Let's face it... Windows 10 wants to send data to Microsoft. We also are losing more of our privacy and the ability to update the OS on our own terms. I am currently working overseas and am not able to test this out right now... but does anyone know if it would be possible to just block the traffic Windows 10 wants to send to Microsoft? Let's say that eventually, tools are released to let us install updates on our own terms. If the traffic Windows 10 tries to send to Microsoft is blocked by an external firewall, then our privacy and update worries would be over. Any thoughts?
I'm glad someone finally agrees with me. I have been replying to posts on Reddit and not getting much support. Another thing... all of the tweaks people are making to try and stop telemetry traffic probably aren't going to be enough. Microsoft could just update the OS and create another process that sends traffic. And I think the EULA states that they can also change your settings.
Thank you both so much, I have been thinking about the exact same thing but couldn't find a good firewall. I disabled Telemetry with all the fixes (registry etc.), had Telemetry hosts in my hostfile.... and guess what? Today I noticed it was phoning home again. To another brand new vortex subdomain that I haven't seen around on any host file lists. It also bypassed my registery tweaks and all the other methods. Thanks so much for smoothwall.
For those interested by the way, it was : vortex-bn2.metron.live.com.nsatc.net vortex-cy2.metron.live.com.nsatc.net At the time of writing it is not in any hosts lists
Interesting. Up until now I had only heard of TinyWall. How's it compare? And a more general question. Do third party firewalls block the hardcoded telemetry whitelist in dnsapi.dll that I'm hearing about?
Since Smoothwall is a router software, if you already have a router that allows you to set up rules to regulate traffic you're all set up already and only need to set up rules to block traffic as you see fit. Personally, I have become particularly fond of pfSense, another router software.
I recommend you to use free ( it run on BSD ) pfSense because it is open source firewall and you have VPN by default ( OVPN - IPSEC ) and lot of others packages not available on smoothwall at this moment: - pfblocker - you can easy block traffic to countries, hackers-spy-tracker servers... it will live update the lists from net. - suricata or snort - Intruder detection system, analyze live traffic for known vulnerabilities and attacks and block the offender IP. - squid - proxy traffic; monitor & filter traffic and restrict access to bad sites, advertise servers, trackers ... - captive portal ( add another layer of protection for your LAN - WIFI ). ... all you need is an old PC with 2-4 Gb Ram and 2 or more Ethernet cards/ports and you are good to go. I recommend old brand silent PC like: Lenovo M58p and Fjitsu Siemens E5730 with IAMT so you can debug/restart/turn on-off from anywhere in the world if required... ~100$ At this moment I am using a list found here to block Microsoft telemetry servers but to allow MS updates, I also block the rest of trackers and spy servers all over the world... and of course cut all the traffic from/to high risk spy-intrusion countries: China, Russia, Ukraine...