[REPO] Windows 10 TELEMETRY REPOSITORY

Discussion in 'Windows 10' started by Yen, Aug 4, 2015.

  1. vladnil

    vladnil MDL Member

    Jan 19, 2019
    103
    55
    10
    I try 51.158.168.202 DNS Pi-hole, which blocks ads at the network level, encrypted E2E - Installed on PFsense
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    12,103
    12,641
    340
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. shewolf

    shewolf MDL Senior Member

    Apr 16, 2015
    471
    1,012
    10
  4. rogierel

    rogierel MDL Novice

    Jan 21, 2012
    16
    1
    0
    @shewolf: i was just starting to explore the ways to limit the telemetry for w10, i am a little in doubt now if i want to continue because of exactly what you said -> M$ can always change this, we were just lucky in the past they did not do it (or not that actively), they got enough ip's to change it every hour if they wanted, any update can put additional telemetry or change existing ones..
    i guess i will just disable things a little with the default configuration (i am using NTLite for that) - it's even hard to find the correct configurations for today, there is info out there from 2015 until now, so me as a beginner, got no way to know which is still relevant or not. Disable components, disable task scheduler entries, block ip's or what else? And where to find for each of this the correct scripts... If you can advise me anything, I am all ears, but your comment made me lose much motivation :p nothing personal lol
     
  5. shewolf

    shewolf MDL Senior Member

    Apr 16, 2015
    471
    1,012
    10
    #1145 shewolf, Mar 21, 2020
    Last edited: Mar 21, 2020
    You cannot turn off all data collection on your PC (not just windows), but you can control the data output from your system.
    That's what the firewall is for, windows firewall does it really very well

    :eek:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. nima1024

    nima1024 MDL Member

    Sep 18, 2010
    209
    35
    10
    Cloudflare's DNS servers are the fastest and safest on the world.
    1.1.1.1
    1.0.0.1

    Question 1: Cloudflare's
    Question 2: DNSSec is a method to encrypt DNS records and it's mainly for websites and DNS Servers not DNS Authoritative. In simple words, it's not related to your usage of Cloudflare's DNS servers to resolve hostnames to IPs; it's for websites admins who want to encrypt their DNS records. And it's perfectly safe and recommended but not all DNS registrars provide that (Cloudflare does and it's free).
     
  7. BAU

    BAU MDL Addicted

    Feb 10, 2009
    697
    1,278
    30
    Cloudflare's DNS servers are neither the fastest nor the safest in the world.

    Now DNS over HTTPS is the trendy thing, offered in Chrome and Firefox with CloudFlare or NextDNS built in choices,
    but it is just a half-measure that sucks balls compared to the proper, complete solution offered by dnscrypt.
    Just testdrive Simple DNSCrypt implementation, it's actually secure, and does not slow down your browsing since there are plenty of fast proxies available.

    Pihole is relevant if you have a non-garbage linux machine to dedicate for network tasks.
     
  8. RaT0rg22

    RaT0rg22 MDL Novice

    Oct 28, 2017
    14
    2
    0
    Thx for all the info!
     
  9. TairikuOkami

    TairikuOkami MDL Addicted

    Mar 15, 2014
    989
    856
    30
    As far as security goes, every software within the PC will be allowed to make DNS requests, since dnscrypt will merely replace svchost. Lets say a PC will be part of a botnet, malware will be able to get an update of working IPs. VPN is safer.
     
  10. vladnil

    vladnil MDL Member

    Jan 19, 2019
    103
    55
    10
    testing AnyCast DNS-80.80.80.80 and 80.80.81.81

    although there are doubts?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. BAU

    BAU MDL Addicted

    Feb 10, 2009
    697
    1,278
    30
    What does botnets have to do with VPN? You still need to use local internet security suites / enhanced av's behind a VPN.
    And speaking of VPN, some providers have been caught in the past turning their clients into.. botnets. If you're not paying premium - you're the product.

    And proper VPN that you've set it up yourself at both ends is indeed safer as in privacy-safer, but you're not talking about that.
    You're talking about commercial solutions that could eavesdrop, sell data, supply detailed months-old history when subpoenaed at any time. Plus a hefty price tag. Plus limited availability of high-speed proxies.

    dnscrypt is no VPN and does not compete with VPNs, it merely encrypts dns requests.
    It's all in your hands to choose from the publicly available and peer-reviewed servers, many hosted at educational institutions around the world,
    with an exponentially higher trust factor than some almost anonymized vpn provider company behind 10 other shell companies with a PO box address.

    And once you've made your dns requests, you get to communicate with your target at full internet speed, not bounce back & forth to a VPN.
    I live in a part of the world where gigabit internet has been a commodity for several years, and I don't think there is any VPN offering to take such "abuse".
    If it's online games lacking local servers, needing cross-region connectivity in competitions, or accesing media content overseas, then sure, VPN is king. But I don't consider any of them privacy-safe.
     
  12. ma.prezentalok

    ma.prezentalok MDL Junior Member

    Oct 22, 2012
    53
    9
    0
  13. masteryoba

    masteryoba MDL Novice

    Jan 28, 2020
    1
    0
    0
    Has anyone tried stopping somehow the diagnostic services? In previous versions 1809< you could simply delete the services now on 1903-09 you will get and svchost error with multiple crashes including bsods or cyclic explorer crash. I'm talking about "DiagTrack" - "diagsvc" also if you disable the error reporting service you will get the same errors.
     
  14. BAU

    BAU MDL Addicted

    Feb 10, 2009
    697
    1,278
    30
    Hope you don't mess with other services named Diagnostic.. by mistake, since those are used for maintenance / power-efficiency tasks.
    No issues disabling Connected User Experiences and Telemetry and Windows Error Reporting via services or gpedit.msc - must be something on your end.
    Deleting a service on a live install is not a supported scenario - if you really need stuff gone, do it on an offline image, then install that chopped OS. Then cry when cumulative updates fail to install next month :)
     
  15. lakrispipe

    lakrispipe MDL Novice

    Oct 12, 2019
    2
    0
    0
    A couple of years ago I read an anonymous comment somewhere online which made the claim that you can further disable telemetry through undocumented registry keys(?) in some sort of configuration (test? dev key?)
    Sorry for being unclear but unfortunately I can't find the comment anymore. It was on a blog discussing W10 Telemetry

    Thoughts? Is there any registry keys known that are undocumented?
     
  16. DirtyAngelicaSecured

    DirtyAngelicaSecured MDL Junior Member

    Mar 30, 2020
    70
    10
    0
    Why would you care for DNS-only encryption/protection if you want to hide from MS? AFAIK DNS-related security only prevents ISP's or middle-men from tracking you, but it doesn't prevent MS from obtaining your real IP if you aren't using a VPN. Proper VPN's provide custom DNS addresses that already use protocols mentioned in this post.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  17. BAU

    BAU MDL Addicted

    Feb 10, 2009
    697
    1,278
    30
    Political militants or criminals risking their civil liberty or their lives without the use of tor vpn etc. is beside the point of this topic and the rules you've agreed to when registering to this forum.
    What we care about is our legitimate, constitutional rights to privacy: ISP/microsoft/google/facebook/twitter/MSS/Schiphol Airport/the buffet in the corner etc. should not take advantage of our browsing history to serve ads, "get to know us", or worse (like your employer/your bank doing queries on what you do in your free time).
    DNS encryption suffice for that.
    Less relevant now due to Corona, but when we used to travel a lot, we were constantly exposed to man-in-the-middle attacks. Internet is still very expensive when abroad, so joining public wifi without giving it much thought is something each of us have done in the past. And while solutions existed to secure it for PCs, it was more problematic with mobile devices. This is where DNS over HTTPS straight from the browser comes in.

    As a practical example, while using a secured VPN to browse your favorite clips on redtube or whatever, only the vpn provider will see it. But it will most like be choppy playback. And it will cost extra.
    When using DNS encryption, ISP / microsoft might infer you're accessing redtube, but they won't know you're watching Euro Girls on Girls something. And playback will work at full internet speed, without extra costs.
    On the other hand, visiting forum x or y won't have a considerable speed downside via VPN.
    In the end, it's a matter of trust.
    If you find a trustworthy commercial VPN (I haven't found a single one as of yet) with fast enough proxies and at a good price, then go for it, it will protect all your browsing habits.
    If you trust NSA MPAA RIAA Cloudflare, and is fast enough in your area, then go for it - it's free and will protect details of your browsing.
    Myself I'm sticking with DNSCrypt and academic hosted proxies.
     
  18. shewolf

    shewolf MDL Senior Member

    Apr 16, 2015
    471
    1,012
    10
    Anyone who is familiar with IPSec?

    :eek:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  19. DirtyAngelicaSecured

    DirtyAngelicaSecured MDL Junior Member

    Mar 30, 2020
    70
    10
    0
    The internet says it is less secure than OpenVPN...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...