Jump to content

Are these the only things you need to disable to stop telemetry

Bakuchris

By Bakuchris
in Windows 8

 Share

Recommended Posts


NoelC

NoelC

Posted
Posted

Just at a glance, that article doesn't mention reconfiguring Windows Defender and the Malicious Software Removal Tool to avert sending data to Microsoft spynet.

 

I have also removed all Apps and App/Store oriented features as I have no need for them.

 

I use a block-by-default firewall setup for outgoing connections (which does take more effort to maintain), and even with all the reconfiguration I've done I have not been able to quiet Windows 8.1 completely down, per the firewall logs.  Services still occasionally try to contact Microsoft or CDN servers online - a few times a day.  Since Microsoft uses CDN servers, and doesn't always access things by name resolution (for example, by having hard-coded internal lists of IP addresses or indirectly after requests to go.microsoft.com) you cannot really develop a rigorous blacklist.  My current hosts file, which I update every month, blocks some 27,000 URLs, vs. the 50 or so seen listed in the linked article, but again bear in mind it's not enough to just block the names.

 

Microsoft considered Windows 8 a cloud-integrated OS, which means it IS going to try to communicate online.  It gets to a point where it becomes impractical to know whether some service is checking online for legitimate updates (e.g., to certificate information) or trying to spill your beans and disrupt your privacy. 

 

So far my system is running perfectly without being allowed to communicate freely by default.  Initially it took more effort, but now I put a few minutes a day into reviewing what was blocked and refining my firewall configuration.

 

-Noel

Link to comment
Share on other sites
NoelC

NoelC

Posted
Posted

Don't kid yourself.  Windows 8 is pretty chatty, and hasn't been the benefit of all the scrutiny that Windows 10 has had, which led to the creation of things like O&O ShutUp 10 and similar products.

 

HarryTri, you may choose to ignore Microsoft's programming of Windows to send your info far and wide while you're not looking, but for those seriously concerned with privacy and security, it's a real issue.  And history has shown that information WILL be exploited.  I'd prefer for them to have less of mine than everyone else's.

 

-Noel

Link to comment
Share on other sites
  • 1 month later...
Jody Thornton

Jody Thornton

Posted
Posted

Just at a glance, that article doesn't mention reconfiguring Windows Defender and the Malicious Software Removal Tool to avert sending data to Microsoft spynet.

 

I have also removed all Apps and App/Store oriented features as I have no need for them.

 

So far my system is running perfectly without being allowed to communicate freely by default.  Initially it took more effort, but now I put a few minutes a day into reviewing what was blocked and refining my firewall configuration.

 

-Noel

In removing the Apps and AppStore, do you have a tutorial on how you did that?  I removed the WindowsApps directory, and concealed most elements with Classic Shell and defeating UAC.  Does that do it all?

Link to comment
Share on other sites
NoelC

NoelC

Posted
Posted

There's a thread around here, something like "How to remove Cortana".

 

Basically most Apps can be removed with Remove-AppxPackage and Remove-AppxProvisioned Package.  Then it's a matter of getting geeky and circumventing some interlocks.

 

Ah, here it is:  http://www.msfn.org/board/topic/174344-uninstall-cortana-from-windows-10/

 

A forum member, intika, in post 26, has published a web page on uninstalling the ones that won't go quietly.

 

Here's what I have left:

 

Reliability_01_13_2016.png

 

-Noel

Link to comment
Share on other sites
jaclaz

jaclaz

Posted
Posted

So if I have this right Jaclaz, if I'm not on a Windows NT domain, I would be completely unaffected, is that right (or am I misreading it).

:)

 

Naah :no: you are completely unaffected because noone is after you :).

But the exploit/theoretical vulnerability is not connected to a "Windows Domain", any Windows OS connected to a network is vulnerable in theory.

 

Generically, WPAD based attacks are reknown since years, see also:

https://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol

http://homepage.ntlworld.com/jonathan.deboynepollard/FGA/web-browser-auto-proxy-configuration.html

In practice for this particular vulnerability to be used the attacker would need physical access to the network.

If they were after you, they would have probably like 257 better/easier ways to pwn you.

 

jaclaz

Link to comment
Share on other sites
NoelC

NoelC

Posted
Posted (edited)

If they were after you, they would have probably like 257 better/easier ways to pwn you.

 

Pwned.jpg

 

 

Note:  DNS logs here (my LAN is a NON-domain environment with Win 7, 8.1, and 10 systems and some Apple hardware as well) for some days now show no evidence of the name wpad being requested for resolution.

 

-Noel

Edited by NoelC
Link to comment
Share on other sites
  • 4 weeks later...
NoelC

NoelC

Posted
Posted

Heh, I'm imagining a plethora of privacy enhancing tools - so many that no one knows which is better, and quite possibly no one tool will "have it all covered".

 

We may already be there.

 

I hope this teaches Microsoft that they cannot close off Windows and build a walled garden.

 

-Noel

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...