You Will Be Startled At The Amount Of Freedom You Are Giving Microsoft

[Niki]

All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:
oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com

Telemetry is sent once per 5 minutes, to:
vortex.data.microsoft.com
vortex-win.data.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net

typing the name of any popular movie into your local file search starts a telemetry process that indexes all media files on your computer and transmits them to:
df.telemetry.microsoft.com
reports.wes.df.telemetry.microsoft.com
cs1.wpc.v0cdn.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com

When a webcam is first enabled, ~35mb of data gets immediately transmitted to:
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net

Everything that is said into an enabled microphone is immediately transmitted to:
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.urs.microsoft.com
cs1.wpc.v0cdn.net
statsfe1.ws.microsoft.com

If this weren't bad enough, this behaviour still occurs after Cortana is fully disabled/uninstalled.

Interestingly, if Cortana is enabled, the voice is first transcribed to text, then the transcription is sent to:
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com
df.telemetry.microsoft.com

The server list is not final, here is a fresh list of advertising and "3rd party" servers that Windows 10 communicates with:
licensing.md. mp. microsoft. com
solitaireprod. maelstrom xboxlive.com.
go.Microsoft.com
tunnel. trustedsource.org cfw.
Download-ssl.msgamestudios.com
mobileads.msn.com
fw.adsafeprotected.com
SC. iasds01. com
dt.adsafeprotected.com
ad.DoubleClick.NET
googleads4. g. doubleclick. net
DC. services. visualstudio.com
mpd.mxptint.net
updatekeepalive.mcafee.com
sm.mcafee.com
mcafee.com su3.
ocsp.usertrust.com
storeedgefd. dsx. mp. microsoft. com
mscrl.microsoft.com

 

[Niki]

Users Can NOT turn off the contact with Microsoft...
=====================================
www.forbes.com/sites/gordonkelly/2015/11/02/microsoft-confirms-unstoppable-windows-10-tracking/
“In the cases where we’ve not provided options, we feel that those things have to do with the health of the system,” he said. “In the case of knowing that our system that we’ve created is crashing, or is having serious performance problems, we view that as so helpful to the ecosystem and so not an issue of personal privacy, that today we collect that data so that we make that experience better for everyone.”
"Speaking to PC World, Microsoft Corporate Vice President Joe Belfiore explained that Windows 10 is constantly tracking how it operates and how you are using it and sending that information back to Microsoft by default. More importantly he also confirmed that, despite offering some options to turn elements of tracking off, core data collection simply cannot be stopped:"

Still, whether or not you agree with Belfiore’s standpoint that this doesn’t invade user privacy, it does seem strange that it has taken Microsoft so long to come clean and admit core Windows 10 background data collection processes cannot be stopped. Instead it gave the impression that turning off all user accessible spying options in Windows 10 settings would provide owners with full privacy – that’s tantamount to spying.

No way to stop Disk Encryption Keys being sent to Microsoft..
=======================================
[link to www.blacklistednews.com]
There's no way to turn off the "recovery" feature that sends your disk encryption keys to Microsoft by default, without notice -- though you can (and should) ask Microsoft to forget the keys later.

EDIT: - it's ok, in "Gulag Archipelago" they'd either beat you with a spanner, or feed you salty fish with no water, until you gave up the information they wanted. Now, at least they don't have to hurt you!

Windows 10 has many unprecedented anti-user features: a remote killswitch that lets it disable your hardware; keylogging and browser-history logging that, by default, sends it all to Microsoft, and a deceptive "privacy mode" that continues to exfiltrate your data, even when you turn it on.


Privacy settings ineffective:
=========================
www.arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/
www.boingboing.net/2015/08/14/even-when-you-turn-on-win-10.html
By default, Windows listens to you, gathers your keystrokes, watches your browser history and purchases and sends them to Microsoft and its partners
-- but even if you turn off all the tickboxes in the hellishly complex privacy dashboard it still gathers and sprays your data.
...
some traffic seems quite impenetrable. We configured our test virtual machine to use an HTTP and HTTPS proxy (both as a user-level proxy and a system-wide proxy) so that we could more easily monitor its traffic, but
*Windows 10 seems to make requests to a content delivery network that bypass the proxy*.
...
If Web searching and Cortana are disabled, we suspect that the inference that most people would make is that searching the Start menu wouldn't hit the Internet at all. But it does.
*The traffic could be innocuous, but the inclusion of a machine ID gives it a suspicious appearance.*


No way to stop the Killswitch:
==========================================
[link to boingboing.net]
When you click through the Windows 10 "agreement," you agree to let Microsoft subject your games and hardware to authenticity tests and to shut down anything it doesn't like the looks of.

EULA Section 7b – or “Updates to the Services or Software, and Changes to These Terms” – of Microsoft’s Services EULA stipulates that it “may automatically check your version of the software and download software update or configuration changes, including those that prevent you from accessing the Services, playing counterfeit games, or using unauthorised hardware peripheral devices.”



Your computer's BIOS is being messed with:
==============================
Windows 10 free License Activation only allows windows to run on the same hardware, so in every boot it Checks bios to see if the hardware is the same.

But apparently Windows 10 is actually *writing* to the Bios, which was discovered only because it actually killed or crippled some computers.

[link to resources.infosecinstitute.com]
"NSA BIOS Backdoor a.k.a. God Mode Malware"
If the new win install f****s with your bios, it's possible!

Crippled PC's:
[link to www.tomshardware.com]
[link to answers.microsoft.com]



If you need any confirmation, it's written right into the EULA.
============================================
"Microsoft’s Windows 10 has permission to watch your every move"
[link to www.techworm.net]

"Windows 10 is spying on almost everything you do"
"...we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders)"
[link to bgr.com]


And if you back out....
=========================
[link to www.infoworld.com]
We also don't know what happens if a customer declines the EULA. Will the installer come back again? Will it leave the PC in a bizarre state, with 3GB to 6GB of unwanted files hanging around in a hidden folder? What happens when you reboot?
my edit:
(presumably, if you back out, the nsa still has it's BIOS installed, so you won't feel too alone if you get stuck!)





Wikipedia:
========
A computer virus is a malware program that, when executed, replicates by inserting copies of itself (possibly modified) into other computer programs, data files, or the boot sector of the hard drive; when this replication succeeds, the affected areas are then said to be "infected".[1][2][3][4] Viruses often perform some type of harmful activity on infected hosts, such as
*stealing hard disk space* or CPU time,
*accessing private information*, corrupting data, displaying political or humorous messages on the user's screen, spamming their contacts,
*logging their keystrokes*, or even rendering the computer useless.

Dictionary.com VIRUS:
==============
a segment of self-replicating code planted illegally in a computer program, often to damage or shut down a system or network.


W10 has been planted on many W7 and W8 users' computers without their consent via forced updates, and yes, it *does* self-replicate. It logs keystrokes, steals disk space of W7/W8 users, and has many features of a 'virus':

Self-replicating:
--------------
This operating system even uses your bandwidth to upload updates to other Windows users...
[link to www.networkworld.com]
Microsoft's decision to deploy Windows 10 with a function enabled to deliver Microsoft content via a peer-to-peer back door to fellow consumers is an egregious case of a vendor stealing users' bandwidth.

Downloads without consent (also steals disk space):
---------------------------------------------
www.computerworld.com/article/2984312/microsoft-windows/micro softs-decision-to-pre-load-windows-10-upgrade-sans-consent-is -ill-advised.html
Microsoft late last week backed off the claim that its pre-loading of Windows 10 on devices whose owners had **not** reserved the free upgrade was "an industry practice." When asked to cite some examples Friday, Microsoft instead issued a revised statement that omitted the phrase.

The ubiquitous KB3035583 update: Windows 10 "nagware" endlessly nags you to upgrade:
www.infoworld.com/article/3016033/microsoft-windows/enough-al ready-microsoft-pushes-windows-nagware-patch-kb-3035583-for-s ixth-time.html

[link to www.infoworld.com]
As a "recommended" update, the Windows 10 installer launches automatically on Windows 7 and 8.1 computers with default settings.

They add that microsoft promised: "You can specify that you no longer want to receive notifications of the Windows 10 upgrade through the Windows 7 or Windows 8.1 settings pages." -- What happened to the promised setting? (edit: it's not there!)

In addition to turning off "recommended" updates, some are advising W7/W8 users to make the following change:
In dos prompt type in: services.msc -> hit enter -> find windows update -> right click/properties-> disable

 

[Niki]

If you need any confirmation, it's written right into the EULA.

 

[davehc]

The only thing which startled me was that most of your links led to a very doubtful site.
I see from your one previous thread, from last year, that you do, seemingly, have a strong grudge toward MS.

Like so many, you have chosen to single out MS for so-called "spying" activities.
If they have an organisation even bigger and more resourceful, than the CIA, then it could be something to be cautious about.
As it is. many programs which users nonchalantly install on their computers, can easily be and, in many cases do, report back to the home site. This, for example, with Anti virus programs, where you are often asked to tick an item,, which sends back reports of any malware your computer encounters

If you are really worried regarding the contents, as stated in your post, the safest option would be to keep your internet connection disabled, or, as was your inclination in your other thread, change to the open source Linux.

 

[Tim Locke]

Well, an answer would be to use a non-Windows firewall, preferably a separate box between the PC and your router and make rules that disallow any outbound connections apart from the website that you visit. I suspect one would soon have a list of other sites that you'd need to permit but combined with adding all Niki's sites to the not-permitted list it should quieten down the chattiness somewhat.

I might try that, have a spare PC, just need a 2nd NIC and I could have a Linux based firewall up within a couple of hours.

I wonder if Windows will still work?

 

[Tim Locke]

I turned off most of the non-MS apps on my PC and, ran Wireshark and left it alone for an hour or so. It did chat to a couple of the sites mentioned but I have neither a camera nor a microphone connected and of course there was no keyboard activity. I was surprised how many sites answered IPV6 DNS queries with an AAAA record...definitely far more than a year ago.

 

[Tim Locke]

Just saw this. Interesting in the context of the above.

http://www.zdnet.com/article/when-it-comes-to-windows-10-privacy-dont-trust-amateur-analysts/

 

[Alan Sh]

Scaremongering of the worst sort. This Niki person should do more research

 

[clifford_cooley]

Does anyone here put any stock in TweakTown?

http://www.tweaktown.com/news/50308...-microsoft-ip-addresses-5500-times/index.html

Since the release of Windows 10, we've been slowly learning just how much of a spying tool it is for Microsoft, but these new numbers are going to blow you away.

<image removed>

Voat user CheesusCrust has completed some extensive testing on Windows 10, where he reports that during an 8-hour period, Windows 10 attempted to send back data from his PC to over 51 different IPS addresses owned by Microsoft, and at a staggering 5500 times.

After 30 hours, the data being sent back to Microsoft from Windows 10 expanded to a huge 113 non-private IP addresses. These IP addresses being non-private means that hackers can intercept that data, which makes anyone using Windows 10 very, very vulnerable. You might think this is just a once-off, and that the proof can't be replicated? Yeah, well, no.

The testing was repeated on another Windows 10 clean installation with all of the data tracking options completely disabled, and third-party tool DisableWinTracking was installed, which attempts to shut down all of the hidden Windows 10 data reporting attempts. This didn't help, as at the end of the 30-hour period, Windows 10 had still pushed data to Microsoft 2758 times, across 30 different IP addresses.

 

[davehc]

This is only my view!!

Nothing much has changed, from Windows 7 to Windows 10. The Eula and agreement have had a text overhaul, in keeping with more aggressive legal practise. But if you interpret them correctly, they come down to the same thing. You have given Microsoft the full rights to have a look at you OS, whenever. They can even suspend it, if any breaches of procedure are found. This evne existed back in XP, but, suddenly seems to have take prominence, with Windows 10.

I have isolated the two significant sections, below, but if any readers are concerned, you may care to look at the agreement which I have linked.

Windows 10

Privacy; Consent to Use of Data.
Your privacy is important to us. Some of the software features send or receive information when using those features. Many of these features can be switched off in the user interface, or you can choose not to use them. By accepting this agreement and using the software you agree that Microsoft may collect, use, and disclose the information as described in the Microsoft Privacy Statement (aka.ms/privacy), and as may be described in the user interface associated with the software features

aka.ms/privacy
https://privacy.microsoft.com/en-gb/privacystatement

Windows 7

The software will from time to time perform a validation check of the software. The check may be initiated by the software or Microsoft. To enable the activation function and validation checks, the software may from time to time require updates or additional downloads of the validation, licensing or activation functions of the software. The updates or downloads are required for the proper functioning of the software and may be downloaded and installed without further notice to you. During or after a validation check, the software may send information about the software, the computer and the results of the validation check to Microsoft. This information includes, for example, the version and product key of the software, any unauthorized changes made to the validation, licensing or activation functions of the software, any related malicious or unauthorized software found and the Internet protocol address of the computer. Microsoft does not use the information to identify or contact you. By using the software, you consent to the transmission of this information. For more information about validation and what is sent during or after a validation check, see go.microsoft.com/fwlink/?Linkid=104611. c. If, after a validation check, the software is found to be counterfeit, improperly licensed, a non-genuine Windows product, or include unauthorized changes, the functionality and experience of using the software will be affected, for example: Microsoft may · repair the software, remove, quarantine or disable any unauthorized changes that may interfere with the proper use of the software, including circumvention of the activation or validation functions of the software, or · check and remove malicious or unauthorized software known to be related to such unauthorized changes, or · provide notices that the software is improperly licensed or a non-genuine Windows product Windows 7

http://windows.microsoft.com/en-gb/windows7/windows-7-privacy-statement#T1=highlights

 

[clifford_cooley]

Sure but 16,000 connections a day is quite a bit overboard. They could log everything and send out a couple times a day to look less suspicious.

 

[davehc]

Those connections could be for a variety of reasons, and not directly connected to Microsoft collection policies.
There have been many follow ups to the link you posted, both favourable and in protest. Here is one from the source, for example

https://blogs.windows.com/windowsexperience/2015/09/28/privacy-and-windows-10/

This argument has gone on for many years, and certainly predates Windows 10. It will continue to go on, as it is a personal viewpoint from individuals.
I would ask, though, from interested readers of this thread, How many have subscribed to online storage facilities, including Microsoft's own, or facebook and similar. - Much more dangerous!

 

[jmccleary50]

I use One Drive. Didn't like it or know how to use it at first but eventually learned. I consider cloud storage similar to register cleaners and driver updaters: Gee. there's only 1200 things wrong with your PC and we've got just the fix you need. be sure to register (enter credit card number) to apply fixes.