Windows 10 keylogging, mic recording, HDD indexing

[MALLIMOOSH]

Microsoft is all set for the new internet law CISA, even before it is passed. CISA would require corporations to report any and all information about their customers to the US government, even if those people are not suspected of committing a crime. Windows 10, and new updates to Windows 7 and 8.1 do the following:

 

 

 

 

All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:

 

 

 

oca.telemetry.microsoft.com.nsatc.net

pre.footprintpredict.com

reports.wes.df.telemetry.microsoft.com

 

 

 

Telemetry is sent once per 5 minutes, to:

 

 

 

vortex.data.microsoft.com

vortex-win.data.microsoft.com

telecommand.telemetry.microsoft.com

telecommand.telemetry.microsoft.com.nsatc.net

oca.telemetry.microsoft.com

oca.telemetry.microsoft.com.nsatc.net

sqm.telemetry.microsoft.com

sqm.telemetry.microsoft.com.nsatc.net

 

 

 

Typing the name of any popular movie into your local file search starts a telemetry process that indexes all media files on your computer and transmits them to:

 

 

 

df.telemetry.microsoft.com

reports.wes.df.telemetry.microsoft.com

cs1.wpc.v0cdn.net

vortex-sandbox.data.microsoft.com

pre.footprintpredict.com

 

 

 

 

When a webcam is first enabled, ~35mb of data gets immediately transmitted to:

 

 

 

 

oca.telemetry.microsoft.com

oca.telemetry.microsoft.com.nsatc.net

vortex-sandbox.data.microsoft.com

i1.services.social.microsoft.com

i1.services.social.microsoft.com.nsatc.net

 

 

 

 

Everything that is said into an enabled microphone is immediately transmitted to:

 

 

 

 

oca.telemetry.microsoft.com

oca.telemetry.microsoft.com.nsatc.net

vortex-sandbox.data.microsoft.com

pre.footprintpredict.com

i1.services.social.microsoft.com

i1.services.social.microsoft.com.nsatc.net

telemetry.appex.bing.net

telemetry.urs.microsoft.com

cs1.wpc.v0cdn.net

statsfe1.ws.microsoft.com

 

 

 

 

If this werent bad enough, this behaviour still occurs after Cortana is fully disabled/uninstalled. Its speculated that the purpose of this function to build up a massive voice database, then tie those voices to identities, and eventually be able to identify anyone simply by picking up their voice, whether it be a microphone in a public place or a wiretap on a payphone.

 

 

 

 

Interestingly, if Cortana is enabled, the voice is first transcribed to text, then the transcription is sent to:

 

 

 

 

pre.footprintpredict.com

reports.wes.df.telemetry.microsoft.com

df.telemetry.microsoft.com

 

 

 

 

While the inital reflex may be to block all of the above servers via HOSTS, it turns out this wont work: Microsoft has taken the care to hardcode certain IPs, meaning that there is no DNS lookup and no HOSTS consultation. However, if the above servers are blocked via HOSTS, Windows will pretend to be crippled by continuously throwing errors, while still maintaining data collection in the background. Other than an increase in errors, HOSTS blocking did not affect the volume, frequency, or rate of data being transmitted.

 

 

 

 

http://localghost.org/

 

 

 

 

http://aeronet.cz/news/analyza-windows-10-ve-svem-principu-jde-o-pouhy-terminal-na-sber-informaci-o-uzivateli-jeho-prstech-ocich-a-hlasu/

Edited October 22, 2015 by MALLIMOOSH

[MALLIMOOSH]

PS- If you are wondering why Windows 10 is free, this is it. If you do not pay for the product, you ARE the product!

 

Also, I forgot to mention that in Windows 10, updates are forced, meaning that you cannot opt out, even if the update borks your system. Time to move over to Linux.

[SilentScope222]

I might consider going the way of linux for certain things or role back to Windows 7. The perfect OS i call it. direct x 12 is not worth it, sense no developer will use it in my gpu's life time. Usually older versions sense the time they started using dx 11 was years later.

Edited October 22, 2015 by SilentScope222

[sendo75]

@MALLIMOOSH

Ty for the info! This might be all over the web but I only came across it here for the first time.

----------------------------------------------------------------------------------------------------------------------------

Thought about it more while I was going through the steps to remove those unwanted updates. Correct me if I am wrong. (For Win7 at least)

• If Customer Experience Improvement Program (CEIP) is not enabled (users can opt out in control panel), then there is no unwanted info leakage.
• CEIP states that the collected info will not be used for identification. I think this can be interpreted loosely but personally I won't trust it much.
• User rights may be invalid if unauthorized copies of their products are used. (I honestly hope they don't screw with legit users at least)

Pls comment if anyone knows better, thanks. Facts appreciated.

[Vagrant0]

@MALLIMOOSH

Ty for the info! This might be all over the web but I only came across it here for the first time.

----------------------------------------------------------------------------------------------------------------------------

Thought about it more while I was going through the steps to remove those unwanted updates. Correct me if I am wrong. (For Win7 at least)

• If Customer Experience Improvement Program (CEIP) is not enabled (users can opt out in control panel), then there is no unwanted info leakage.
• CEIP states that the collected info will not be used for identification. I think this can be interpreted loosely but personally I won't trust it much.
• User rights may be invalid if unauthorized copies of their products are used. (I honestly hope they don't screw with legit users at least)

Pls comment if anyone knows better, thanks. Facts appreciated.

Pretty sure their new terms completely ignore any of those privacy matters covered under CEIP, and there is no way to opt out. All information is being collected without regards to privacy and is now being done in ways which can be used directly for the purposes of identification (recording voice and webcam and transmitting it). While you can opt out of some things through the panel, all the background monitoring (checking search history, recording your voice and appearance, ect) is still being done and being transmitted. This is active on all currently supported versions of Windows.

 

The only way out is to either remove and block updates now, or completely block those IPs through your router (provided you don't update your router firmware). This essentially only serves to screw over loyal customers and is very anti-consumer rights.