Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Privacy Windows

How To Keep Microsoft's Nose Out of Your Personal Data In Windows 10 426

MojoKid writes: Amid the privacy concerns and arguably invasive nature of Microsoft's Windows 10 regarding user information, it's no surprise that details on how to minimize leaks as much as possible are often requested by users who have recently made the jump to the new operating system. If you are using Windows 10, or plan to upgrade soon, it's worth bearing in mind a number of privacy-related options that are available, even during the installation/upgrade. If you are already running the OS and forgot to turn them off during installation (or didn't even see them), they can be accessed via the Settings menu on the start menu, and then selecting Privacy from the pop-up menu. Among these menus are a plethora of options regarding what data can be gathered about you. It's worth noting, however, that changing any of these options may disable various OS related services, namely Cortana, as Microsoft's digital assistant has it tendrils buried deep.
This discussion has been archived. No new comments can be posted.

How To Keep Microsoft's Nose Out of Your Personal Data In Windows 10

Comments Filter:
  • HOSTS file (Score:5, Funny)

    by Anonymous Coward on Wednesday August 26, 2015 @06:52PM (#50398949)

    "How To Keep Microsoft's Nose Out of Your Personal Data In Windows 10"

    How about a new HOSTS file? APK?

    • Re:HOSTS file (Score:4, Insightful)

      by Anonymous Coward on Wednesday August 26, 2015 @07:02PM (#50398995)

      You joke, but that pretty much IS the only way. Tons of experiments and wire captures have already shown that no matter what settings you disable, the OS still sends TONS of info back to MS servers.

      • Re:HOSTS file (Score:5, Insightful)

        by U2xhc2hkb3QgU3Vja3M ( 4212163 ) on Wednesday August 26, 2015 @08:04PM (#50399317)
        Until the OS ignores your HOSTS file for some hard-coded domains. If you can't trust your OS, why are you trusting it to filter things out? The filtering has to come from outside, from another system.
        • Re:HOSTS file (Score:5, Insightful)

          by rudy_wayne ( 414635 ) on Wednesday August 26, 2015 @08:09PM (#50399345)

          Until the OS ignores your HOSTS file for some hard-coded domains. If you can't trust your OS, why are you trusting it to filter things out? The filtering has to come from outside, from another system.

          That's why you need to use a firewall. A real one, not that Windows Firewall crap. And block any outgoing connections you don't approve.

        • Re:HOSTS file (Score:5, Insightful)

          by thegarbz ( 1787294 ) on Thursday August 27, 2015 @12:32AM (#50400141)

          Until the OS ignores your HOSTS file for some hard-coded domains.

          What do you mean until? [slashdot.org]

      • All over the interwebs people are posting information on how to block this. It will be interesting to see what Microsoft's reaction is. I can't believe they went to all the trouble to design and implement this and aren't going to push back against people trying to disable it.

        • by unrtst ( 777550 )

          ... I can't believe they went to all the trouble to design and implement this and aren't going to push back against people trying to disable it.

          Really? What percentage of people are actually going to disable (and/or block) all of it? What percentage will disable *any* of it? ANYONE that wants cortana to work, which seems to be a large part of their marketing, will have to keep most of it enabled. Will the percentage that's left from those be enough to justify what was done? (the answer is "Hell yes it will, unless some lawsuit somehow gets in the way").

          Now, you may be thinking something along the lines of, "while alienating all their true supporter

      • Re: (Score:2, Informative)

        by Anonymous Coward

        You joke, but that pretty much IS the only way. Tons of experiments and wire captures have already shown that no matter what settings you disable, the OS still sends TONS of info back to MS servers.

        This has been posted a few places on the net. Set all the below addresses to 0.0.0.0, because /. won't allow me to use 0.0.0.0 so many times. Too many "junk" characters!

        vortex.data.microsoft.com
        vortex-win.data.microsoft.com
        telecommand.telemetry.microsoft.com
        telecommand.telemetry.microsoft.com.nsatc.net
        oca.telemetry.microsoft.com
        oca.telemetry.microsoft.com.nsatc.net
        sqm.telemetry.microsoft.com
        sqm.telemetry.microsoft.com.nsatc.net
        watson.telemetry.microsoft.com
        watson.telemetry.microsoft.com.nsatc.net

        • You joke, but that pretty much IS the only way. Tons of experiments and wire captures have already shown that no matter what settings you disable, the OS still sends TONS of info back to MS servers.

          This has been posted a few places on the net. Set all the below addresses to 0.0.0.0, because /. won't allow me to use 0.0.0.0 so many times. Too many "junk" characters!

          vortex.data.microsoft.com
          vortex-win.data.microsoft.com
          telecommand.telemetry.microsoft.com
          telecommand.telemetry.microsoft.com.nsatc.net
          oca.telemetry.microsoft.com
          oca.telemetry.microsoft.com.nsatc.net
          sqm.telemetry.microsoft.com

          . . . . etc.

          That's only some of them. I've been collecting all the ones I could find form various sources and the total number of them is now over 100.

          • Re:HOSTS file (Score:5, Informative)

            by SuricouRaven ( 1897204 ) on Thursday August 27, 2015 @12:56AM (#50400221)

            I've been doing it by IP range, watching a fresh Windows 10 install to see what it contacts.

            65.52.108.0/14 #update.microsoft.com, licensing.md.mp.microsoft.com, v10.vortex-win.data.microsoft.com. Update has an alternate in another range.
            104.40.0.0/13
            204.79.196.0/23 #Start menu searches.
            23.93.0.0/13
            157.54.0.0/15
            157.60.0.0/16
            191.236.0.0/14
            207.46.0.0/16
            131.253.62.0/23
            131.253.64.0/18
            131.253.61.0/24 #login.live.com
            131.253.128.0/17
            191.232.0.0/14 #settings-win.data.microsoft.com
            #Do not block these, required for updates:
            #157.56.0.0/14 #sls.update.microsoft.com
            #191.232.0.0/14 #windowsupdate.microsoft.com

            I also had to block all subdomains for appex.bing.com, appex-rf.msn.com and cms.msn.com. Can't IP-block those as they are CDNs.

    • Re:HOSTS file (Score:5, Informative)

      by gweihir ( 88907 ) on Wednesday August 26, 2015 @07:05PM (#50399003)

      Reportedly, at least part of the addresses are hard-coded in the software in a way that bypasses the hosts-file. There are confirmed reports for the latest 4 snooping updates for Win7/8 of this, so I suspect it can be true for Win10 as well. Of course, in order to get past the hosts-file, you have to bypass parts of the networking stack, i.e. a lot of criminal energy is involved.

      • Or just block the URLs/IP addresses later down the network stream, like at the router.
      • There are confirmed reports for the latest 4 snooping updates for Win7/8 of this

        If this is true, it's class-action time and count me in. I paid full retail for multiple copies of Win7, and did not do so to be spied on. Citation, please?
      • Google does the same thing. Both Android devices and chromecast ignore the DNS in the DHCP negotiation and use Google DNS servers at least for netflix. This makes it more difficult to use DNS-based region modifiers like unblock-us, since you have to block 8.8.8.8 and 8.8.4.4 at the router.
    • Re:HOSTS file (Score:5, Insightful)

      by binarylarry ( 1338699 ) on Wednesday August 26, 2015 @07:19PM (#50399083)

      Use a modern OS instead of Windows.

    • Re:HOSTS file (Score:4, Insightful)

      by gweilo8888 ( 921799 ) on Wednesday August 26, 2015 @07:53PM (#50399251)
      Nope. The only realistic way is not to install it -- and you're a moron if you do.
    • Get a slightly intelligent router, something that runs OpenWRT or so, and take care of the issue at the source.

    • Re:HOSTS file (Score:5, Insightful)

      by chipschap ( 1444407 ) on Wednesday August 26, 2015 @09:54PM (#50399723)

      Just run Linux, works every time.

  • by ozduo ( 2043408 ) on Wednesday August 26, 2015 @06:55PM (#50398963)
    don't install the damm thing!
    • not good enough (Score:2, Informative)

      by Anonymous Coward

      Purportedly M$ is also issuing updates to Win7/8 that would mirror Win10 behavior. You want out? Install Linux (or FreeBSD)

      • This is believable. There's nothing in this that requires new fundamental operating system infrastructure. Except maybe Cortana but that's more of an application than an operating system component, and the first thing any thinking person would shut off or uninstall).

  • by Irate Engineer ( 2814313 ) on Wednesday August 26, 2015 @06:57PM (#50398969)

    Just install Linux.

    You're welcome.

  • Beside the point (Score:5, Insightful)

    by zAPPzAPP ( 1207370 ) on Wednesday August 26, 2015 @07:00PM (#50398985)

    Yes, I can see the options during the setup. Years of updating Java have trained me to uncheck everything.
    Anyway that is old news.

    We want to know more about the things you can not set in the options.
    Ways to prevent forced updates?
    Remove hidden services?

    • Re: (Score:2, Funny)

      by Anonymous Coward

      Right, the next installer I write will have a "Don't fuck everything up" checkbox, checked by default, just for you!

      • Good idea. Added unnecessary features should always be an opt-in choice. Also installing a third party anti-malware program, or third party search bar, or a third party browser, or any third party demo, should be opt-in only.

        Another good improvement. If the user has ever unchecked "automatically install new updates" and instead checked "notify me about new updates", then the installer should remember that choice in the future.

    • To disable forced updates, go into Services and set Windows Update to Disabled. Then put an icon for Services on the task bar

  • by Marrow ( 195242 ) on Wednesday August 26, 2015 @07:01PM (#50398991)

    If the default is "on" , what if a bug in the code resets the setting or ignores the setting. Are there any indicators that this information is going out? Can there be any indicators? What is the amount of encrypted traffic going out from the system to microsoft? Any way to look at what is being sent at any point in time? Does it ever log what was sent? Can it?

    • An update could add a new setting at any time, and fail to notify the user about the new option and the new undesirable default setting. Not hypothetical, there are applications that do this.

    • by bondsbw ( 888959 )

      Are there any indicators that this information is going out?

      Yes. To find the indicator, open your web browser. In the address bar, enter "wireshark.org". Press enter. Find your way to the download, and download the appropriate installer. Run the installer. Run the application. Learn how to use it.

      Oh, wait... you meant indicators in the OS? Ha. Right. What makes you think they would exist? It's kind of silly to expect there to be indicators showing for these particular things. If everyone got indicators for every little thing they wanted, then the whole s

    • If the default is "on" , what if a bug in the code resets the setting or ignores the setting.

      That's not a bug, it's how the software was designed to work.
  • by Anonymous Coward

    it's funny that considering how "deep" Cortana is, it gets utterly confused and useless when I say "Cortana start microsoft word".

  • by Anonymous Coward

    I'm just waiting for the coffee table book now.

  • by Maxo-Texas ( 864189 ) on Wednesday August 26, 2015 @07:15PM (#50399059)

    I've been with windows for close to two decades.

    But I'm probably going to either use an older windows box or just bite the bullet and go to linux for my "real" machine. I might use windows for a gaming machine.

    I've used openoffice then libre office for years now and no longer even occasionally dip back into Word.

    I've disliked the tighter microsoft email/social account integration for a while now.

    I really dislike what I'm hearing about the new o/s. I stopped using facebook because of similar actions.
    it's like being fabulously wealthy isn't enough. If windows 10 goes forward as is, I probably won't go with it.

    • by MrL0G1C ( 867445 ) on Wednesday August 26, 2015 @07:37PM (#50399173) Journal

      Ditto, I hate the idea of MS spying on what I'm doing and it's not known what info they still send back even though you've turned off all the privacy destroying options. And now they're refusing to say what the purpose of new updates is.

      So, fuck you Microsoft, I'm advising everyone to install Linux from now on, this crap is not worth it, not even for free.

      • Yeah enough is enough, a line has been crossed.

      • by mcrbids ( 148650 )

        I'm advising everyone to install Linux from now on, this crap is not worth it, not even for free.

        If you're this late in the game and *finally* saying this, well, welcome to the club!

        I switched almost 20 years ago to Linux, when my Windows 98 computer emailed a word file of customer names and (private) contact info with a virus. Realizing the risk of staying with an insecure platform, I jumped to using Linux for my workstation full time.

        I've never looked back.

        RedHat Linux became Fedora/RHEL/CentOS but picking the "main" commercial distro at the time has paid enormous dividends over the years! In the int

    • You will ask yourself why you didn't do it earlier Maxo. I would recommend you start with Linux Mint, I think it is the best distro by far if you want a machine that just works and feels natural.

      For myself I have been running Linux on my main machine for the last 5 years and keep a windows box for games. Having small kids and a more than full time job means it doesn't even get turned on that much anymore. Add on to that that more and more of the games I play are appearing in Linux and windows gets used l

  • by Anonymous Coward on Wednesday August 26, 2015 @07:35PM (#50399163)
    Was when I was looking at the app store, but it said I had to log in to my microsoft account to use any of the apps. OK, logged in with my hotmail account which has a long complex password, which was copy/pasted with my password manager. I turn my PC off for the night, next day it won't take my usual password because it's now not a local machine logon, but is my microsoft logon, which I can't fill in because I can't open my password manager. Luckily I backup the keepass data to a USB flashdrive, so I fire up my other real OS which is linux so I can write down the frigging password to get the windows pile of shit logged back in. Screw MS... wiping the drive and installing linux.
    • Avoid the app store. I think it's utterly ridiculous that you need a third party account merely to use the free applications. It only does this because it wants people to have that account so that they can push their stupid store on users; once you have the account it thinks people will be hooked and start spending money on stuff, one-touch click to install useless junk, etc.

      And of course once you have a linked Microsoft account, it can really go full bore on tracking what you run, what you buy, what you s

    • by AmiMoJo ( 196126 ) on Thursday August 27, 2015 @02:57AM (#50400593) Homepage Journal

      When you logged in to the app store you were asked if you wanted to convert your account to a Microsoft online account, or just log in to the app store. You must have ignored that question and blindly clicked through it, and hence your account was converted (unfortunately that is the default).

      http://www.guidingtech.com/ass... [guidingtech.com]

  • The lack of control (Score:4, Informative)

    by Anonymous Coward on Wednesday August 26, 2015 @08:01PM (#50399297)

    The thing that pisses me off about Windows 10 is the apparent lack of control the user has with their own machine. Exhibit A: http://www.tenforums.com/attac... [tenforums.com]

    Check out the real-time protection option. "You can turn it off temporarily, but if it's off for a while, we'll turn it back on automatically." What bullshit is that? First, it doesn't tell you what it constitutes as "a while". A day? A week? A month? Second, the fact that it believes that power users are extinct and might have an edge-case for permanently disabling it is ridiculous. It's based off of Microsoft Security Essentials, and I disabled the real-time protection when installed on Win 7 on my netbook because it was just too much for the poor little Atom processor to deal with. If I needed to scan something, I'd do it on-demand. Here, I have no permanent solution because Windows 10 thinks it knows better than my situation.

    Windows 10 is peppered with many other areas which make me feel less in control than I used to. I know that I can't have full control when running a proprietary system, but it's all about degrees, and Win 10 feels far less catered for power users than Win 7.

    • Windows 10 assumes the user to be technologically ignorant because the vast majority of computer users *are*.

      Computers have matured to the point where, like cars, you need only the vaguest idea how they work in order to use them. There was a time when anyone who wanted to drive a car needed to be familiar with the technology in order to carry out frequent maintenance and repair the many breakdowns in the field - that is where computers used to be. Now the car is a mature technology people can stop worrying

  • by Anonymous Coward

    From all the articles I've read about Windows 10, it looks like there are quite a number of settings that must be made to stop all that "phone home" behavior.

    The number of changes is large enough so that I don't trust myself to do them all by clicking various GUI screens. I'll inevitably miss one or get it wrong -- which is unacceptable when privacy and security are at stake.

    Does anyone know of any software yet that fixes Windows 10's abuses using a single-step installer?

  • Equivalently: "How may I [consort with] a brothel of multiply infected hookers who have graduate biomed degrees, practical research in communicable infection and a fervent INTENT to infect their customers?"

    As WOPR said in "Wargames", 30+ years ago, "Interesting game. The only way to win is not to play."

  • Within 3 to 6 months some tool will come out from someone, similar to classic shell but for privacy. It'll disable any and everything properly and "fix" any odd crap straight up.

    Let other people get messy with it.
    I mean you could just not use it but for some of us, that isn't an option.
    I'm happy to wait for a cool tool, probably be published like most useful free tools on Ninite.com as well, it'll be a piece of cake.

    Let others beta test.

  • Just because you kill a feature in 'settings' doesnt mean that they have to oblige. You can't see the code so you cannot be sure if changing the settings actually changes anything

  • by Gravis Zero ( 934156 ) on Wednesday August 26, 2015 @11:36PM (#50399985)

    Thanks Microsoft! Windows 10 gives all the users that were thinking of trying Linux an obvious incentive to make the switch!

  • by DoofusOfDeath ( 636671 ) on Thursday August 27, 2015 @01:02AM (#50400233)

    My wife has a small photography business, and Photoshop and Lightroom are huge aspects of her photo editing workflow. She's invested untold hours building up skills in them, and that proficiency really pays off in terms of the quality and speed of her editing work.

    Right now she edits on our Windows 7 box. I'm almost dead set against us using Windows 10 because of this privacy crap (and now I apparently have to try undoing the telemetry those assholes snuck into Windows 7.)

    I feel caught between a rock and a hard place, because switching to a Mac would be an unwelcome expense for us. Also an business risk, since I can cheaply repair or upgrade a PC, but I have not expectation of being able to do that on a Mac. So if a Mac craps out near one of her deadlines, I'm not confident that I can get it (or a replacement) online as fast as we really want.

    I'm just amazed at how hard Microsoft is working to drive us away. They've gone from being a reasonable partner for our kind of business (Windows 7), to being one of our largest sources of medium- and long-term risk. They're now making our decision to use Windows for her business, into a strategic mistake.

    I really hope Adobe comes up with some decent solution to people in our shoes. If they have a Linux port of Creative Suite in their back pocket, this would be a dandy time to start selling it.

Every nonzero finite dimensional inner product space has an orthonormal basis. It makes sense, when you don't think about it.

Working...