SoylentNews is people
SoylentNews
Peter Bright at ArsTechnica reports:
Windows 10 uses the Internet a lot to support many of its features. The operating system also sports numerous knobs to twiddle that are supposed to disable most of these features, and the potentially privacy-compromising connections that go with them.
Unfortunately for privacy advocates, these controls don't appear to be sufficient to completely prevent the operating system from going online and communicating with Microsoft's servers.
For example, even with Cortana and searching the Web from the Start menu disabled, opening Start and typing will send a request to www.bing.com to request a file called threshold.appcache which appears to contain some Cortana information, even though Cortana is disabled. The request for this file appears to contain a random machine ID that persists across reboots.
Hairyfeet's contribution adds the following:
A Czech site went one further and did a traffic analysis on a default Windows 10 install, what did he find? Well it looks like the Win 10 Keylogger in the beta is still running with pretty much every keystroke, voice, and webcam data being sent to Microsoft even with Cortana disabled.
[Ed's Comment: The report about the Czech traffic analysis originally came from a newspaper and some comments doubt the veracity of this source.]
(Score: 5, Informative) by MrNemesis on Thursday August 13 2015, @07:50PM
Since I started digging into this... yeah, MS have been rolling in some crap into their regular updates for W7 and W8 as well. If you've set your WU not to "give me recommended updates" you've probably avoided the worst of it but please make sure that you uninstall/hide/block the following update packages:
KB2952664
KB3021917
KB3022345
KB3035583
KB3068708
...and disable the following items from the task scheduler library:
Microsoft/Windows/Application Experience/*
Microsoft/Windows/Customer Experience Improvement Program/*
WPD/*
"To paraphrase Nietzsche, I have looked into the abyss and been sick in it."
(Score: 2) by inertnet on Thursday August 13 2015, @11:55PM
I came across a possibility to stop the Windows 10 push altogether, while I was actually searching for a way to stop "svchost netsvcs" from going insane. I don't remember the website(s) I got it from, but these are my notes to reproduce it. You may actually just need KB3050265 and the policy setting change (obviously not for Home versions because those lack the policy configuration editor):
stop and disable in Services (services.msc):
- SuperFetch (sometimes needed)
- Background Intelligent Transfer Service (BITS)
- Windows Update
Restart PC.
Then download and install https://support.microsoft.com/en-us/kb/3050265 [microsoft.com]
If you get service not running or similar error, switch Windows Update to Auto (delayed) and start it.
And install the KB without waiting.
Change BITS back to Auto (delayed), restart PC.
If ok, change SuperFetch to Auto and restart.
Policy path Computer Configuration / Administrative Templates / Windows Components / Windows Update
Policy setting Turn off the upgrade to the latest version of Windows through Windows Update (enabled or disabled)
(Score: 2) by MrNemesis on Friday August 14 2015, @08:13AM
Thanks to the pointer for KB3050265 - looks like this'll fix WU gobbling ~2GB of RAM doing its scans.
Apparently the reg key HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\[DWORD]DisableOSUpgrade=1 is enough to stop the GWX gubbins doing its stuff alone without the new WU client but I've not tested that yet. Similarly it appears I dodged a bullet by having domain-joined windows clients at home (thanks Samba 4 domain controller!) since that stops the GWX stuff from running as well.
Sadly most users who have the "home premium" or equivalents won't have access to the group policy editor, and it seems that those of you with windows 7 home premium won't be able to upgrade to a pro or ultra license via "anytime upgrade" any more either; that now appears to be shut down.
"To paraphrase Nietzsche, I have looked into the abyss and been sick in it."
(Score: 2) by TheGratefulNet on Friday August 14 2015, @01:44AM
I owe you one. I had several of those on my win7 box.
USED to. now uninstalled.
thanks, mate.
"It is now safe to switch off your computer."
(Score: 2) by TheGratefulNet on Friday August 14 2015, @03:03AM
I hate to ask, but I'm not a windows admin, so maybe others who know that world could give advice.
is there any trustable blacklist that I could just run and remove the 'harmful' (to us, not to MS) updates?
when I ran the standard updates gui, there's no clear way to search for the KB string. maybe I missed it. but its sloppy to even have to use a gui. its a 'grep -v' essentially. I want to remove these updates and here's the .txt file of the KB's.
the real thing I'd wondering is: is there such a list that the community agrees does not really benefit the user and those updates are safe (even beneficial) to remove?
"It is now safe to switch off your computer."
(Score: 0) by Anonymous Coward on Friday August 14 2015, @06:50AM
You missed the search box in the top right! Don't worry, I did too. It should be up there when you go to "Installed Updates" (hidden in the bottom left) in Windows Update.
I had a bunch of these installed too. Blah.
(Score: 2) by MrNemesis on Friday August 14 2015, @08:25AM
Nope.
Well, for me at least. Have read about some users using Ninite Pro to "curate" the whole process but for the meantime I've made sure my group policies are now only set to pull down "critical only" updates. But what with their behaviour with GWX and W10 I think it's probably only a matter of time before they start pushing this stuff harder and/or start purposefully trying to re-enable disabled functionality. Way to build trustworthiness microsoft.
Should have seen this coming an age away when MS dispensed with the text telling you WTF the update is going to do; they now all just say "install this update to fix issues in windows" even if you have the "show detailed information" checkbox ticked. You now have to go to their site and read the details on each and every KB every month. Annoying.
"To paraphrase Nietzsche, I have looked into the abyss and been sick in it."