 2014 Dropping support doesn't mean what it sounds like! To be fair, once upon a time in a far away galaxy, in order to be able to drop support you needed to provide it until the change. Otherwise people won't notice it. Claiming that you supported it and that you will stop doing that on a given date (and bragging a lot about it and how dangerous it will be if you don't switch to the new supported OS before that) is not exactly the same. jaclaz
Tripredacus Posted October 16, 2014 Posted October 16, 2014 But WAIT! Dropping support doesn't mean what it sounds like! I just fired up an XP VM to check, and lo and behold there's an October 2014 "Malicious Software Removal Tool" sitting there waiting in Windows Update. Malicious by whose definition, I wonder? Stopping support indeed! -Noel This seems to still be missed by people online. XP support has ended but that doesn't mean you stop seeing new updates offered by Windows Updates for non-OS products. This includes the Malicious Software Removal Tool, Office or whatever else.
HarryTri Posted October 16, 2014 Posted October 16, 2014 (edited) THEN MAYBE I could THINK of sending them some detail on the usage I make of the OS. I'm not enthusiastic about it either but isn't it what Google - for example - already does with Android? Of course they ask for your agreement first.Correction, it's not Google itself but the vendors of the Android phones who ask for the usage data. I suppose Google does the same with e.g. Google Note. Edited October 18, 2014 by HarryTri
jaclaz Posted October 16, 2014 Posted October 16, 2014 I'm not enthusiastic about it either but isn't it what Google - for example - already does with Android? Of course they ask for your agreement first. Ah well, if they asked for it, then that's fine. , after all the good google guys' motto is "Don't be Evil":http://en.wikipedia.org/wiki/Don't_be_evil jaclaz
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now