dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
119479
Itguy2016
join:2015-09-01
Longwood, FL

Itguy2016 to 19579823

Member

to 19579823

Re: Stop Windows 10 From Spying On You? 36 DNS Addresses to host file.

said by 19579823:

A good list my friend!!!!

People will be happy

To quote some of the other engineers here 'Windows 10 is perhaps the greatest spy tool ever devised.'.. Anyway we've noted no issue with blocking all of the ones on my list. We have that list deployed blocking a few dozen machines in a deployed environment and everyone is happily working away from nearly a month now.

Block or don't block. We're blocking. I've put together custom block policies for the Fortigate's we deploy. Some of our corporate clients would be have liability and security issues if this much telemetry got out. By the way - we've logged as much as 100Mb being sent out in bursts from Win10. Not all of it 443 either and some of it contains camera/keyboard data.
Kerodo
join:2004-05-08

Kerodo

Member

Thanks for posting this, it's VERY interesting.
DarkSithPro (banned)
join:2005-02-12
Tempe, AZ

1 recommendation

DarkSithPro (banned) to iam x

Member

to iam x
General question that has me concerned. This free program that we have been using (O&O ShutUp10) works very well. Is there a chance/possibility that Microsoft will issue an update to Bork that program, meaning render it useless through a Windows update? If this telemetry stuff is covered in the Microsoft user license agreement and Microsoft is reading the social sites such as this and knows a lot of people are using it, does that give them the ability to neuter that program in the future? Thanks...

Chubbzie
join:2014-02-11
Greenville, NC
Hitron CDA3
(Software) OpenBSD + pf

Chubbzie to Itguy2016

Member

to Itguy2016
said by Itguy2016:

Not all of it 443 either and some of it contains camera/keyboard data.

Care to further that information? Also if you don't mind sharing, what method(s) of monitoring were used and which version of Win10?
Kerodo
join:2004-05-08

1 recommendation

Kerodo to DarkSithPro

Member

to DarkSithPro
said by DarkSithPro:

General question that has me concerned. This free program that we have been using (O&O ShutUp10) works very well. Is there a chance/possibility that Microsoft will issue an update to Bork that program, meaning render it useless through a Windows update? If this telemetry stuff is covered in the Microsoft user license agreement and Microsoft is reading the social sites such as this and knows a lot of people are using it, does that give them the ability to neuter that program in the future? Thanks...

Interesting that it says "Microsoft Partner" there on the site:

»www.oo-software.com/en/shutup10
DarkSithPro (banned)
join:2005-02-12
Tempe, AZ

DarkSithPro (banned)

Member

said by Kerodo:

said by DarkSithPro:

General question that has me concerned. This free program that we have been using (O&O ShutUp10) works very well. Is there a chance/possibility that Microsoft will issue an update to Bork that program, meaning render it useless through a Windows update? If this telemetry stuff is covered in the Microsoft user license agreement and Microsoft is reading the social sites such as this and knows a lot of people are using it, does that give them the ability to neuter that program in the future? Thanks...

Interesting that it says "Microsoft Partner" there on the site:

»www.oo-software.com/en/shutup10

It doesn't say that exactly from a filter search. What are you getting at?
Kerodo
join:2004-05-08

Kerodo

Member

Nothing really, just that it says "Microsoft Partner" on the web page, which is amusing if MS would retaliate against their software and it's doings and neuter it etc. Seems inconsistent.
DarkSithPro (banned)
join:2005-02-12
Tempe, AZ

DarkSithPro (banned)

Member

said by Kerodo:

Nothing really, just that it says "Microsoft Partner" on the web page, which is amusing if MS would retaliate against their software and it's doings and neuter it etc. Seems inconsistent.

IYO would they do that?
Kerodo
join:2004-05-08

1 recommendation

Kerodo

Member

said by DarkSithPro:

said by Kerodo:

Nothing really, just that it says "Microsoft Partner" on the web page, which is amusing if MS would retaliate against their software and it's doings and neuter it etc. Seems inconsistent.

IYO would they do that?

I'm certainly no expert on the subject, but I don't think they'd bother. If they wanted to, MS could work around things and install even more intrusive features. That's what bothers me about 10. We don't really know where it's going or what they might or might not do. It's pretty open ended....

Noah Vail
Oh God please no.
Premium Member
join:2004-12-10
SouthAmerica

Noah Vail to Kerodo

Premium Member

to Kerodo
said by Kerodo:

Interesting that it says "Microsoft Partner" there on the site:
»www.oo-software.com/en/shutup10

I've been a Microsoft Partner on/off for over 15 years.
It's an avenue to get cheap MS software and not difficult to sign up for.

It doesn't mean anything by itself.
Mele20
Premium Member
join:2001-06-05
Hilo, HI

2 recommendations

Mele20 to Kerodo

Premium Member

to Kerodo
said by Kerodo:

If they wanted to, MS could work around things and install even more intrusive features. That's what bothers me about 10. We don't really know where it's going or what they might or might not do. It's pretty open ended....

And it is the LAST EVER Windows. So, the line in the sand has to be clearly drawn NOW and concerned users have to rally round and band together to try and stop this now as later we won't have a chance but we do now.

Noah Vail
Oh God please no.
Premium Member
join:2004-12-10
SouthAmerica

Noah Vail

Premium Member

said by Mele20:

So, the line in the sand has to be clearly drawn NOW and concerned users have to rally round and band together to try and stop this now as later we won't have a chance but we do now.

MS won't stop trying to monitor us. Too much of their future is tied up in leveraging users' data into profit.
What I would change is for MS to be fully transparent about what they collect and how it's used.

Meanwhile, we can continue to investigate Win10 and develop tools for users to protect themselves.
Eventually, Big Tech will try to purchase federal law, to make that (investigating them / protecting ourselves) illegal.

Best we stay vigilant.

camper
just visiting this planet
Premium Member
join:2010-03-21
Bethel, CT

camper to chachazz

Premium Member

to chachazz
said by chachazz:

A colleague on another forum collected/reported the following data:

 
Here's a link to the original of that article, along with a disclaimer about its validity:
»localghost.org/posts/a-t ··· ndows-10
Itguy2016
join:2015-09-01
Longwood, FL

1 edit

1 recommendation

Itguy2016 to iam x

Member

to iam x
By the way - here is a definitive list of Anti-Spy tools for Win10.

»www.ghacks.net/2015/08/1 ··· y-tools/

Give them a peek. Some are very professional. I also use a custom batch file to accomplish most of what these tools do in a single run application. Nevertheless - it still appears to be important to block via UTM/Firewall if you can. If not then you'll need to settle for Host blocking but that won't work on hardcoded IPs.

camper
just visiting this planet
Premium Member
join:2010-03-21
Bethel, CT

camper

Premium Member

said by Itguy2016:

here is a definitive list of Anti-Spy tools for Win10.

 

It's a sad state of being for Microsoft Windows when the big topic of conversation about a new release of the OS is how to prevent it from spying on its users.

Noah Vail
Oh God please no.
Premium Member
join:2004-12-10
SouthAmerica

2 recommendations

Noah Vail

Premium Member

said by camper:

It's a sad state of being for Microsoft Windows when the big topic of conversation about a new release of the OS is how to prevent it from spying on its users.

I'm not too irritated at MS. Corporations are mindless entities and we are food.
Just imagine if corporations were sentient.

What's important is we value our privacy enough to work together to protect it.
Bobby_Peru
Premium Member
join:2003-06-16

1 recommendation

Bobby_Peru

Premium Member

said by Noah Vail :

...What's important is we value our privacy enough to work together to protect it.

YES, hopefully, also understanding the huge and very real dangers that it's erosion, let alone total loss, bring.

anonismyname
@leaseweb.net

anonismyname to Itguy2016

Anon

to Itguy2016
said by Itguy2016:By the way - we've logged as much as 100Mb being sent out in bursts from Win10. Not all of it 443 either and some of it contains camera/keyboard data.
[/bquote :

Dude, no way....that's very unnerving, i must say.


Chubbzie
join:2014-02-11
Greenville, NC
Hitron CDA3
(Software) OpenBSD + pf

Chubbzie to Itguy2016

Member

to Itguy2016
said by Itguy2016:

By the way - we've logged as much as 100Mb being sent out in bursts from Win10. Not all of it 443 either and some of it contains camera/keyboard data.

Blindly accept your word or provide some insightful proof? I'm not trying to offend you in anyway but this is a security forum, factual basis reigns supreme.
Itguy2016
join:2015-09-01
Longwood, FL

2 recommendations

Itguy2016

Member

said by Chubbzie:

said by Itguy2016:

By the way - we've logged as much as 100Mb being sent out in bursts from Win10. Not all of it 443 either and some of it contains camera/keyboard data.

Blindly accept your word or provide some insightful proof? I'm not trying to offend you in anyway but this is a security forum, factual basis reigns supreme.

Please don't accept my posts as factual. Setup your own lab, intercept traffic, then peel it apart to determine things for yourself. What I claim is also substantiated by other labs/reports/articles - just the amount of data seems to vary which could be attributed to the settings in particular installs.

Chubbzie
join:2014-02-11
Greenville, NC
Hitron CDA3
(Software) OpenBSD + pf

Chubbzie

Member

said by Itguy2016:

Please don't accept my posts as factual.

Why thank you sir now I can carry on with my day. Thankfully no need for a lab to dump & pilfer the traffic, a single host will do.
Itguy2016
join:2015-09-01
Longwood, FL

Itguy2016

Member

said by Chubbzie:

said by Itguy2016:

Please don't accept my posts as factual.

Why thank you sir now I can carry on with my day. Thankfully no need for a lab to dump & pilfer the traffic, a single host will do.

You see I'm not in the business to 'convince' anyone of anything. As a security engineer I present the data and each person can count or discount it in whatever fashion they desire. I've learned long ago never to spend any time attempting to convince anyone of anything. Just put your data/facts out there and roll with it. Also, forums are littered with shills. (NSA, Microsoft or otherwise) Attempting to argue with them draws you into their modus and will only lead to threads degrading to the point where 'useful' data is largely ignored.

BTW - Host File doesn't block several of the telemetry pushes. It's hard coded. (DLL's or otherwise) Host File while once highly effective for a variety of purposes is largely security theater these days.

camper
just visiting this planet
Premium Member
join:2010-03-21
Bethel, CT

camper

Premium Member

said by Itguy2016:

Also, forums are littered with shills. (NSA, Microsoft or otherwise)

 
There appeared to be one who passed through these parts recently....
Kerodo
join:2004-05-08

Kerodo

Member

Some of them might even be your best friends!

Chubbzie
join:2014-02-11
Greenville, NC
Hitron CDA3
(Software) OpenBSD + pf

Chubbzie to Itguy2016

Member

to Itguy2016
said by Itguy2016:

As a security engineer I present the data

Alrighty, let's check it out.
said by Itguy2016:

BTW - Host File doesn't block several of the telemetry pushes.

Yep, honestly though depending on the Hosts file for anything security related has always been questionable at best.
said by Itguy2016:

Also, forums are littered with shills.

Oh don't mind them, we're all neighbors.
IamGimli (banned)
join:2004-02-28
Canada

1 recommendation

IamGimli (banned) to iam x

Member

to iam x
What would be really nice is if someone would develop a pfSense addon like pfBlocker but for privacy/security applications such as this. You could subscribe to various lists of addresses/domains to be blocked by category and pfSense would automatically create firewall rules to block what you want blocked and keep those lists updated as manufacturers change their approach.

Spyware goes much further than Microsoft.

Actually if someone would just take on the production and maintenance of such lists they could be added to pfBlocker as-is.

xter
@on.net

1 recommendation

xter

Anon

You can actually add the list to pfsense pfblocker atm.
Go into pfblocker and setup a new ipv4 list

set the list to txt and use this address

»raw.githubusercontent.co ··· ostslist

set it to deny both ways.
Itguy2016
join:2015-09-01
Longwood, FL

1 recommendation

Itguy2016 to IamGimli

Member

to IamGimli
said by IamGimli:

What would be really nice is if someone would develop a pfSense addon like pfBlocker but for privacy/security applications such as this. You could subscribe to various lists of addresses/domains to be blocked by category and pfSense would automatically create firewall rules to block what you want blocked and keep those lists updated as manufacturers change their approach.

Spyware goes much further than Microsoft.

Actually if someone would just take on the production and maintenance of such lists they could be added to pfBlocker as-is.

You can already add this list to pfSense, Untangle, etc. What would be really cool - and something I am working to make happen - if Untangle had a 'Privacy Module' ready to go in it where you simply check off the categories, etc.
IamGimli (banned)
join:2004-02-28
Canada

IamGimli (banned) to xter

Member

to xter
said by xter :

You can actually add the list to pfsense pfblocker atm.

said by IamGimli :

Spyware goes much further than Microsoft.

Itguy2016
join:2015-09-01
Longwood, FL

Itguy2016

Member

I block on average - 15,000 telemetry outbounds on my network. As IamGimli points out - it's far far worse than MS alone.. Think of all of those Android OS devices on your network and the telemetry off of those. Then there is the 'hidden' telemetry from companies like Mixpanel imbedded in multiple products/services which track your 'activity'. It's exhaustive to setup at times but worth it IMO. Certainly a privacy module on UTM's would be a welcome addition.