# Privacy: Stay away from Windows 10



## Bleipriester (Aug 28, 2015)

Whether there is a possibility that the following Windows 10 traffic analysis is a fake or not, it cannot be risked by people being in their right mind. Windows 10 is an always on keylogger, all your input will be sent to Microsoft. If you have a microphone, Microsoft receives all what you say. Microsoft will be indexing all your files, just when you start a local search for a popular movie or similar. When you plug in your webcam, you giving a free webcam show to Microsoft as large as 35 MB. If Windows 10 is idle for about 15 minuted, it will start recording your home, sending it to MS. Nothing of that can be turned off. So when you have Windows 10 running, it is about time to format c: and use another operating System.

 _"_*A Traffic Analysis of Windows 10 *
_Note: Some readers have commented that the original source for the article is of questionably validity. If anyone can confirm or refute the original author's finding with actual data, please let me know in the comments, and I'll update this post accordingly._

Some Czech guy did a traffic analysis of data produced by Windows 10, and released his findings the other day. His primary thesis was that Windows 10 acts more like a terminal than an operating system -- because of the extent of the "cloud" integration, a large portion of the OS functions are almost dependent on remote (Microsoft's) servers. The amount of collected information, even with strict privacy settings, is quite alarming.

*Information transmitted*
*All text typed on the keyboard* is stored in temporary files, and sent (once per 30 mins) to:

oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com

There isn't a clear purpose for this, considering there there's no autocorrect/prediction anywhere in the OS (_There is autocorrect in certain text fields, but the supposed purpose for transmitting these keystrokes is to improve autocorrect across devices. Whether a full keylog is necessary for this (as opposed to just corrections) is questionable. Furthermore, this appears to still occur even if the user is not signed in to a Microsoft account, eliminating the "across devices" benefit. Perhaps there is a global autocorrect dictionary that benefits all users, but the privacy implications of an un-disableable always-on keylogger outweigh these potential benefits._). The implications of this are significant: because this is an OS-level keylogger, all the data you're trying to transmit securely is now sitting on some MS server. This includes passwords and encrypted chats. This also includes the on-screen keyboard, so there is no way to authenticate to a website without MS also getting your password.

*Telemetry* is sent once per 5 minutes, to:

vortex.data.microsoft.com
vortex-win.data.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net

You might think that "telemetry" has to do with OS usage or similar... turns out it's telemetry about the user. For example, typing a phone number anywhere into the Edge browser transmits it to the servers above. In another example, *typing the name of any popular movie* into your _local_ file search starts a telemetry process that indexes all media files on your computer and transmits them to:

df.telemetry.microsoft.com
reports.wes.df.telemetry.microsoft.com
cs1.wpc.v0cdn.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com

It's hard to imagine any purpose for this other than the obvious piracy crackdown possiblities.

When a *webcam* is first enabled, ~35mb of data gets immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net

*Everything that is said into an enabled microphone* is immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.urs.microsoft.com
cs1.wpc.v0cdn.net
statsfe1.ws.microsoft.com

If this weren't bad enough, *this behaviour still occurs after Cortana is fully disabled/uninstalled*. It's speculated that the purpose of this function to build up a massive voice database, then tie those voices to identities, and eventually be able to identify anyone simply by picking up their voice, whether it be a microphone in a public place or a wiretap on a payphone.

Interestingly, if Cortana is enabled, the voice is first transcribed to text, then the transcription is sent to:

pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com
df.telemetry.microsoft.com

If *Windows is left unattended* for ~15 mins, a large volume of traffic starts being transmitted to various servers. This may be the raw audio data, rather than just samples.

*Other concerns*
While the inital reflex may be to block all of the above servers via HOSTS, it turns out this won't work: Microsoft has taken the care to hardcode certain IPs, meaning that there is no DNS lookup and no HOSTS consultation. However, if the above servers are blocked via HOSTS, Windows will pretend to be crippled by continuously throwing errors, while still maintaining data collection in the background. Other than an increase in errors, HOSTS blocking did not affect the volume, frequency, or rate of data being transmitted.

_Original article, credit AE News"_

_root@localghost:~#_


----------



## tyroneweaver (Aug 28, 2015)

how about secure web browswers like Tor


----------



## Bleipriester (Aug 28, 2015)

tyroneweaver said:


> how about secure web browswers like Tor


I doubt that Tor can hinder Windows 10 from keylogging your input in the browser. Tor is funded by the US government, anyway, and you are in the NSA´s focus automatically when using a tool named Tor.

Those using Tor are fooled big time | US Message Board - Political Discussion Forum


----------



## flacaltenn (Aug 28, 2015)

There are scary features as far back as Win7.. I noticed that when I went to "save as" a file -- previous Win versions put up the file structure browse box and left it to you to navigate to the directory. Usually the default was the LAST directory you stored to. 

But in Win7 -- I started to notice an uncanny ability for the OS to PREDICT what directory I would store it in. As it would open the browse dialog with (more often than not) a great guess as to where I wanted a file. So for instance -- if you have 22 client directories and you just pasted up some notes on one of them in Word -- the save as would navigate to THAT CLIENT directory. OOOOOOOOOOOOOOOOAH. 

I'm convinced they are cataloging the content of your documents, extracting key search terms and comparing them to what RECENT work you are doing. 

Haven't verified this -- but I'm sure SOMETHING is going on.. Now it could be innocent. As in Microsoft attempting to "help" you work. But the question comes up -- if they are cataloging and analyzing your work content -- where ELSE might that be useful to them.    Hence MAYBE those Win10 features in the OP. 

Should this be the case -- pretty much end of the line for Microsoft for ANY business applications.. Buy stock in Linux variants just in case.. Right now...


----------



## Bleipriester (Aug 28, 2015)

flacaltenn said:


> There are scary features as far back as Win7.. I noticed that when I went to "save as" a file -- previous Win versions put up the file structure browse box and left it to you to navigate to the directory. Usually the default was the LAST directory you stored to.
> 
> But in Win7 -- I started to notice an uncanny ability for the OS to PREDICT what directory I would store it in. As it would open the browse dialog with (more often than not) a great guess as to where I wanted a file. So for instance -- if you have 22 client directories and you just pasted up some notes on one of them in Word -- the save as would navigate to THAT CLIENT directory. OOOOOOOOOOOOOOOOAH.
> 
> ...


I never heard about that feature or faced it.


----------



## flacaltenn (Aug 28, 2015)

Bleipriester said:


> flacaltenn said:
> 
> 
> > There are scary features as far back as Win7.. I noticed that when I went to "save as" a file -- previous Win versions put up the file structure browse box and left it to you to navigate to the directory. Usually the default was the LAST directory you stored to.
> ...



Are you regularly storing a lot of docs in folders? Not images or media, but MicroSoft Office or NotePad type text files??


----------



## Bleipriester (Aug 28, 2015)

flacaltenn said:


> Bleipriester said:
> 
> 
> > flacaltenn said:
> ...


No. But Office has a default location for saved documents: user\documents.


----------



## Ringel05 (Aug 28, 2015)

Bleipriester said:


> Whether there is a possibility that the following Windows 10 traffic analysis is a fake or not, it cannot be risked by people being in their right mind. Windows 10 is an always on keylogger, all your input will be sent to Microsoft. If you have a microphone, Microsoft receives all what you say. Microsoft will be indexing all your files, just when you start a local search for a popular movie or similar. When you plug in your webcam, you giving a free webcam show to Microsoft as large as 35 MB. If Windows 10 is idle for about 15 minuted, it will start recording your home, sending it to MS. Nothing of that can be turned off. So when you have Windows 10 running, it is about time to format c: and use another operating System.
> 
> _"_*A Traffic Analysis of Windows 10 *
> _Note: Some readers have commented that the original source for the article is of questionably validity. If anyone can confirm or refute the original author's finding with actual data, please let me know in the comments, and I'll update this post accordingly._
> ...


Turn off all the sharing with Microsoft features and don't use IE or whatever they're calling it now.  It's not hard to do.


----------



## longknife (Aug 28, 2015)

Thanks for your hysterical post but I've posted at least five threads showing exactly what you can do to stop Win10 sending browsing and other information to other websites.

Did you bother to read ANY of them?


----------



## Bleipriester (Aug 28, 2015)

Ringel05 said:


> Bleipriester said:
> 
> 
> > Whether there is a possibility that the following Windows 10 traffic analysis is a fake or not, it cannot be risked by people being in their right mind. Windows 10 is an always on keylogger, all your input will be sent to Microsoft. If you have a microphone, Microsoft receives all what you say. Microsoft will be indexing all your files, just when you start a local search for a popular movie or similar. When you plug in your webcam, you giving a free webcam show to Microsoft as large as 35 MB. If Windows 10 is idle for about 15 minuted, it will start recording your home, sending it to MS. Nothing of that can be turned off. So when you have Windows 10 running, it is about time to format c: and use another operating System.
> ...


Thanks for that great advice. Seems, I just have missed the option to turn off the always-on keylogger and the bug. Cannot read something about the "disable free webcam shows", either.


----------



## Ringel05 (Aug 28, 2015)

Bleipriester said:


> Ringel05 said:
> 
> 
> > Bleipriester said:
> ...


Local login and don't use IE (Edge).


----------



## Bleipriester (Aug 28, 2015)

longknife said:


> Thanks for your hysterical post but I've posted at least five threads showing exactly what you can do to stop Win10 sending browsing and other information to other websites.
> 
> Did you bother to read ANY of them?


Why do you create five threads on how to turn off Windows 10´s spying while you yet have to learn what a task manager is? Can´t you imagine, this malware cannot be prevented from spying on you except by deleting it completely? Not nice, to reply like that to my thread that is only meant to help you.


----------



## Bleipriester (Aug 28, 2015)

Ringel05 said:


> Bleipriester said:
> 
> 
> > Ringel05 said:
> ...


This isn´t helping. You did not read the report.


----------



## Ringel05 (Aug 28, 2015)

Bleipriester said:


> Ringel05 said:
> 
> 
> > Bleipriester said:
> ...


Not sure it true but I turned off the Cloud which is where it's probably coming from so I saw nothing.  However for me it's now a mute point, I just reverted back to Win 7.  I will make sure everything in 7 is locked down.


----------



## Bleipriester (Aug 28, 2015)

Ringel05 said:


> Bleipriester said:
> 
> 
> > Ringel05 said:
> ...


I would even consider a clean setup. What exactly are you going to disable in Win7?


----------



## Ringel05 (Aug 28, 2015)

Bleipriester said:


> Ringel05 said:
> 
> 
> > Bleipriester said:
> ...


Probably nothing I need to since I uninstalled IE, don't think that is an option in Win 10.  The only way Microsoft can communicate with my systems is if they do so through Firefox cause they're not getting through my firewall unless I let them.


----------



## Ringel05 (Aug 28, 2015)

Bleipriester said:


> Ringel05 said:
> 
> 
> > Bleipriester said:
> ...


Oh yeah, I found this:

How to Uninstall Microsoft Spying Updates from Windows 7/8


----------



## Bleipriester (Aug 28, 2015)

Ringel05 said:


> Bleipriester said:
> 
> 
> > Ringel05 said:
> ...


I disabled everything with the Windows Firewall  and allow only some programs that require Internet like Cyberfox but I am currently experimenting with Endpoint Protection. This tool has an unbeaten variety of options and also features a firewall. it is going to require some induction.


----------



## Bleipriester (Aug 28, 2015)

Ringel05 said:


> Bleipriester said:
> 
> 
> > Ringel05 said:
> ...


Checked some and don´t have them. I only install security updates that I get via an updatepack. Thanks, though.


----------



## Ringel05 (Aug 28, 2015)

Just double checked all my firewall setting, yup all Windows Management Access is turned off.


----------



## Bleipriester (Aug 28, 2015)

I just wonder, what MS could do with this sheer mass of data. It´s either creating profiles that are to be sold to companies or government filters or both.


----------



## Ringel05 (Aug 28, 2015)

Ya know going pure Linux or Hackentoshing is looking more appealing as I learn more about Microsoft products.  I may just have to give up gaming.


----------



## Bleipriester (Aug 28, 2015)

One could crack the games and use them on an unconnected OS only.


----------



## Ringel05 (Aug 28, 2015)

Bleipriester said:


> One could crack the games and use them on an unconnected OS only.


True, I could keep my Win 7 on a computer that is not connected to the internet but half of my games are via Steam and won't play unless I'm logged in.  I don't know how to crack software.


----------



## Bleipriester (Aug 28, 2015)

Ringel05 said:


> Bleipriester said:
> 
> 
> > One could crack the games and use them on an unconnected OS only.
> ...


Head over to gamecopyworld. The page is providing cracks, not games. In the normal case, you just have to replace some files of the downloaded games and they are portable and never need Steam again, though their prerequisites like DirectX, PhysX and VC Redistributable must be installed, if required, of course. You can find them in the redist folder of the game´s folder.

For example:






You must check the exe and dll files with virustotal. There could be malware but it is not easy to determine due to the many false alerts. However, if most of the scanners don´t find anything or say crack/hack tool/not a virus you are very probably save.

You can view the results of my
risen2.exe here: https://www.virustotal.com/de/file/...96387fe7fb724ae35e8d19be/analysis/1440813949/
steam_api.dll (for risen 2) here: https://www.virustotal.com/de/file/...f501d61248a88c8595baae89/analysis/1440814012/

You see, the exe has no alerts and the dll has 13/14 false alerts out of 56 scans and each scanner that gave an alert tells something different. Save. I have dozens of that "patches" and never ran into trouble so far.

You´ll find the games in your steam folder under apps or something.


----------



## Ringel05 (Aug 28, 2015)

Bleipriester said:


> Ringel05 said:
> 
> 
> > Bleipriester said:
> ...


That's something I'll have to research/learn, it's a higher level of Geekenese then I'm familiar with......


----------



## Bleipriester (Aug 28, 2015)

The work pays off. I like independence and convenience


----------



## flacaltenn (Aug 28, 2015)

Ringel05 said:


> Bleipriester said:
> 
> 
> > Ringel05 said:
> ...



And what keeps those updates from being reinstalled on a regular basis? 
Not fun.. And not what I want from OS supplier..


----------



## Bleipriester (Aug 28, 2015)

flacaltenn said:


> Ringel05 said:
> 
> 
> > Bleipriester said:
> ...


You can easily blacklist updates. It is called hidden updates. You can also configure Windows updates. It knows more than on/off.


----------



## HereWeGoAgain (Aug 28, 2015)

The gov knows all it wants to know out of you and there isnt a damn thing you can do about it.


----------



## Ringel05 (Aug 28, 2015)

flacaltenn said:


> Ringel05 said:
> 
> 
> > Bleipriester said:
> ...


If you're using XP, Vista and Win 7 (don't know about 8/8.1) but switch your updates to; _Notify me and let me decide _then when the update manager let's you know updates are available you check the updates, look for those numbers then right click on each one and select Hide Update.  It won't download or install, ever.  Win 10 doesn't give that option.


----------



## longknife (Aug 29, 2015)

*The latest Windows 10 privacy scare revolves around family accounts*










Let's set the hysteria aside and take a good look at the options. I don't know who the author is, but here's what he says:



_Of course, you can turn the feature off, but others have questioned whether or not Microsoft is still collecting the data and just not sending it to the parents. Once again, Microsoft is alarming Windows 10 users with its total lack of transparency._



My thought – if you're worried, don't try getting answers from the MS Support Forum as it's the most childish site around. Read more @ The latest Windows 10 privacy scare revolves around family accounts


----------



## Ringel05 (Aug 29, 2015)

longknife said:


> *The latest Windows 10 privacy scare revolves around family accounts*
> 
> 
> 
> ...


That's not what the OP article is talking about and no, it doesn't just revolve around the family accounts, that's a deflection (by the article author) at worst, or a complete lack of knowledge by the author at best.
What the OP article is addressing is communication between personal computers and Microsoft servers even if all the privacy settings are set to _No_ or _Off_.


----------



## Ringel05 (Aug 29, 2015)

I've just read a few writeups on this issue, it's still confusing as some claim the keylogging is only on the technical release as that was when they were testing the OS and was needed.  Some seem to say it's still on the "finished" release but it's not clear whether the author was referring to the technical or 'finished" release.


----------



## Ringel05 (Aug 29, 2015)

One thing Win 10 can do is detect and disable pirated software and uncertified gaming controllers.  From what I understand you have to use Cortana or be logged into your Microsoft account for the detection to work.


----------



## Bleipriester (Aug 29, 2015)

I prefer an OS of which nobody says it sends my input to someone.


----------



## Ringel05 (Aug 30, 2015)

Bleipriester said:


> I prefer an OS of which nobody says it sends my input to someone.


I don't think Bortnikov would approve........


----------



## Bleipriester (Aug 30, 2015)

Ringel05 said:


> Bleipriester said:
> 
> 
> > I prefer an OS of which nobody says it sends my input to someone.
> ...


Russia has no interest in my personal behavior.


----------



## Ringel05 (Aug 30, 2015)

Bleipriester said:


> Ringel05 said:
> 
> 
> > Bleipriester said:
> ...


Personal.... probably not.....  Professional......  Uuummmmm.......


----------



## Bleipriester (Aug 30, 2015)

Ringel05 said:


> Bleipriester said:
> 
> 
> > Ringel05 said:
> ...


Doesn´t make sense anyway.


----------



## Ringel05 (Aug 30, 2015)

Bleipriester said:


> Ringel05 said:
> 
> 
> > Bleipriester said:
> ...


Bustin' your balls.  Though given your position on certain issues there's a 50/50 chance you are FSB or something similar......  Given how fast you replied to the Bortnikov quip the probability percentage rose dramatically.......  How many people know who Bortnikov is.......


----------



## Bleipriester (Aug 30, 2015)

Ringel05 said:


> Bleipriester said:
> 
> 
> > Ringel05 said:
> ...


My FSB frequency is 1066 Mhz.


----------



## Ringel05 (Aug 30, 2015)

Bleipriester said:


> Ringel05 said:
> 
> 
> > Bleipriester said:
> ...


Yeah, we know.......


----------



## Bleipriester (Aug 30, 2015)

Ringel05 said:


> Bleipriester said:
> 
> 
> > Ringel05 said:
> ...


So you are an NSA employee, then?


----------



## Ringel05 (Aug 30, 2015)

Bleipriester said:


> Ringel05 said:
> 
> 
> > Bleipriester said:
> ...


Who.....?


----------



## Bleipriester (Aug 30, 2015)

I knew it!


----------



## Ringel05 (Aug 30, 2015)

Bleipriester said:


> I knew it!


Okay, ya got me, I'm with No Sugar Added.......


----------



## Bleipriester (Aug 30, 2015)

Ringel05 said:


> Bleipriester said:
> 
> 
> > I knew it!
> ...


So I heard our domestic secret service BfV provided data (To the maximum extent possible share all data relevant to NSA's mission) to the NSA in exchange for XKeyscore. I want that tool, to. Just for my collection, you know? So, what do you want to know?



NSA helps German domestic intelligence agency: XKeyscore - the document


----------



## Ringel05 (Aug 30, 2015)

Bleipriester said:


> Ringel05 said:
> 
> 
> > Bleipriester said:
> ...


Such is life......


----------



## Bleipriester (Aug 30, 2015)

Ringel05 said:


> Bleipriester said:
> 
> 
> > Ringel05 said:
> ...


Come on, you know more


----------



## Ringel05 (Aug 30, 2015)

Bleipriester said:


> Ringel05 said:
> 
> 
> > Bleipriester said:
> ...


Never met more.....  Or was the Moore?


----------



## Bleipriester (Aug 30, 2015)

lol


----------

