The complexity of controlling Windows telemetry

Noel Carboni has a great post that I wanted to bring up here onto the main page. It’s in response to the question of what to recommend for Win7 and 8.1 users, in this age of Malware as a Service, but it’s generally applicable to all Windows customers:

***********

I’ll wager I know what communications a desktop system does online as well as anyone, as understanding and controlling such communications is a passion of mine. A career in data communications and software engineering tends to do that to you.

Thing is, there’s not just one “telemetry” communications stream. What Windows does online is much, much more complex than that! Insanely more complicated.

Presuming you want to do at least SOME things online with your system you actually DON’T want to block all the comms – there are some very necessary sites that MUST be contacted by a typical system regularly, e.g., for the purposes of certificate verification, time sync, license management…

That’s not to say Windows can’t be made very private. I myself maintain Windows 7, 8.1, and 10 systems that don’t spill the beans online. But it’s no small, simple, turnkey task. Windows is a complex beast, and it takes some geek chops to do it along with ongoing effort.

As an example, here’s a list of all the sites my Windows 10 test system at LAN address 192.168.2.26, allowed to sit idle all day, contacted. I ran the command (on my Win 8.1 workstation) to search my DNS log at near midnight last night. You can see that the only communication initiated in the 24 hour period was to get the time from the National Institute of Standards and Technology via a task I have scheduled (I have disabled the out-of-box Windows time service).

Most folks, however, wouldn’t find my Windows 10 system, above, acceptable. Why? Because I have shunned all the Apps and cloud-integration entirely. But it DOES illustrate that the beast can be controlled, and my techniques are applicable to purely desktop-oriented Windows 7 and 8.1 systems also.

What have I found that it takes to accomplish this reduction/elimination of Microsoft-initiated online communications?

• Reconfiguration of all provided settings to their most private choices.
• Being willing to do without (or reduced function from) some services Windows seeks to provide.
• Configuration through the local Group Policy editor a number of settings.
• Configuration through the registry of a number of settings that have no UI.
• Disabling of scheduled tasks involved with telemetry and online comms.
• Disabling of services involved with telemetry and online comms.
• Adding entries to the hosts file to blacklist some sites.
• Watching vigilantly for any of these things to be reverted by updates.
• Outfitting with extra software to monitor and police communication attempts.

The list above may seem daunting, but we haven’t even gotten to the part where the devil is in the details. The lists of how to accomplish the above things are long and complex.

Ideally I imagine people want a fully private system that still allows them to do everything they want. That’s not gonna happen. You have to be willing to compromise.

What does one have to consider doing without?

• Apps. The very nature of Apps is that they’re web-integrated and they require an infrastructure to keep them functional. If you want to run Apps, stop reading now.
• Cortana. A personal digital assistant COULD work entirely from local data, but Cortana doesn’t. If you want a personal digital assistant that talks to you, stop here.
• Cloud-integration, such as OneDrive, except for user-initiated operations e.g., in a browser. The good news is that you can use a OneDrive server to store/retrieve files through a browser without ANY of the system-level integration
• Automatic updates. You have to be willing to install them yourself from the catalog if you want a truly subservient system.
• Some security features such as the “Smartscreen Filter”. But you can’t rely on luck; you need a GOOD alternate plan to stay safe online.
• Suggestions that pop up while you type. Your keystrokes are sent to Bing or Google or whatever search engine to make that happen.
• Generally speaking, subscription and high-end commercial software communicates regularly online to do things like verify its licensing. Either you need to allow this or choose software that doesn’t do that.
• Some software seeks to be cloud-integrated (late versions of Office, for example). You have to avoid this software or specific features within it, and be able to differentiate wanted comms from unwanted comms. That’s no small feat!
• Online backups. Uh, no, get one or more external USB drives and make your own local backups, where you maintain full control of your data.

This has gotten long already, yet I’m sure there are things I’ve missed and I haven’t even begun to get into the list of actual technical things to do to get to a secure, private system that doesn’t try overmuch to send your data abroad. It’s a challenging task even for a career software engineer. It’s not going to be feasible at all to provide a “have your cake and eat it too, set it and forget it” solution for an average user.