In another thread, user Paranoid Eye kindly shared a link to this reddit guide/discussion: https://www.reddit.com/r/Windows10/comments/3f38ed/guide_how_to_disable_data_logging_in_w10/ If someone does attempt to put a lid on [Microsoft] data collection... either as a basic test or because that is the way they want to run... it would be wise for them to verify the results by running a sniffer [on an external machine]. Since behaviors may change down the road, it would also be wise to double check things periodically. Please let others know what you discover.
thanks for the reddit link, I am feverishly scouring the web for guides like this. Moving from win 7 pro to win 10 pro I fear I am giving up all of the privacy I have fought hard to keep with 7
A repost/reformat of that reddit guide: https://www.reddit.com/r/conspiracy/comments/3fhy27/how_do_disable_all_privacy_leaks_in_windows_10/ has at least two potentially helpful comments. One, someone (shillbabyshill) said they are going to create a powershell script to automatic the steps. Two, someone pointed to another thread: https://www.reddit.com/r/pcmasterrace/comments/3f10k0/things_to_removedisable_in_windows_10/ Which looks weak, but maybe there is something unique/helpful in there. Haven't seen any references to Wireshark or other network captures afterwards. I would also mention that an update *might* change telemetry and/or other hostnames, breaking the hosts file based protections.
I don't see how "NSA_KEY" proves anything. These keys were used to sign Cryptographic Service Providers for the Microsoft CyptoAPI. According to Microsoft, NSA_KEY was the backup key in case the primary key was lost. They called it "NSA Key" because the NSA was in charge of cryptographic export standards so this is what they called it around the office. Keep in mind that cryptography was very tightly regulated at the time this all went down. I'm inclined to believe MS here. Why? Occam's razor. What benefit would the NSA get by having a key to sign Cryptographic Service Providers? Even if they *did* have this key, they would *still* need to get their rogue CSP onto your PC. If they've got that ability, why go through the hoops of having a fake CSP? They could just as easily upload some other malware onto your computer and gain control that way. It just doesn't make sense. These keys aren't backdoors to your system, they are used for signing purposes only. It's well-known that Windows releases anti-malware patches that will remove malicious programs. I don't see how this proves anything. You may have a point with the fact that Windows is closed-source, but I still haven't found any solid evidence that Microsoft is engaged in something nefarious here. Just fear, uncertainty, and doubt.
Hmm. I thought this was interesting: http://www.howtogeek.com/224616/30-ways-windows-10-phones-home/ nozzle
There is already a software that in one place enables you to adjust privacy settings in windows 10, http://www.ghacks.net/2015/08/05/donotspy10-configure-windows-10-privacy-settings/
Well thats interesting.. Iv just ran the file through Virus total 10/65 detection. Big players like Symantec, Eset,GData detected it as Unwanted program. Maybe best to stay clear. None the less, it gives ideas as to what to disable in windows 10 to further enhance privacy.
More on Win 10 privacy issues: http://www.infoworld.com/article/29...ng-in-windows-10-both-sides-of-the-story.html
Do you mean they detected Windows Defender as an unwanted program? To be expected, it´s unwanted for them.
I believe they are referring to this program. https://www.wilderssecurity.com/threads/windows-10-privacy.377785/page-3#post-2513285
Some microsoft tracking domains, taken from open source (which is always a plus) tool called DisableWinTracking (https://github.com/10se1ucgo/DisableWinTracking) that you could add to your hosts file. vortex.data.microsoft.com vortex-win.data.microsoft.com telecommand.telemetry.microsoft.com telecommand.telemetry.microsoft.com.nsatc.net oca.telemetry.microsoft.com oca.telemetry.microsoft.com.nsatc.net sqm.telemetry.microsoft.com sqm.telemetry.microsoft.com.nsatc.net watson.telemetry.microsoft.com watson.telemetry.microsoft.com.nsatc.net redir.metaservices.microsoft.com choice.microsoft.com choice.microsoft.com.nsatc.net df.telemetry.microsoft.com reports.wes.df.telemetry.microsoft.com wes.df.telemetry.microsoft.com services.wes.df.telemetry.microsoft.com sqm.df.telemetry.microsoft.com telemetry.microsoft.com watson.ppe.telemetry.microsoft.com telemetry.appex.bing.net telemetry.urs.microsoft.com telemetry.appex.bing.net:443 settings-sandbox.data.microsoft.com vortex-sandbox.data.microsoft.com survey.watson.microsoft.com watson.live.com watson.microsoft.com statsfe2.ws.microsoft.com corpext.msitadfs.glbdns2.microsoft.com compatexchange.cloudapp.net cs1.wpc.v0cdn.net a-0001.a-msedge.net statsfe2.update.microsoft.com.akadns.net sls.update.microsoft.com.akadns.net fe2.update.microsoft.com.akadns.net 65.55.108.23 65.39.117.230 23.218.212.69 134.170.30.202 137.116.81.24 diagnostics.support.microsoft.com corp.sts.microsoft.com statsfe1.ws.microsoft.com pre.footprintpredict.com 204.79.197.200 23.218.212.69 i1.services.social.microsoft.com i1.services.social.microsoft.com.nsatc.net feedback.windows.com feedback.microsoft-hohm.com feedback.search.microsoft.com
Basically by blocking outbound access from explorer.exe and svchost.exe. I'm not sure if that is enough, but at least I'm not getting to see any "listening ports" anymore.
I've disabled most of this stuff on Win 8 also, it's the first thing I do. Looks like a handy app, nice find.
http://www.majorgeeks.com/files/details/destroy_windows_10_spying.html Read the page. I have not tried it personally because I'm staying with Win 7.
I'm not sure why you'd untick that one... it usually is ticked if you install MS Office, or Silverlight, or anything else that gets updates other than the critical ones that MS does normally. If you have Office installed, you'll need to keep it ticked to get those updates.
because there is such a huge grass roots effort to expose it and fix it since Win 10 came out. I think people were asleep using Win 7 and assumed it was safe and private but is a privacy invader too yet nowhere near the efforts to expose and thwart them like we are seeing now with 10. I am excited about all the Win 10 revelations that have come out and many more to come to make it more private than Win 7 and certainly Win 8. I don't think MS expected this level of resistance to their spying.
I suspect the uncheck of "Give my updates for other Microsoft products when I update" might be driven by one or two things. One, an assumption that less information will be sent to Microsoft during update checks. Two, a desire to have greater control over where/when other applications are changed. There are scenarios where usernames, computer names, and the like can leave the machine. It is good to review such identifiers and make sure they aren't too revealing and/or predictable and/or easily linked to information elsewhere.
Windows 10, Privacy 0? ESET deep dives into the privacy of Microsoft’s new OS http://www.welivesecurity.com/2015/08/06/windows-10-privacy-0/
Some comments by Paul Thurrott on Windows 10 privacy concerns: https://www.petri.com/windows-10-privacy-concerns-are-overblown-but-perception-matters
