The problem with using Pfsense to block Windows 10 spying is at best it is just a stop gap, Microsoft will change it ip address, so this trick won't be very effective for long. If you are really concerned about Windows 10 spying on you, as I am, the best solution is to switch to Linux or setup a KVM under Linux. This is my two cents on the subject, others may have a different opinion which is okay.
x2 to that, or pony up for Enterprise which apparently gives you the option to opt out of all that telemetry.
It would be interesting to see if Microsoft actually changed its IP addresses for telemetry that often. I would think that the very small percentage of people that go to the extent of blocking their telemetry would simply not be worth the trouble. However, they may change IPs for another, unrelated reason.
The thing is that the whole telemetry and spying issues in Windows10 cannot be stopped.
Its build into the OS.
I wouldn't trust the Enterprise version because all the telemetry is part of the kernel of Windows 10, as I understand it. I would need to see the source code for the enterprise version before I would believe the enterprise version isn't collecting telemetry.
Well Enterprise LTSB-N doesnt come with manny pre-installed applications,
that use MS online services.
So in that regard there is allot less telemetry tracking going on in that version.
However the keylogger still gets installed by default.
That is the main problem i have with Windows10.
Telemetry tracking in regards to how their software functions isnt that much of a problem.
And is basiclly pressent in pretty much any Os, even on Linux.
The main problem to me is the keylogger, and the personal stuff they send from you to their could servers, which cannot be stopped i think.
Your concern is basically my concern with Windows 10.
Seeing that a source code review will probably never be an option, next best thing is really good network logging and/or believing in the 'gun to MS's head' if certain corporate customers see it truly does not fully disable is enough incentive. At work we have sensitive systems with both Win10 enterprise (with GPOs that should be turning telemetry off), their logs and Cisco switch logs going to splunk-- darn near perfect conditions and opportunity to put this to the test, I've been meaning to try and see if I can make heads or tails of the logs towards this cause. Maybe first and simplest test is to take the lists of known IPs out there and simply run them through Splunk.
If Microsoft lies to their enterprise customers about telemetry, they will be doomed in the business world. The company I work for us very protective of their data; they will not tolerate it being stolen.
Well I guess your company will be switching to some form of Linux and investing some money retraining their workforce, because that is the only way to make sure the keylogger in the enterprise version of Windows 10 isn't violating your data.
As I work for a company based outside of the US, that is a distinct possibility. We are currently on Windows 7 with a limited rollout of Windows 10 in the near future. We'll see how it goes.
Good idea, question is, if it is stored, what level of access would you need to delete it, and how would someone go about detecting the log files.
If you are talking about removing the keylogger from any version of Windows 10, as I understand you can't, the keylogger is embedded into the very kernel of Windows 10. And if you are talking about the information (spying) Windows 10 does any changes you do the evil Empire (Star Wars reference) will just set it back to default probably. What really concerns me isn't the spying (which is nasty in its self) it that dam keylogger. The recent ransom attack has just made me glad, I am tying real hard to get a way from using Windows. Right now I only use Windows for gaming, everything else I am useing Linux Mint and have a virtual machine running red hat to get use to the difference to Linux Mint before I commit it to my laptop, so far I don't see any difference's between Red Hat and Linux Mint.
All the premium features Windows 10 has and that have been locked to Windows 10 makes a KVM virtual machine the only real way to ensure you get stuff like 10bit color, wide color gamut, G-Sync and Freesync, and HDR. Linux DOESN’T and will never solve that problem. If you try to run 10bit color in Xserver, EVERYTHING BREAKS and nobody is going to fix it.
I agree that Pfsense rules like this can help, and a DNS black hole can help, but it’s incredibly dynamic and the only real way for isolation is a completely separate VLAN for your Windows 10 stuff.
necro! Noice!