Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


Bakuchris

Are these the only things you need to disable to stop telemetry

Recommended Posts

Are these the only things you need to disable to keep from Windows 8.1 for sending telemetry data to Microsoft?


http://techne.alaya.net/?p=12499.


 


P.S. I know that you could also disconnect from the Internet when not using it or use a firewall to limit network application traffic.


Share this post


Link to post
Share on other sites

Just at a glance, that article doesn't mention reconfiguring Windows Defender and the Malicious Software Removal Tool to avert sending data to Microsoft spynet.

 

I have also removed all Apps and App/Store oriented features as I have no need for them.

 

I use a block-by-default firewall setup for outgoing connections (which does take more effort to maintain), and even with all the reconfiguration I've done I have not been able to quiet Windows 8.1 completely down, per the firewall logs.  Services still occasionally try to contact Microsoft or CDN servers online - a few times a day.  Since Microsoft uses CDN servers, and doesn't always access things by name resolution (for example, by having hard-coded internal lists of IP addresses or indirectly after requests to go.microsoft.com) you cannot really develop a rigorous blacklist.  My current hosts file, which I update every month, blocks some 27,000 URLs, vs. the 50 or so seen listed in the linked article, but again bear in mind it's not enough to just block the names.

 

Microsoft considered Windows 8 a cloud-integrated OS, which means it IS going to try to communicate online.  It gets to a point where it becomes impractical to know whether some service is checking online for legitimate updates (e.g., to certificate information) or trying to spill your beans and disrupt your privacy. 

 

So far my system is running perfectly without being allowed to communicate freely by default.  Initially it took more effort, but now I put a few minutes a day into reviewing what was blocked and refining my firewall configuration.

 

-Noel

Share this post


Link to post
Share on other sites

Personally I still install all the offered updates for Windows 8 x64, I won't go insane for the sake of Microsoft, yet I stay away from Windows 10. It seems to be the larger virus of the "Trojan horse" type...

Share this post


Link to post
Share on other sites

Don't kid yourself.  Windows 8 is pretty chatty, and hasn't been the benefit of all the scrutiny that Windows 10 has had, which led to the creation of things like O&O ShutUp 10 and similar products.

 

HarryTri, you may choose to ignore Microsoft's programming of Windows to send your info far and wide while you're not looking, but for those seriously concerned with privacy and security, it's a real issue.  And history has shown that information WILL be exploited.  I'd prefer for them to have less of mine than everyone else's.

 

-Noel

Share this post


Link to post
Share on other sites

Just at a glance, that article doesn't mention reconfiguring Windows Defender and the Malicious Software Removal Tool to avert sending data to Microsoft spynet.

 

I have also removed all Apps and App/Store oriented features as I have no need for them.

 

So far my system is running perfectly without being allowed to communicate freely by default.  Initially it took more effort, but now I put a few minutes a day into reviewing what was blocked and refining my firewall configuration.

 

-Noel

In removing the Apps and AppStore, do you have a tutorial on how you did that?  I removed the WindowsApps directory, and concealed most elements with Classic Shell and defeating UAC.  Does that do it all?

Share this post


Link to post
Share on other sites

There's a thread around here, something like "How to remove Cortana".

 

Basically most Apps can be removed with Remove-AppxPackage and Remove-AppxProvisioned Package.  Then it's a matter of getting geeky and circumventing some interlocks.

 

Ah, here it is:  http://www.msfn.org/board/topic/174344-uninstall-cortana-from-windows-10/

 

A forum member, intika, in post 26, has published a web page on uninstalling the ones that won't go quietly.

 

Here's what I have left:

 

Reliability_01_13_2016.png

 

-Noel

Share this post


Link to post
Share on other sites

So if I have this right Jaclaz, if I'm not on a Windows NT domain, I would be completely unaffected, is that right (or am I misreading it).

:)

Share this post


Link to post
Share on other sites

So if I have this right Jaclaz, if I'm not on a Windows NT domain, I would be completely unaffected, is that right (or am I misreading it).

:)

 

Naah :no: you are completely unaffected because noone is after you :).

But the exploit/theoretical vulnerability is not connected to a "Windows Domain", any Windows OS connected to a network is vulnerable in theory.

 

Generically, WPAD based attacks are reknown since years, see also:

https://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol

http://homepage.ntlworld.com/jonathan.deboynepollard/FGA/web-browser-auto-proxy-configuration.html

In practice for this particular vulnerability to be used the attacker would need physical access to the network.

If they were after you, they would have probably like 257 better/easier ways to pwn you.

 

jaclaz

Share this post


Link to post
Share on other sites

If they were after you, they would have probably like 257 better/easier ways to pwn you.

 

Pwned.jpg

 

 

Note:  DNS logs here (my LAN is a NON-domain environment with Win 7, 8.1, and 10 systems and some Apple hardware as well) for some days now show no evidence of the name wpad being requested for resolution.

 

-Noel

Edited by NoelC

Share this post


Link to post
Share on other sites

Heh, I'm imagining a plethora of privacy enhancing tools - so many that no one knows which is better, and quite possibly no one tool will "have it all covered".

 

We may already be there.

 

I hope this teaches Microsoft that they cannot close off Windows and build a walled garden.

 

-Noel

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...