Curious about the various telemetry and personal information being collected by Windows 10, one user installed Windows 10 Enterprise and disabled all of the telemetry and reporting options. Then he configured his router to log all the connections that happened anyway. Even after opting out wherever possible, his firewall captured Windows making around 4,000 connection attempts to 93 different IP addresses during an 8 hour period, with most of those IPs controlled by Microsoft. Even the enterprise version of Windows 10 is checking in with Redmond when you tell it not to — and it's doing so frequently.
This realy does not suprise me at all. We allready have seen that edge simply can get arround the host file. I personaly think, that its just unstoppable, no-matter if you opt out most of the stuff, a new update can easaly reset all those things again. Programms like Beacon etc, is something that i dont realy trust either. MS brings soo manny updates out lately, that i think its allmost impossible for programms like Beacon to keep up with it.
Wouldn't it be possible for someone to make a tool that would essentially break windows' legs and delete all non essential files or make them unusable for the OS?
Well thats exaly the point. i personaly think that the telementry tracking is soo deeply nestled into the OS. That stripping it out, would probably make the whole OS unusable?
i mean if edge can ignore an entry to block bing from the host file. Then im pretty convinced that windows can simply ignore all the edits to the hostfile done by beacon aswell right?
My attempt to neuter Windows 10 phoning home was a massive failure. I added all of the IP address that have been confirmed to be data collectiion IP's to Windows firewall. Removed cortina removed edge browser, and I edited the registry and removed a lot of the processes that phone home and I still had outgoing connections to Windows servers.
Using tomato on my router I tracked all outgoing connections that my Windows 10 machine made. Then added a list of roughly 120 IP's to block to my routers firewall. To test if I was successful on blocking Windows IP's I. Tried to ping the IP's on the list one at a time and they still connected and returned with no dropped packets and a average response time of 15 ms .
I am not a network engineer and I am not an expert in networking. but I was surprised to find that blocking IP's in Windows firewall, and on my routers firewall failed to stop the connections. If anyone has any idea s on how to prevent those connections from happening (other than staying offline) I am all ears.
Indeed. The only way to stop this telemetry is by blocking all those servers on the router, and checking up on them on a VERY regular basis to make sure MS hasn't released an update with new "telemetry" server addresses.
If you're on Win7 or 8.1, they're doing all kinds of stuff to make life impossible. Pop-ups, attempts to trick you into installing 10, attempts to sneak the Win10 telemetry into your Win7 or 8.1 via Windows Update, etc etc. If they finally managed to get you on 10, they'll make it almost impossible to opt out of all the telemetry and datamining stuff. Basically if you're on Windows, nowadays you have to work hard to stop MS from screwing you over.
Vista is clean. The only issue is that it's about 1 year removed from End of Extended Support. Still, considering its market share (1.77% nowadays), I doubt that anyone will even try to write an exploit for it. So you should be good well past April 2017. Win7 SP1 was released before Nadella took over, so you should be okay on that as long as you install updates manually after carefully reading every KB article. As for 8.1, the whole Microsoft account and Skydrive/Onedrive integration already reek of his influence, but once you disable those, the OS should be good (albeit ugly)
@looming-hawk : Where exactly did you check the packets? Between PC and router or between router and modem? In the first case it's perfectly normal if you still see the blocked addresses, after all Windows is still TRYING to contact them, so the packets do leave the PC. You shouldn't see those packets on the other side of the router tho.
Now he needs to do the same after installing Spybot Anti-Beacon and letting it apply all of the things it does.
Although even for this test he did, he should have disabled ALL the different things inside the Settings > Privacy section, even if you disable everything during install during that three page setup, there's plenty of stuff still enabled in settings.
I've got a Win10 Pro install in VMWare Workstation with the Anti-Beacon stuff done. I'll install Glasswire and see what it catches overnight. Gonna install the pending Win10 updates first, reboot, check all the settings and after that just let it idle.
Also guys, if you're tired of Get Windows 10 nagging on your Win7/8 install and wish to delete the telemetry stuff added, see this. Nice little script for uninstalling the updates adding telemetry or offering Win10 among other things.
You realise what your essentially doing is buying/using an OS that does a function then complaing and trying to stop the OS doing what it was made to do...
Windows 10 is not an offline OS its only going to get worse, I understand not wanting it to phone home but that's what it does... Your only option going forward is to change OS. You have a few more years in windows 7 which I imagine also phones home then that's it. Accept it or move will be the inevitable conclusion.
I checked the IP's using ping in command prompt and was receiving responses from the servers. Even though i had the IP's blocked in firewall and should not have been able to get a response.
@Eden I understand that Windows 10 is a spying OS. Was an attempt to cut out the spying features so I could use it. And yes I have to be careful with Windows 7 updates as well or I am going to end up with some of the same problems.
Have you ensured your firewall blocks outbound connections to those IPs? As by default firewalls will allowing incoming traffic on established connections, even if that IP is blocked for incoming traffic.
Indeed I added them to inbound,and outbound block list. Did it as a precaution as I had a hunch that it would not be easy to prevent Windows from calling home.
It'll be the firewall not working properly, not the OS bypassing it. It might be its hitting a rule before finding the block rule... we are talking external firewall? not windows firewall?
Both internal and external. I have them blocked on my router's firewall and on the Windows 10 firewall. Which is why I am stumped as to how I was able to get a ping response at all.
I recently noticed that SpyBot Anti-Beacon is taking 20% of my CPU resources. Is this because it's having hard time blocking all those connections that windows is trying to establish?