[REPO] Windows 10 TELEMETRY REPOSITORY

Discussion in 'Windows 10' started by Yen, Aug 4, 2015.

  1. vladnil

    vladnil MDL Novice

    Jan 19, 2019
    35
    16
    0
    I try 51.158.168.202 DNS Pi-hole, which blocks ads at the network level, encrypted E2E - Installed on PFsense
     
  2. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,900
    12,356
    340
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. shewolf

    shewolf MDL Senior Member

    Apr 16, 2015
    429
    963
    10
  4. rogierel

    rogierel MDL Novice

    Jan 21, 2012
    16
    1
    0
    @shewolf: i was just starting to explore the ways to limit the telemetry for w10, i am a little in doubt now if i want to continue because of exactly what you said -> M$ can always change this, we were just lucky in the past they did not do it (or not that actively), they got enough ip's to change it every hour if they wanted, any update can put additional telemetry or change existing ones..
    i guess i will just disable things a little with the default configuration (i am using NTLite for that) - it's even hard to find the correct configurations for today, there is info out there from 2015 until now, so me as a beginner, got no way to know which is still relevant or not. Disable components, disable task scheduler entries, block ip's or what else? And where to find for each of this the correct scripts... If you can advise me anything, I am all ears, but your comment made me lose much motivation :p nothing personal lol
     
  5. shewolf

    shewolf MDL Senior Member

    Apr 16, 2015
    429
    963
    10
    #1145 shewolf, Mar 21, 2020
    Last edited: Mar 21, 2020
    You cannot turn off all data collection on your PC (not just windows), but you can control the data output from your system.
    That's what the firewall is for, windows firewall does it really very well

    :eek:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. nima1024

    nima1024 MDL Member

    Sep 18, 2010
    195
    27
    10
    Cloudflare's DNS servers are the fastest and safest on the world.
    1.1.1.1
    1.0.0.1

    Question 1: Cloudflare's
    Question 2: DNSSec is a method to encrypt DNS records and it's mainly for websites and DNS Servers not DNS Authoritative. In simple words, it's not related to your usage of Cloudflare's DNS servers to resolve hostnames to IPs; it's for websites admins who want to encrypt their DNS records. And it's perfectly safe and recommended but not all DNS registrars provide that (Cloudflare does and it's free).
     
  7. BAU

    BAU MDL Addicted

    Feb 10, 2009
    563
    975
    30
    Cloudflare's DNS servers are neither the fastest nor the safest in the world.

    Now DNS over HTTPS is the trendy thing, offered in Chrome and Firefox with CloudFlare or NextDNS built in choices,
    but it is just a half-measure that sucks balls compared to the proper, complete solution offered by dnscrypt.
    Just testdrive Simple DNSCrypt implementation, it's actually secure, and does not slow down your browsing since there are plenty of fast proxies available.

    Pihole is relevant if you have a non-garbage linux machine to dedicate for network tasks.
     
  8. RaT0rg22

    RaT0rg22 MDL Novice

    Oct 28, 2017
    14
    2
    0
    Thx for all the info!
     
  9. TairikuOkami

    TairikuOkami MDL Addicted

    Mar 15, 2014
    922
    807
    30
    As far as security goes, every software within the PC will be allowed to make DNS requests, since dnscrypt will merely replace svchost. Lets say a PC will be part of a botnet, malware will be able to get an update of working IPs. VPN is safer.
     
  10. vladnil

    vladnil MDL Novice

    Jan 19, 2019
    35
    16
    0
    testing AnyCast DNS-80.80.80.80 and 80.80.81.81

    although there are doubts?
     
  11. BAU

    BAU MDL Addicted

    Feb 10, 2009
    563
    975
    30
    What does botnets have to do with VPN? You still need to use local internet security suites / enhanced av's behind a VPN.
    And speaking of VPN, some providers have been caught in the past turning their clients into.. botnets. If you're not paying premium - you're the product.

    And proper VPN that you've set it up yourself at both ends is indeed safer as in privacy-safer, but you're not talking about that.
    You're talking about commercial solutions that could eavesdrop, sell data, supply detailed months-old history when subpoenaed at any time. Plus a hefty price tag. Plus limited availability of high-speed proxies.

    dnscrypt is no VPN and does not compete with VPNs, it merely encrypts dns requests.
    It's all in your hands to choose from the publicly available and peer-reviewed servers, many hosted at educational institutions around the world,
    with an exponentially higher trust factor than some almost anonymized vpn provider company behind 10 other shell companies with a PO box address.

    And once you've made your dns requests, you get to communicate with your target at full internet speed, not bounce back & forth to a VPN.
    I live in a part of the world where gigabit internet has been a commodity for several years, and I don't think there is any VPN offering to take such "abuse".
    If it's online games lacking local servers, needing cross-region connectivity in competitions, or accesing media content overseas, then sure, VPN is king. But I don't consider any of them privacy-safe.
     
  12. masteryoba

    masteryoba MDL Novice

    Jan 28, 2020
    1
    0
    0
    Has anyone tried stopping somehow the diagnostic services? In previous versions 1809< you could simply delete the services now on 1903-09 you will get and svchost error with multiple crashes including bsods or cyclic explorer crash. I'm talking about "DiagTrack" - "diagsvc" also if you disable the error reporting service you will get the same errors.
     
  13. BAU

    BAU MDL Addicted

    Feb 10, 2009
    563
    975
    30
    Hope you don't mess with other services named Diagnostic.. by mistake, since those are used for maintenance / power-efficiency tasks.
    No issues disabling Connected User Experiences and Telemetry and Windows Error Reporting via services or gpedit.msc - must be something on your end.
    Deleting a service on a live install is not a supported scenario - if you really need stuff gone, do it on an offline image, then install that chopped OS. Then cry when cumulative updates fail to install next month :)
     
  14. lakrispipe

    lakrispipe MDL Novice

    Oct 12, 2019
    2
    0
    0
    A couple of years ago I read an anonymous comment somewhere online which made the claim that you can further disable telemetry through undocumented registry keys(?) in some sort of configuration (test? dev key?)
    Sorry for being unclear but unfortunately I can't find the comment anymore. It was on a blog discussing W10 Telemetry

    Thoughts? Is there any registry keys known that are undocumented?