Microsoft is now selling third-parties access to its Windows 10 telemetry data via subscription.
Microsoft struck a deal with security company FireEye recently according to a report on Australian news magazin[e] Arn [sic] which gives FireEye access to all Windows 10 Telemetry data.
The report states that FireEye in return will provide Microsoft with the company's iSIGHT Intelligence software for Windows Defender Advanced Threat Protection on Windows 10 devices.
[...] Windows Defender is built-in to Windows 10 and enabled by default unless other security software is recognized by the operating system.
[...] The news article suggests that the partnership benefits Microsoft, and specifically the reputation and credibility of the commercial version of Windows Defender.
A press release by FireEye on November 3, 2016 provides additional details on the deal. The company's iSIGHT Intelligence software is available through Windows Defender Advanced Threat Protection (WDATP) but not the free version of Windows Defender.
WDATP customers gain access to several technical indicators that are provided by the software. These include the main motivation of the attacker, related tools, information about target sectors and geographies, and a description of the actor and operation.
According to the report on ARN, security teams may also get their hands on Windows 10 Telemetry data via subscription billing models.
Third-parties will get access to telemetry data of all Windows 10 devices. An overview of what that may include is provided on this Technet page.
Neither FireEye, Microsoft or ARN reveal details on the range of Telemetry data that FireEye gains access to.
(Score: 5, Informative) by digitalaudiorock on Friday November 25 2016, @06:07PM
I use almost exclusively Linux, though I have a windows laptop for my work. Even on that I primarily do development within a CentOS VM in VM Workstation Player.
That aside, when I updated from Windows 8 to 10 I knew it was doing insane shit around all this "telemetry" just based on that enless hard drive activity. I was doing nothing and my hard drive was all but being maxed out. Here's what I ended up doing:
1. Disable "microsoft compatibility telemetry" processes:
Based on this:
http://winaero.com/blog/how-to-disable-telemetry-and-data-collection-in-windows-10 [winaero.com]
In regedit, you have to navigate to:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection
...and add a new 32-bit word named AllowTelemetry set to 0.
2. Apparently ALL the hard drive activity was related to the wsappx process from the Windows Store Service (WSService) and related
services. MS does NOT seem to want this to be disabled but you can.
Just for laughs, here's an MS employee feeding angry users a load of BS on this issue:
http://answers.microsoft.com/en-us/insider/forum/insider_wintp-insider_perf/wsappx-process-takes-more-cpu-usage/73393475-312c-4044-8c9e-a5f78f4d7c4c [microsoft.com]
However towards the end of this page there's a real fix, which disables the services in the registry:
http://www.ghacks.net/2015/05/11/what-is-wsappx-and-why-is-causing-high-cpu-load/ [ghacks.net]
In the following registry keys:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppXSVC
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ClipSVC
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WSService
Change the "Start" REG_DWORD value from:
0x00000003 (3)
to
0x00000004 (4)
After doing that my system is dead quiet unless I'm doing something. How on earth does anyone tolerate this Godless OS anyway??
(Score: 1) by Scruffy Beard 2 on Friday November 25 2016, @07:01PM
The solution has been scrubbed from that page.
Instead, you are supposed to dick around with msconfig.
(Score: 1) by J_Darnley on Saturday November 26 2016, @10:49AM
You can see at least one scrubbed comment in the Wayback Machine here http://wayback.archive.org/web/20160321001335/http://answers.microsoft.com/en-us/insider/forum/insider_wintp-insider_perf/wsappx-process-takes-more-cpu-usage/73393475-312c-4044-8c9e-a5f78f4d7c4c [archive.org]
(Score: 0) by Anonymous Coward on Saturday November 26 2016, @11:40AM
This is why solutions need to be copied.
Answer your own question in stackexchange.
(Score: 3, Informative) by digitalaudiorock on Saturday November 26 2016, @02:16PM
I'm not sure what you're referring to, but both registry changes I referred to are still in those page. If you're referring to the Microsoft page, that never had a solution, just an someone at MS feeding everyone a bunch of crap that doesn't stop those store services from reading the crap out of your hard drive.
(Score: 1) by Scruffy Beard 2 on Saturday November 26 2016, @06:12PM
Sorry about that, I missed the non-Microsoft links for some reason.
(Score: 2) by fido_dogstoyevsky on Friday November 25 2016, @09:47PM
I use almost exclusively Linux, though I have a windows laptop for my work....when I updated from Windows 8 to 10 I knew it was doing insane shit around all this "telemetry" just based on that enless hard drive activity...
How on earth does anyone tolerate this Godless OS anyway??
I generally don't, except for two bits of (non computer) hardware that need windows. I boot into vista on an old laptop about twice a year. When that laptop stops working the (still working) hardware will be joining it at the local e-recycler.
It's NOT a conspiracy... it's a plot.