The administrator of AE News (an online news portal for Czech and Slovak expatriates) writes a very revealing article regarding the Windows 10 collection of user data. Here is the original Czech article. Here is a Bing translation to English. Here is a English condensed version translated by a blogger. And finally a PDF of the original Czech article.
In the post the AE News administrator states:
With the advent of Windows 10, I decided to undergo several tests. The collected knowledge for someone may be alarming. The Windows operating system 10 is essentially the end terminal, more than the operating system, because many of the processes and functions of this system is directly or indirectly dependent on remote servers and databases to Microsoft.
All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:
oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com
AE News also references an arstechnica.co.uk article which states it might be impossible to stop this communication:
And finally, some traffic seems quite impenetrable. We configured our test virtual machine to use an HTTP and HTTPS proxy (both as a user-level proxy and a system-wide proxy) so that we could more easily monitor its traffic, but Windows 10 seems to make requests to a content delivery network that bypass the proxy."
arstechnica.co.uk also "asked Microsoft if there is any way to disable this additional communication or information about what its purpose is". Microsoft did not reply as to a way to disable this chatter but did respond to the 'additional communication' stating Microsoft is now 'delivering Windows 10 as a service'.
Although the original source for this story is skeptical, Smart nerds on soylentnews can easily fire up Wireshark and reveal the communication for themselves. It appears that MS has fully embraced the cloud where your OS is now a terminal. And regarding privacy? Well, according to arstechnica.co.uk: Windows 10 privacy policy is the new normal
(Score: 3, Insightful) by PizzaRollPlinkett on Saturday August 22 2015, @10:25PM
Color me skeptical, because hasn't every tech news outlet been running wireshark since the beta period looking for a story like this? If Win10 was sending every keystroke to MS ... or even anything like it ... wouldn't someone in the clickbait world have reported on this already?
(E-mail me if you want a pizza roll!)
(Score: 0) by Anonymous Coward on Saturday August 22 2015, @11:31PM
Yes, it's been four hours since this story was posted which means that Windows has phoned home eight times: where are the people who have verified this? I don't have Windows 10 so I can't do it.
(Score: 0) by Anonymous Coward on Saturday August 22 2015, @11:35PM
They have [duckduckgo.com]
(Score: 2) by tibman on Sunday August 23 2015, @01:47AM
My work machine is win10 now, i'll see what it's up to.
SN won't survive on lurkers alone. Write comments.
(Score: 4, Informative) by tibman on Sunday August 23 2015, @02:50AM
Bleh, network stuff. I let the machine settle for 10 min before looking at any traffic.
So far i had a random communication with watson.telemetry.microsoft.com.nsatc.net. My machine started the talk then negotiated a TLS connection and sent a few KB of whatever. Google says watson is used to report crashes. Well.. that machine has just been sitting there watching me lurk and drink beer.
I opened the start menu and it resolved store-images.microsoft.com. Looking closer now. I suck at this stuff and may go drink instead, we'll see.
SN won't survive on lurkers alone. Write comments.
(Score: 4, Informative) by tibman on Sunday August 23 2015, @03:30AM
SearchUI.exe contacts 23.204.0.42 and gets some details about omniroot.com and public-trust.com. Certificate stuff i guess. Because a TLS connection starts and they talk for a bit.
Something similar happens with vortex-hk2.metron.live.com.nsatc.net. A request is made from my computer. Some cert stuff comes over then a TLS connection starts.
Ditto with onesettings-cy2.metron.live.com.nsatc.net. This one goes off pretty often: 10:07p, 10:22p, 10:37p, 10:52p, 11:07p.
weather.microsoft.com, finally something i can read! An http request for apex/DesktopTile/PreInstallLiveTile. It does look like i have some weather thing in the start menu too. Er, had.
My verdict is who the hell knows what win10 is sending to microsoft. Connections are made every 10 minutes or so to send encrypted data. Maybe someone who actually knows what they are doing can make better sense of it.
SN won't survive on lurkers alone. Write comments.
(Score: 0) by Anonymous Coward on Sunday August 23 2015, @06:39AM
Interesting. You can be almost certain that you're not allowed to look at what's being sent, even if it is your own data.
(Score: 2) by gman003 on Sunday August 23 2015, @11:47PM
Have you disabled all of the relevant telemetry options? They have a setting for "Send Microsoft info about how I write to help us improve typing and writing in the future", which seems like it could send exactly what is being described as being sent if not disabled. It's still kind of a suspicious move but if you can disable it trivially through settings (IIRC you're even prompted during installation), it's clearly a different matter than it's being described as.
I'd check myself to confirm but I honestly wouldn't know what I was doing with Wireshark.
(Score: 3, Informative) by tibman on Monday August 24 2015, @01:52AM
I do remember opting out during the "upgrade" but other than that it is fairly stock. I just checked and the "Send your device data to microsoft" option is set to Enhanced. Apparently that is less than Full(Recommended). The lowest option is basic... there is no off! The only thing installed on there is visual studio 2015 (and all the baggage required to do MVC5) and steam.
I recommend against using any network traffic tool. It'll blow your foil hat right off and darken the mood.
SN won't survive on lurkers alone. Write comments.