Stories
Slash Boxes
Comments

SoylentNews is people

Windows 10 Collects All Texts Entered into the Keyboard

posted by LaminatorX on Saturday August 22 2015, @07:01PM   Printer-friendly
from the I'll-be-watching-you dept.

An Anonymous Coward writes:

The administrator of AE News (an online news portal for Czech and Slovak expatriates) writes a very revealing article regarding the Windows 10 collection of user data. Here is the original Czech article. Here is a Bing translation to English. Here is a English condensed version translated by a blogger. And finally a PDF of the original Czech article.

In the post the AE News administrator states:

With the advent of Windows 10, I decided to undergo several tests. The collected knowledge for someone may be alarming. The Windows operating system 10 is essentially the end terminal, more than the operating system, because many of the processes and functions of this system is directly or indirectly dependent on remote servers and databases to Microsoft.

All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:
oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com

AE News also references an arstechnica.co.uk article which states it might be impossible to stop this communication:

And finally, some traffic seems quite impenetrable. We configured our test virtual machine to use an HTTP and HTTPS proxy (both as a user-level proxy and a system-wide proxy) so that we could more easily monitor its traffic, but Windows 10 seems to make requests to a content delivery network that bypass the proxy."

arstechnica.co.uk also "asked Microsoft if there is any way to disable this additional communication or information about what its purpose is". Microsoft did not reply as to a way to disable this chatter but did respond to the 'additional communication' stating Microsoft is now 'delivering Windows 10 as a service'.

Although the original source for this story is skeptical, Smart nerds on soylentnews can easily fire up Wireshark and reveal the communication for themselves. It appears that MS has fully embraced the cloud where your OS is now a terminal. And regarding privacy? Well, according to arstechnica.co.uk: Windows 10 privacy policy is the new normal

Original Submission

 
This discussion has been archived. No new comments can be posted.
Windows 10 Collects All Texts Entered into the Keyboard | Log In/Create an Account | Top | 138 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 5, Informative) by number6 on Saturday August 22 2015, @08:22PM

    by number6 (1831) on Saturday August 22 2015, @08:22PM (#226381) Journal

    This is one of the best HOSTS lists which attempts to totally blacklist Microsoft from your computer; I did say attempts---read the comments!!

    There are 5,721 addresses in this list!! (including the three mentioned in the summary).

     

    # ----------------------------------------------------------------------------
    # Microsoft Hosts File Blocklist (updated Aug 12, 2015)
    # http://www.angelfire.com/comics2/fatboy9175/MShosts.txt
    #
    # NOTE: In WinXP SP2 or later, adding these lines to the HOSTS file won't be fully effective thanks to
    # Micro$haft's hidden rules in the "dnsapi.dll" file which override manual settings for certain M$-related
    # domains. To completely block Microsoft out of your system, you will have to add these to a third party
    # firewall, or hack dnsapi.dll, which I wouldn't advise unless you know what you're doing. You can open the
    # dll file with notepad or a hex editor to see all the domains included in Windows' hidden whitelist.
    # I recommend Acrylic DNS Proxy. It has its own hosts file that also supports wildcard rules, so instead
    # of needing thousands of entries that end in microsoft.com, you can just add *.microsoft.com and kill em all.
    #
    # NOTE 2: Due to the intrusiveness of Windows 10's Bing integration, I have now included ALL of Bing.com.
    # You didn't actually use Bing anyway, did you? :)
    #
     
    0.0.0.0 0.r.msn.com
    0.0.0.0 2wa1musicmix.phx.gbl
    0.0.0.0 2wa2musicmix.phx.gbl
    0.0.0.0 2wa3musicmix.phx.gbl
    0.0.0.0 2wa4musicmix.phx.gbl
    0.0.0.0 10.ds.mrs.microsoft.com
    0.0.0.0 16miig.bay.livefilestore.com
    0.0.0.0 1554.ic-live.com
    0.0.0.0 778802.r.msn.com
    0.0.0.0 946878.r.msn.com
    0.0.0.0 1000626.r.msn.com
    0.0.0.0 1822333.r.msn.com
    0.0.0.0 1847742.r.msn.com
    0.0.0.0 1847753.r.msn.com
    0.0.0.0 1847767.r.msn.com
     
    [...]
     
    # ----------------------------------------------------------------------------

    Starting Score:    1  point
    Moderation   +3  
       Interesting=1, Informative=2, Total=3
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   5  

  • (Score: 0, Disagree) by Anonymous Coward on Saturday August 22 2015, @08:29PM

    by Anonymous Coward on Saturday August 22 2015, @08:29PM (#226384)

    You could reduce the size dramatically by simply blocking second-level domains.

    • (Score: 1, Insightful) by Anonymous Coward on Saturday August 22 2015, @08:32PM

      by Anonymous Coward on Saturday August 22 2015, @08:32PM (#226386)

      You don't even know what a hosts file is, do you?

      • (Score: 0) by Anonymous Coward on Sunday August 23 2015, @06:27AM

        by Anonymous Coward on Sunday August 23 2015, @06:27AM (#226572)

        That statement does not even make sense. Why block a dozen sub-domains when you can block all of them via one line with the parent?

        • (Score: 0) by Anonymous Coward on Sunday August 23 2015, @09:45AM

          by Anonymous Coward on Sunday August 23 2015, @09:45AM (#226630)

          Because you can't.

          If you understood what a hosts file was and how it works you'd know that.

  • (Score: 2, Insightful) by Anonymous Coward on Saturday August 22 2015, @08:30PM

    by Anonymous Coward on Saturday August 22 2015, @08:30PM (#226385)

    Golly, bro, you so l33t. But if your OS is untrustworthy, why do you trust it to use your hosts file?

    • (Score: 1) by tftp on Saturday August 22 2015, @09:04PM

      by tftp (806) on Saturday August 22 2015, @09:04PM (#226395) Homepage

      But if your OS is untrustworthy, why do you trust it to use your hosts file?

      Perhaps that's why the comment in the file says that you should use a 3rd party firewall? I would not use anything less than an external, hardware firewall if there is a need to use Win10 on the network (say, if you are a developer.) I cannot trust the software firewall (that runs on the same box) for exactly the reasons that you pointed out.

      I have a Win10 Technical Preview box currently, but I already have plans to wipe it clean and install Mint 17.2 KDE, now that it is available. Android Studio is supposed to work on Linux, and that's all I expect to need. For everything else there is VirtualBox.

      • (Score: 0) by Anonymous Coward on Saturday August 22 2015, @09:07PM

        by Anonymous Coward on Saturday August 22 2015, @09:07PM (#226396)

        Windows or Android, choose your evil...

        • (Score: 2) by Dunbal on Saturday August 22 2015, @09:12PM

          by Dunbal (3515) on Saturday August 22 2015, @09:12PM (#226397)

          You mean: Share your data with Microsoft or share your data with everyone.

          • (Score: 0) by Anonymous Coward on Sunday August 23 2015, @10:06AM

            by Anonymous Coward on Sunday August 23 2015, @10:06AM (#226631)

            Dude, Google is not "everyone". Besides, as Android is open source, for some devices you can install a clean build without any of Google's crapware. Unfortunately there is no such option for Windows.

            • (Score: 2) by Dunbal on Sunday August 23 2015, @12:05PM

              by Dunbal (3515) on Sunday August 23 2015, @12:05PM (#226647)

              I didn't mean Google is everyone, I mean android is so insecure that anyone can... nevermind.

        • (Score: 1) by tftp on Saturday August 22 2015, @10:53PM

          by tftp (806) on Saturday August 22 2015, @10:53PM (#226422) Homepage

          Windows or Android, choose your evil...

          My Android code is for controlling industrial hardware. Even if Google is evil, there is nothing for them to steal here. My code does not deal with personal information. The customer is not required to connect to the Internet even (the hardware has USB interface.)

  • (Score: 0) by Anonymous Coward on Saturday August 22 2015, @08:53PM

    by Anonymous Coward on Saturday August 22 2015, @08:53PM (#226391)

    Read the articles. Win 10 bypasses the hosts file for all of this "telemetry" information. That's rights the IP addresses are already in the code.

    • (Score: 2) by number6 on Saturday August 22 2015, @09:13PM

      by number6 (1831) on Saturday August 22 2015, @09:13PM (#226398) Journal

      Did you read my article aka post? ...All Windows versions since XP-SP2 have had the ability to bypass the hosts file. That's right the IP addresses are already in the code.
      The comments in the hosts list I posted shed some light on possible workarounds.

      • (Score: 1) by Francis on Saturday August 22 2015, @11:06PM

        by Francis (5544) on Saturday August 22 2015, @11:06PM (#226426)

        I ran into that some time ago when I was wanting to block msn.com. It doesn't matter what you put in the hosts file, it would always connect anyways. Even when other sites would go nowhere.

  • (Score: 2) by Runaway1956 on Sunday August 23 2015, @02:36AM

    by Runaway1956 (2926) Subscriber Badge on Sunday August 23 2015, @02:36AM (#226499) Homepage Journal

    "# You didn't actually use Bing anyway, did you? :)"

    On a rare occassion, like when a Soylentnews summary includes a link to Bing Translate, or something like that.

    --
    Abortion is the number one killed of children in the United States.

  • (Score: 1) by NullPtr on Sunday August 23 2015, @07:43AM

    by NullPtr (3786) on Sunday August 23 2015, @07:43AM (#226595) Journal

    If you block this, you block all Microsoft updates to your machine also.

  • (Score: 2) by number6 on Sunday August 23 2015, @08:04AM

    by number6 (1831) on Sunday August 23 2015, @08:04AM (#226601) Journal

    I found a textfile saved on my computer a long time ago (it's a comment posted at a forum around 2006).
    I thought it may be of further educational interest to share it with you guys, in situ . . . . . .

    "Well in a twisted way it is in your control, but more of an all or nothing way. All these lookups ("Using XP") as an example are priority based. So in a sense you could over-ride those priorities ("Not suggested") here is what I mean:

    If you look at this registry key on XP;

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\ServiceProvider

    You will see ("If you have the defaults"):

    DNSPRIORITY: 2000
    HOSTSPRIORITY: 500
    LOCALPRIORITY: 499
    NAME: TCP/IP
    NETBTPRIORITY: 2001
    PROVIDORPATH: %SystemRoot%\System32\wsock32.dll

    The lower the priority ("If found there") trumps anything higher. Problem is, Microsoft is nervous with their domain names and would much rather trust DNS in all cases, no matter what you would like your other domain names to resolve by.

    So, if you were to use these priorities which are default they would work like this in this case, minus Microsoft Domains:

    1. Local DNS Cache
    2. Host file
    3. ICS ("Depending on if you use it") hosts.ics
    4. DNS
    5. Wins
    6. blah blah blah

    So imagine if somehow your DNS cache was hacked, and redirected Microsoft sites to another IP, you would be SCREWED in that case without this code in place. Since DNS cache is used prior to the host file based on the default priorities."