Really impressed with Windows 10 LTSB

So its windows 7 with a skin..... k.

Is that set to manual by default?

a skin? not really. you get dx12 support and pretty much everything windows 10 has minus the nagging windows updates, most of telemetry and store apps support.

Mine is set up Manual on startup and the service isn't currently running.

Okay, not fully sure, but that might be one of the keyloggers.
But there is another one.

In C:\Programdata\Microsoft\Diagnose folder or something like that.
Something with Autologger, not sure how its called.

Mine is disabled. not sure if thats the default settings or Winaero tweaker.

I suppose it might be default setting, which would be a good thing.
The bad thing is that its there in the first place.

I don't have anything on my system that tweaks it as far as I know, I do have a fresh install of LTSB in a VM so I'll check there the next time I boot into Linux.

Thanks for the answer.

Microsoft has the ability to make a half-decent OS. And they choose not to. Pretty sad when you think about it.

I ran my LTSB VM and dmwappushsvc is set to Manual by default and is disabled, I also found AutoLogger-Diagtrack-Listener.etl in C:\ProgramData\Miscrosoft\Diagnosis\ETLLogs\AutoLogger

2 Likes

Okay so the keyloggers seem to be present in LTSB.

2 Likes

In other words, Microsoft is being Microsoft once more....

Sorry, don't mean to be like that, it's just that it ticks me off that they are using my bandwidth/processing power and you must tinker with it to tell it not to.

On the other hand, the more they go about this way, the more of us they will loose. gg -.-

2 Likes

Pretty much it's just windows 10, with DirectAccess, BranchCache, Bitlocker and Windows updates have been effectively disabled. It's exactly the same, but a lot more predictable for enterprise it teams to adjust how they want.

If you're imaging and managing thousands or tens of thousands of machines, you've probably got some guy in your organisation who takes great pleasure in customising the wim file and scripting everything in the universe ready for your imaging solution.

I have one of those guys.

1 Like

mmm

Assuming the keylogger is present in all forms of windows 10, can it still be disabled?
Do you know of any sort of investigation on the keylogger, as to its purpose?

I found plenty of vague language saying Microsoft may collect typing to help improve stuff. Does this mean every keypress is caught, and analysed locally to determine what is useful? I am mildly concerned about passwords being caught up in the white noise of my typing and sent someplace. Given the lack of information and clarity on what is logged and how, I can't rule that out.

That being said, windows is designed to receive keypresses and pass them to focused applications, so is it more of an extension of that?

Other than that, keen to try out Windows 10 LTSB, have the ISO ready to go.

1 Like

Well nobody really knows what they keylogger sends to MS.
They can be disabled if i´m right, but then we still cant say for sure if its really disabled or not.
Basiclly what the keylogger does is log every keystroke you hit and send that to MS clouds, i would assume.
Thats how they can make personal profiles about you, and improve things like typing and such.
However this of course also includes passwords most likely.
Encryption isnt going to help atall in this case.

dmwappushsvc seems to be partly disabled in LTSB-N.
So thats a good thing.
But the Diagnose keylogger probably is still actively running.
Assuming that it also sends telemetry and diagnostic data to MS.
There is a service that you could disable something called user experiance and diagnostics,
or whatever its called.
MS has renamed this feuture a couple of times.
This might be related to the autologger, but i´m not sure.
Unfortunatlly i dont think that there has been done manny deep researches,
about what exact data the OS sends to MS.

2 Likes

But never the less, since LTSB doesnt contain manny modern apps.
Telemetry tracking and spying should be allot less.
Then what it would be in a consumer version of 10.

1 Like




My go-to sites when disabling Win 10 telemetry

2 Likes

I did a bit more digging into the C:\ProgramData\Microsoft\Diagnosis folder. It seems to all be locked by explorer.exe. If you close that and manage permissions, you can copy out and read the files.

Most interesting is the C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.ASM-WindowsDefault.json file, which seems to specify what telemetry to log and at what frequency. The stuff related to text input seems to be related to spell checking, but I still don't trust it.
"Microsoft.Windows.TextInput.LinguisticData:SpellerAddedWord:ms.Measures:sampleRate": "0", "Microsoft.Windows.TextInput.LinguisticData:SpellerAutocorrection:ms.Measures:sampleRate": "0", "Microsoft.Windows.TextInput.LinguisticData:SpellerAutocorrectionSupressed:ms.Measures:sampleRate": "0", "Microsoft.Windows.TextInput.LinguisticData:SpellerContextMenuDismissed:ms.Measures:sampleRate": "0", "Microsoft.Windows.TextInput.LinguisticData:SpellerIgnoreWord:ms.Measures:sampleRate": "0", "Microsoft.Windows.TextInput.LinguisticData:SpellerRedSquiggle:ms.Measures:sampleRate": "0", "Microsoft.Windows.TextInput.LinguisticData:SpellerReplaceWithAlternate:ms.Measures:sampleRate": "0", "Microsoft.Windows.TextInput.LinguisticData:SpellerUndoAutcorrection:ms.Measures:sampleRate": "0",

1 Like