Stopping Windows 10 privacy bleeding

There's been quite some talk about how Windows 10 upon install by default sends lots of mostly private stuff to Microsoft. Sure, it can turned on "just not using express settings", but we all now many people are lazy and install without reading, so this was done on purpose (else everything would be opt-in).

After the initial install, people realized the operating system kept bleeding data to the outside, so I did a quick test. I opened Task Manager, the Performance tab and there it was having a high activity peak when I wasn't doing anything. To avoid a false positive I ordered processes by network %... and I had the Search "app" sending 2.3MB of data... when I had disabled everything I could at setup (plus later on the Privacy settings).

Checking the App History tab I got this nice two "rogue leakers", two applications I hadn't even launched once in my few weeks using the new OS:

Examples of personal Windows 10 data leaks

Somebody please tell me why the Store has to grab so much data when I haven't even setup a Microsoft account (I use a local one), or why if I have never searched anything it was sending/receiving MBs. Searching for a more complete list of Windows 10 privacy fixes I found this nice guide, but as I never use Bing and similar MS-only services, I did some network sniffing to see what other places my PC is still "calling".

This are the domains I've ended up blocking (redirecting to 127.0.0.1 from the hosts file is the best stopper) based on articles read and my own Wiresharking experience:

  • any.edge.bing.com
  • bing.com
  • msn.com
  • live.com

I also disabled ssw.live.com but then I had issues updating Windows Defender so I guess it either controls WD definition files or the whole Windows Update and I unblocked it.

I really like Windows 10 after suffering Windows 8 and using Windows 8.1 (although I'm sticking to Windows 7 for the gaming PC), but sadly it seems the privacy invasion era has jumped from mobile phone operating systems to desktop ones. It's still a better battleground to fight from (Firewalls, hosts file, 3rd party apps/tweaks...) but still another war to fight at.

PS: I've read as much as possible to take away FUD from reality, and while some options have been explained, not all questions have been answered.

PS 2: If I come with additional things to disable or domains to block I'll update the post to reflect it.

Posted by Kartones on 2015-08-23

Comments?

Share via: Twitter Linkedin Google+ Facebook