Windows (10) Technical Preview - Privacy and the Cloud Guide

Discussion in 'Windows 10' started by murphy78, Oct 25, 2014.

  1. murphy78

    murphy78 MDL DISM Enthusiast

    Nov 18, 2012
    6,787
    10,381
    210
    #1 murphy78, Oct 25, 2014
    Last edited: Oct 25, 2014
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. murphy78

    murphy78 MDL DISM Enthusiast

    Nov 18, 2012
    6,787
    10,381
    210
    #2 murphy78, Oct 25, 2014
    Last edited: Oct 25, 2014
    (OP)
    For now I will say that telemetry is still being used in Win10TP build 9860.
    smorgan has a thread that, for the most part, has effective ways to block/unblock the telemetry.
    The telemetry thread is located at:
    http://forums.mydigitallife.net/threads/57312-Windows-10-Telemetry-amp-Application-Data-List

    There are a few things going on with telemetry, so let me explain what is being collected:
    1. Auto-Fill data in Internet Explorer.
    2. Applications that are ran (filenames, firewall settings, etc)
    3. Crash reports and error reports.

    There's no default way to opt out of any of these. That doesn't mean that you cannot do it.
    You can disable or avoid these things.

    Avoiding Internet Explorer's autofill data collection is simple. Just install Chrome or Firefox.
    There's no evidence to suggest that this autofill data collection extends further than IE.

    Application data reports being sent to ms is a little more complicated. It's still very early to tell exactly which
    methods of blocking are required or effective. Until we figure out more, I'd suggest going a three-pronged approach.
    -Hosts file block the majority of the ms telemetry servers we've identified
    -Cert block the 2 certs we've identified that MS uses
    -Disable the associated services that track the exe files, report their findings, and send the findings to the telemetry servers.

    While this might seem incredibly complicated, we've already made scripts to do just that.

    Crash reports and Error reporting telemetry gathering can be blocked by disabling the Customer Improvement Experience Program (CEIP)
    We have bundled this service disable in with the scripting.

    Where do we stand in evaluating these efforts?
    We don't know. Monitoring system services and network traffic isn't as easy as you'd think.
    For instance, if they merge a service's functionality with another service, it'd be darn near impossible to tell which one is doing what without a complete reversal.
    If you've used a network monitoring program like WireShark, you know that your system sends quite a lot of superfluous connections constantly to communicate with different things like routers and PNP devices.
    A keen eye can spot obvious telemetry being sent, but it's very difficult to know if you've blocked everything 100%

    We have been trying to make sure that anything we disable or block has an UNDO mode so you can un-block and restore default settings.
    This is important because we've found that often having any sort of registry mods will block the upgrade to future versions of the WTP.

    Also, know what you're getting into when you install WTP. It clearly states that they collect data.
    You should never rely on these block methods when deciding whether or not to use WTP.
    You should also consider that a future update may make things un-blockable. It's unlikely, but it's possible.

    These block methods are for the more advanced users and are not suitable for beginners.
    We will not hold your hand and tell you how to, for instance, run a script.
    You can google search how to do certain things.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. TheMrCaveman

    TheMrCaveman MDL Novice

    Feb 23, 2011
    27
    0
    0
    Thanks a lot for your explanation:cool:
     
  4. Ace2

    Ace2 MDL Senior Member

    Oct 10, 2014
    331
    150
    10
    Disable OneDrive with gpedit, On Windows 10 TP Build 9860:

    Open C:\Windows\System32\gpedit

    Local Computer Policy / Computer Configuration / Administrative Templates / Windows Components / OneDrive

    Disable, Save documents to OneDrive by default.
    Enable, Prevent the usage of OneDrive for file storage.
    Enable, Prevent OneDrive files from syncing over metered connections.

    ;)
     
  5. murphy78

    murphy78 MDL DISM Enthusiast

    Nov 18, 2012
    6,787
    10,381
    210
    Updated the 2nd post. I'll try and update it as our testing progresses.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. ZaForD

    ZaForD MDL Expert

    Jan 26, 2008
    1,180
    176
    60
    Thanks for the info Murphy, very helpful :biggrin:

    One related thing to bear in mind when using OneDrive (and probably other cloud storage services) in general.
    There are auto monitored by the providers so be careful about what gets uploaded, and I'm not talking about Warez.

    I still have a f@#ked MS account, because I took a few silly photos at a bucks party. Which my WP7 phone auto uploaded to Skydrive. MS's auto check system didn't like them and blocked the account.

    This caused me really problems as that account was liked to my Phone (had to be factory reset) my Windows 8 laptop (had to change to a new MS account), my Xbox GT (also needed to be changed to the new MS account) This also meant having to change my MS/Xbox/Zune payment details which is a pain at the best of times, never mind when you can't access the main email address they are linked too.

    I'm not saying the service isn't good or handy, but the auto upload can cause real troubles.
     
  7. Skram0

    Skram0 MDL Novice

    Jan 28, 2010
    7
    1
    0
    Thumbs up for Micro$oft for having your back. NOT! The jerks..

    This is one of the reasons I don't subscribe to ANY "cloud" crap. My stuff is "my stuff". Once I relinquish it to the powers of the internet, then it becomes "everybody's stuff".
    There are many many many examples I could think of right now. :haha:
     
  8. murphy78

    murphy78 MDL DISM Enthusiast

    Nov 18, 2012
    6,787
    10,381
    210
    #8 murphy78, Oct 26, 2014
    Last edited: Oct 26, 2014
    (OP)
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. pisthai

    pisthai Imperfect Human

    Jul 29, 2009
    6,782
    1,985
    210
    I have to agree here!

    Anyway fact is that MS has warned the User of the TP upfront not to use the TP with any sensitive data. Who still do that, must just 'face the music'! That Privacy Statement was displayed to any of the 'legal' user's of the TP and if they haven't read it, who's fault is that?

    If MS would carry on with using the same procedures in the final release of the OS and later on, I would stop to use their software and although convince our customer for to change to others.

    I'm not in any means an friend of MS, I just try to be as objective as possible.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. vnoctober

    vnoctober MDL Member

    Mar 5, 2014
    145
    310
    10
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. pisthai

    pisthai Imperfect Human

    Jul 29, 2009
    6,782
    1,985
    210
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...