|
to 19579823
Re: Stop Windows 10 From Spying On You? 36 DNS Addresses to host file.said by 19579823:A good list my friend!!!!
People will be happy To quote some of the other engineers here 'Windows 10 is perhaps the greatest spy tool ever devised.'.. Anyway we've noted no issue with blocking all of the ones on my list. We have that list deployed blocking a few dozen machines in a deployed environment and everyone is happily working away from nearly a month now. Block or don't block. We're blocking. I've put together custom block policies for the Fortigate's we deploy. Some of our corporate clients would be have liability and security issues if this much telemetry got out. By the way - we've logged as much as 100Mb being sent out in bursts from Win10. Not all of it 443 either and some of it contains camera/keyboard data. |
|
|
Kerodo
Member
2015-Sep-14 8:15 pm
Thanks for posting this, it's VERY interesting. |
|
1 recommendation |
to iam x
General question that has me concerned. This free program that we have been using (O&O ShutUp10) works very well. Is there a chance/possibility that Microsoft will issue an update to Bork that program, meaning render it useless through a Windows update? If this telemetry stuff is covered in the Microsoft user license agreement and Microsoft is reading the social sites such as this and knows a lot of people are using it, does that give them the ability to neuter that program in the future? Thanks... |
|
Hitron CDA3 (Software) OpenBSD + pf
|
to Itguy2016
said by Itguy2016:Not all of it 443 either and some of it contains camera/keyboard data. Care to further that information? Also if you don't mind sharing, what method(s) of monitoring were used and which version of Win10? |
|
1 recommendation |
to DarkSithPro
said by DarkSithPro:General question that has me concerned. This free program that we have been using (O&O ShutUp10) works very well. Is there a chance/possibility that Microsoft will issue an update to Bork that program, meaning render it useless through a Windows update? If this telemetry stuff is covered in the Microsoft user license agreement and Microsoft is reading the social sites such as this and knows a lot of people are using it, does that give them the ability to neuter that program in the future? Thanks... Interesting that it says "Microsoft Partner" there on the site: » www.oo-software.com/en/shutup10 |
|
|
said by Kerodo:said by DarkSithPro:General question that has me concerned. This free program that we have been using (O&O ShutUp10) works very well. Is there a chance/possibility that Microsoft will issue an update to Bork that program, meaning render it useless through a Windows update? If this telemetry stuff is covered in the Microsoft user license agreement and Microsoft is reading the social sites such as this and knows a lot of people are using it, does that give them the ability to neuter that program in the future? Thanks... Interesting that it says "Microsoft Partner" there on the site: » www.oo-software.com/en/shutup10 It doesn't say that exactly from a filter search. What are you getting at? |
|
|
Kerodo
Member
2015-Sep-14 9:42 pm
Nothing really, just that it says "Microsoft Partner" on the web page, which is amusing if MS would retaliate against their software and it's doings and neuter it etc. Seems inconsistent. |
|
|
said by Kerodo:Nothing really, just that it says "Microsoft Partner" on the web page, which is amusing if MS would retaliate against their software and it's doings and neuter it etc. Seems inconsistent. IYO would they do that? |
|
1 recommendation |
Kerodo
Member
2015-Sep-14 10:17 pm
said by DarkSithPro:said by Kerodo:Nothing really, just that it says "Microsoft Partner" on the web page, which is amusing if MS would retaliate against their software and it's doings and neuter it etc. Seems inconsistent. IYO would they do that? I'm certainly no expert on the subject, but I don't think they'd bother. If they wanted to, MS could work around things and install even more intrusive features. That's what bothers me about 10. We don't really know where it's going or what they might or might not do. It's pretty open ended.... |
|
Noah VailOh God please no. Premium Member join:2004-12-10 SouthAmerica |
to Kerodo
I've been a Microsoft Partner on/off for over 15 years. It's an avenue to get cheap MS software and not difficult to sign up for. It doesn't mean anything by itself. |
|
Mele20 Premium Member join:2001-06-05 Hilo, HI
2 recommendations |
to Kerodo
said by Kerodo: If they wanted to, MS could work around things and install even more intrusive features. That's what bothers me about 10. We don't really know where it's going or what they might or might not do. It's pretty open ended.... And it is the LAST EVER Windows. So, the line in the sand has to be clearly drawn NOW and concerned users have to rally round and band together to try and stop this now as later we won't have a chance but we do now. |
|
Noah VailOh God please no. Premium Member join:2004-12-10 SouthAmerica |
said by Mele20:So, the line in the sand has to be clearly drawn NOW and concerned users have to rally round and band together to try and stop this now as later we won't have a chance but we do now. MS won't stop trying to monitor us. Too much of their future is tied up in leveraging users' data into profit. What I would change is for MS to be fully transparent about what they collect and how it's used. Meanwhile, we can continue to investigate Win10 and develop tools for users to protect themselves. Eventually, Big Tech will try to purchase federal law, to make that (investigating them / protecting ourselves) illegal. Best we stay vigilant. |
|
camperjust visiting this planet Premium Member join:2010-03-21 Bethel, CT |
to chachazz
said by chachazz:A colleague on another forum collected/reported the following data:   Here's a link to the original of that article, along with a disclaimer about its validity: » localghost.org/posts/a-t ··· ndows-10 |
|
1 edit
1 recommendation |
to iam x
By the way - here is a definitive list of Anti-Spy tools for Win10. » www.ghacks.net/2015/08/1 ··· y-tools/Give them a peek. Some are very professional. I also use a custom batch file to accomplish most of what these tools do in a single run application. Nevertheless - it still appears to be important to block via UTM/Firewall if you can. If not then you'll need to settle for Host blocking but that won't work on hardcoded IPs. |
|
camperjust visiting this planet Premium Member join:2010-03-21 Bethel, CT |
camper
Premium Member
2015-Sep-15 11:13 am
said by Itguy2016:here is a definitive list of Anti-Spy tools for Win10.   It's a sad state of being for Microsoft Windows when the big topic of conversation about a new release of the OS is how to prevent it from spying on its users. |
|
|
Noah VailOh God please no. Premium Member join:2004-12-10 SouthAmerica
2 recommendations |
Noah Vail
Premium Member
2015-Sep-15 11:58 am
said by camper:It's a sad state of being for Microsoft Windows when the big topic of conversation about a new release of the OS is how to prevent it from spying on its users. I'm not too irritated at MS. Corporations are mindless entities and we are food. Just imagine if corporations were sentient.What's important is we value our privacy enough to work together to protect it. |
|
1 recommendation |
said by Noah Vail : ...What's important is we value our privacy enough to work together to protect it. YES, hopefully, also understanding the huge and very real dangers that it's erosion, let alone total loss, bring. |
|
|
anonismyname to Itguy2016
Anon
2015-Sep-16 6:02 am
to Itguy2016
said by Itguy2016:By the way - we've logged as much as 100Mb being sent out in bursts from Win10. Not all of it 443 either and some of it contains camera/keyboard data. [/bquote :Dude, no way....that's very unnerving, i must say. |
|
Hitron CDA3 (Software) OpenBSD + pf
|
to Itguy2016
said by Itguy2016:By the way - we've logged as much as 100Mb being sent out in bursts from Win10. Not all of it 443 either and some of it contains camera/keyboard data. Blindly accept your word or provide some insightful proof? I'm not trying to offend you in anyway but this is a security forum, factual basis reigns supreme. |
|
2 recommendations |
said by Chubbzie:said by Itguy2016:By the way - we've logged as much as 100Mb being sent out in bursts from Win10. Not all of it 443 either and some of it contains camera/keyboard data. Blindly accept your word or provide some insightful proof? I'm not trying to offend you in anyway but this is a security forum, factual basis reigns supreme. Please don't accept my posts as factual. Setup your own lab, intercept traffic, then peel it apart to determine things for yourself. What I claim is also substantiated by other labs/reports/articles - just the amount of data seems to vary which could be attributed to the settings in particular installs. |
|
Hitron CDA3 (Software) OpenBSD + pf
|
said by Itguy2016:Please don't accept my posts as factual. Why thank you sir now I can carry on with my day. Thankfully no need for a lab to dump & pilfer the traffic, a single host will do. |
|
|
said by Chubbzie:said by Itguy2016:Please don't accept my posts as factual. Why thank you sir now I can carry on with my day. Thankfully no need for a lab to dump & pilfer the traffic, a single host will do. You see I'm not in the business to 'convince' anyone of anything. As a security engineer I present the data and each person can count or discount it in whatever fashion they desire. I've learned long ago never to spend any time attempting to convince anyone of anything. Just put your data/facts out there and roll with it. Also, forums are littered with shills. (NSA, Microsoft or otherwise) Attempting to argue with them draws you into their modus and will only lead to threads degrading to the point where 'useful' data is largely ignored. BTW - Host File doesn't block several of the telemetry pushes. It's hard coded. (DLL's or otherwise) Host File while once highly effective for a variety of purposes is largely security theater these days. |
|
camperjust visiting this planet Premium Member join:2010-03-21 Bethel, CT |
camper
Premium Member
2015-Sep-16 2:27 pm
said by Itguy2016:Also, forums are littered with shills. (NSA, Microsoft or otherwise)   There appeared to be one who passed through these parts recently.... |
|
|
Kerodo
Member
2015-Sep-16 2:39 pm
Some of them might even be your best friends! |
|
Hitron CDA3 (Software) OpenBSD + pf
|
to Itguy2016
said by Itguy2016:As a security engineer I present the data Alrighty, let's check it out. said by Itguy2016:BTW - Host File doesn't block several of the telemetry pushes. Yep, honestly though depending on the Hosts file for anything security related has always been questionable at best. said by Itguy2016:Also, forums are littered with shills. Oh don't mind them, we're all neighbors. |
|
1 recommendation |
to iam x
What would be really nice is if someone would develop a pfSense addon like pfBlocker but for privacy/security applications such as this. You could subscribe to various lists of addresses/domains to be blocked by category and pfSense would automatically create firewall rules to block what you want blocked and keep those lists updated as manufacturers change their approach.
Spyware goes much further than Microsoft.
Actually if someone would just take on the production and maintenance of such lists they could be added to pfBlocker as-is. |
|
1 recommendation |
xter
Anon
2015-Sep-17 4:50 am
You can actually add the list to pfsense pfblocker atm. Go into pfblocker and setup a new ipv4 list set the list to txt and use this address » raw.githubusercontent.co ··· ostslistset it to deny both ways. |
|
1 recommendation |
to IamGimli
said by IamGimli:What would be really nice is if someone would develop a pfSense addon like pfBlocker but for privacy/security applications such as this. You could subscribe to various lists of addresses/domains to be blocked by category and pfSense would automatically create firewall rules to block what you want blocked and keep those lists updated as manufacturers change their approach.
Spyware goes much further than Microsoft.
Actually if someone would just take on the production and maintenance of such lists they could be added to pfBlocker as-is. You can already add this list to pfSense, Untangle, etc. What would be really cool - and something I am working to make happen - if Untangle had a 'Privacy Module' ready to go in it where you simply check off the categories, etc. |
|
|
to xter
said by xter :You can actually add the list to pfsense pfblocker atm. said by IamGimli :Spyware goes much further than Microsoft. |
|
|
I block on average - 15,000 telemetry outbounds on my network. As IamGimli points out - it's far far worse than MS alone.. Think of all of those Android OS devices on your network and the telemetry off of those. Then there is the 'hidden' telemetry from companies like Mixpanel imbedded in multiple products/services which track your 'activity'. It's exhaustive to setup at times but worth it IMO. Certainly a privacy module on UTM's would be a welcome addition. |
|