Regardless of your privacy settings, Windows 10 Creators Update phones home

Another research done by an independent IT security analyst shows a number of privacy issues in Windows 10. Even after you have properly configured Windows 10 Creators Update using Group Policy in the Enterprise edition, the operating system may disregard these settings and continue to utilize your bandwidth and "phone home" to send data.

Many users use various tricks to turn off telemetry and data collection in Windows 10 which is sent back to Microsoft servers. Once these tweaks are applied, such users feel themselves relatively safe from being spied on. However, it has come to be known that even after you disable telemetry using the offic ial settings, Windows 10 continues to connect to Microsoft's servers and sends plenty of data there. This new finding is something to worry about.

The research was performed by Mark Burnett.

Mark Burnett is a security consultant, author, and researcher who specializes in application security, authentication, and hardening Microsoft Windows-based servers and networks. Since 1999 he has worked in numerous areas of IT security, developing unique strategies and techniques for protecting critical assets. Mark is author and coauthor of a number of security books and publishes security articles for several web sites, newsletters, and magazines. Microsoft has three times recognized Mark's contribution to the Windows community with the Windows Server – IIS Most Valued Professional (MVP) award and four times with the Windows Security MVP award.

Mark set up a virtual machine with the Enterprise edition of Windows 10 and tracked the operating system's traffic. According to him, there was no third-party software installed, the telemetry options were disabled, all built-in UWP apps were removed and no apps were running during the test.

His observations are as follows.

With IPv6 and Teredo tunneling disabled, Windows 10 is still connecting out to do IPv6 teredo tests.IPv6 Teredo

Even with Smart Screen disabled, Windows 10 continues to connect to SmartScreen.SmartScreen Connections

The same is true for Telemetry - regardless of the Group Policy state and Registry tweaks, it is still active and sends some data.Telemetry Connections

Even if you have not configured OneDrive Sync, there will be a lot of connections to its servers.Sync Connections

The same is true for error reporting. Even when the service is disabled, Windows 10 makes connections to the related servers.Report Connections

Also, Windows 10 connects to KMS validation services regardless of the Group Policy configuration.KMS Validations

Finally, Windows 10 makes dozens of ad-related connections even in its Enterprise version.Ads

System Traffic

Mark notes that he removed the Paint 3D app but it was silently reinstalled. The operating system even re-created a firewall rule to allow the app automatically!Paint 3d Rule

So, even if you followed the official guide and configured the OS properly, you can't be sure that you control it.

It is not known which data exactly Windows 10 is sending to Microsoft's servers after everything mentioned above is disabled, but it is obviously expected that disabled areas should not produce traffic.

Mark is going to re-verify and repeat his results. Once this is done, he may share more interesting details about his findings.

Windows 10's Privacy related settings are just a ruse to throw unsuspecting users offguard so they think their privacy is being maintained. Repeatedly, it has been demonstrated by various researchers that they are meaningless and do not fully prevent your PC from doing unwanted communications with numerous Microsoft and third party computers.

Source: Mark Burnett


Source: Regardless of your privacy settings, Windows 10 Creators Update phones home

Comments