
Disable Windows 10 Tracking - SoMuchToGrok
https://github.com/10se1ucgo/DisableWinTracking
======
nathanaldensr
I wrote a PowerShell script that enables or disables various Windows 10
tracking components.

[https://github.com/nathan-
alden/windows-10-tracking](https://github.com/nathan-
alden/windows-10-tracking)

I based the script on the
[https://github.com/10se1ucgo/DisableWinTracking](https://github.com/10se1ucgo/DisableWinTracking)
repository, but the code in that repository is Python and compiles to a
Windows executable. I much prefer PowerShell so that the code can be more
easily changed and deployed in automated environments. Additionally, that
Python code doesn't undo changes, whereas my PowerShell script does.

I'd appreciate any feedback (probably as a GitHub issue).

------
andrewmcwatters
This is really crudely put together, completely disregards recent findings
from news articles proving you cannot completely disable W10 telemetrics, and
the author acknowledges he doesn't want to support reversing destructive
processes with it.

You shouldn't bother using this.

~~~
nathanaldensr
See my top-level comment. I was unhappy with the author's reply in the GitHub
issue about undoing changes. I decided to write a PowerShell script to fix
those problems.

~~~
andrewmcwatters
This is much cleaner and preferable for deployment to enterprise environments.
That all being said, I highly doubt anyone is fully aware of the information
passed through the list of hostnames in any of these projects.

It's been claimed OS and app functionality breaks by blocking access to some
of these domains, and I'm curious as to why.

Blasting a wall of hosts out of access is not a very refined way of going
about this purging of telemetrics, but your project is a great example of OSS
being improved upon. Good script!

~~~
nathanaldensr
Before I read your comment, I added more information in the README that says I
have not personally tested the HOSTS entries. Since PowerShell is so
accessible, it's my hope that those with more time than me can create an
exhaustive, accurate list, and perhaps submit a pull request. My only intent
with this project was to convert the original author's work into a more
accessible, Windows-friendly tool.

Thank you for the kind words. :)

------
pilif
> _Set the AllowTelemetry string in
> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection to 0_

AFAIK, setting this to 0 only has meaning in the Enterprise edition. In the
consumer edition, 0 has the same meaning as 1.

Here's a screenshot from the group policy editor of my Windows 10 VM:

[http://i.imgur.com/3s3AT9p.png](http://i.imgur.com/3s3AT9p.png)

as you can see, 0 only does something in Enterprise builds.

~~~
merb
Only in enterprise builds x.X not in Pro.. I should definitly start using
Windows 10 Enterprise LTSB again..

------
nerdy
_Be careful with this!_ From the README under the "HOSTS" section:

 _" Append known tracking domains to the HOSTS file located in
C:\Windows\System32\drivers\etc"_

However there are other articles which suggest changing the hosts file can
cause instability[1]:

 _" Of course, the first thing that comes to mind is disabling communication
with these servers (by introducing the server into the hosts file and settings
to 127.0.0.1 localhost), but as I tried, after disabling the Windows 10 start
acting suspiciously otherwise. Error messages pop up, sometimes the message of
"service failure", there are problems with Skype, it is not possible to
maintain a stable connection. The problem is with VPN connections that fall.
But it is possible that this is just some incompatibilities and nevyladěnost
new OS. Apparently, it is necessary not to prohibit certain sites and have
available to make things work, but I had no time to analyze them one by one,
what causes them off in the long run in Windows 10"_

Of course, there are a whole bunch of other potentially dangerous things the
tool does like change services and edit the registry. Take care!

[1]
[https://translate.google.com/translate?hl=en&sl=cs&tl=en&u=h...](https://translate.google.com/translate?hl=en&sl=cs&tl=en&u=http%3A%2F%2Faeronet.cz%2Fnews%2Fanalyza-
windows-10-ve-svem-principu-jde-o-pouhy-terminal-na-sber-informaci-o-
uzivateli-jeho-prstech-ocich-a-hlasu%2F)

~~~
userbinator
I'm not surprised that MS is making it harder to disable these things. It
should be possible to patch them out completely, but then you also have to
deal with signing, system file protection, and updates which could re-enable
them again... MS is putting up a much stronger fight now than they did with
the previous versions of Windows.

~~~
gr3yh47
if something is free, you are not the customer, you are the product

~~~
naringas
Windows 10 is not free, it's a free upgrade for customers that already payed
for a previous version.

~~~
naringas
paid

------
kozukumi
Far better is to not use Windows 10 and tell Microsoft why.

~~~
userbinator
I wonder if Windows 7 support might last even longer than XP... no doubt there
will be plenty of anger when MS decides to end support for 7/8 like they did
with XP, but the best way to delay that is to vehemently refuse to "upgrade".

...and I am writing this on a machine running (a much customised version of)
XP, which remains _completely silent_ on the network and never produces any
traffic unaccounted for.

~~~
scholia
_> when MS decides to end support for 7/8_

Microsoft doesn't suddenly decide to end support for something: it has a well-
established, pre-published software life-cycle where operating systems are
supported for 10 years. [http://windows.microsoft.com/en-
GB/windows/lifecycle](http://windows.microsoft.com/en-GB/windows/lifecycle)

There's always a chance that a date will be extended, but it wouldn't be a
good plan to bet on it.

Otherwise, I feel deeply sorry for you. Nobody should have to use inferior
systems like Windows XP in this day and age. Presumably some badly-programmed
bit of corporate junkware prevented you from upgraded to Windows 7 in 2009 ..
;-)

~~~
whoopdedo
XP is a solid enough system for limited use cases. Keep it behind a firewall
and don't ever touch a browser, it will run forever without a glitch. I
wouldn't call it "inferior". There may be things it can't do but if you're not
going to use those features, so what? Upgrading a system just for the sake of
upgrading is a waste of money.

It's not just software tying a machine to XP but the hardware. A particular
card may not have a 7 compatible driver. A penny-pinching executive will look
at the very long number that is the cost of upgrading and decide to stay on XP
and just replace parts (hard drive, monitor, etc.) as they break. Which may
not be the smartest thing in the long run.

I can see 7 lasting longer than XP as it's the last OS built primarily for
traditional Win32 (Desktop) applications. 8 and 10 are transitioning to an OS
for managed code and virtualization. If you have a legacy application you'll
get the best experience on 7 (or XP, or Server 200X). All of the improvements
to Windows are meant to make C# based programs work better. There isn't much
to gain by upgrading an older codebase to the new OS.

Of course people whose primary business is creating software think nothing of
upgrading. To everyone else, writing new software is an expense. If the
software you have does everything you need it to do, you're not going to
rewrite it unless there is something to gain.

~~~
scholia
_> stay on XP and just replace parts (hard drive, monitor, etc.) as they
break. Which may not be the smartest thing in the long run._

Aye, there's the rub.

Based on enterprise-class calculations (staff time etc), the cost of keeping
an old XP PC running is dramatically higher than replacing it. You can get a
tiny desktop with 4GB and a 1TB drive for less than $300, and cut your
electricity bill as well.

In accounting terms, you may also save money by reducing reboots and fast
start-up times, esp with UEFI. Whether Gartner averages apply in a specific
case is, of course, an entirely different matter.

And, of course, if you've got a hardware lock-in that's no help at all ;-)

I agree with your final paras. We can see where Microsoft is heading. Where
the world will actually be in 2020-25 is another matter....

~~~
whoopdedo
> Based on enterprise-class calculations (staff time etc), the cost of keeping
> an old XP PC running is dramatically higher than replacing it. You can get a
> tiny desktop with 4GB and a 1TB drive for less than $300, and cut your
> electricity bill as well.

Have you seen how extremely short-sighted and quarterly report oriented some
executives can be. You say "only" $300 but I regularly replace $30 hard drives
(that I charge $80 for) and they thank me for it because I'm "saving" them
$200.

~~~
scholia
Sad but true ;-)

------
mtgx
Yeah, so I've been using that since a few days ago along with DoNotSpy10, and
disabled almost everything. Then I installed a traffic monitoring tool and I
still found Cortana to be calling home, even though I checked and both web
searches (search box) and Cortana were disabled.

I think this article is right - you _can 't_ fully stop Windows 10 from
calling home, no matter what you do or how many thing you disable.

[http://arstechnica.com/information-
technology/2015/08/even-w...](http://arstechnica.com/information-
technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-
microsoft/)

And according to this article, Microsoft has an OS-level keylogger that
catches all of your typed characters (all passwords, all "secure"
communications) even from the virtual keyboard, for "no good reason".

[http://localghost.org/posts/a-traffic-analysis-of-
windows-10](http://localghost.org/posts/a-traffic-analysis-of-windows-10)

~~~
Silhouette
That OS-level keylogger would be extremely worrying, as would various other
monitoring mentioned in your second link.

However, it's worth pointing out that the same link now starts with this
warning:

 _Note: Some readers have commented that the original source for the article
is of questionably validity. If anyone can confirm or refute the original
author 's finding with actual data, please let me know in the comments, and
I'll update this post accordingly._

As I write this, no-one has in fact provided any additional sources for
confirmation.

~~~
marcosdumay
Don't mind that a few comments down on the HN thread there's a clear quote of
the W10 privacy policy where MS says it sends your text and voice back home.

~~~
Silhouette
I'm well aware of what the privacy policy says, and personally I don't like it
and don't use Windows 10. On the other hand, clearly other people do find some
of these convenience features useful, and to provide those features some data
is going to get sent from their computers to Microsoft that I personally
wouldn't be happy to share in that way. Reasonable people can differ on what
they are willing to accept in this respect.

However, I think the issue we're talking about here is what Windows 10 is
_actually_ doing right now. If Windows 10 is in fact hoovering up huge amounts
of potentially sensitive data and sending it home _without_ the user being
aware of and agreeing to it, that is of concern whatever the privacy policy
says and deserves to be publicised.

~~~
marcosdumay
Well, so let's talk about what W10 is doing right now.

You are dismissing what somebody claimed to see W10 doing, because you don't
think the source is trustworthy. Fair enough, but the privacy policy claims
the exact same thing.

Now you are claiming that the privacy policy is just some fictitious document
where MS writes every kind of stuff their client won't like to read, but they
also won't bother practicing? Despite evidence (weak that it may be) that they
are practicing it right now?

~~~
Silhouette
I'm not dismissing anything. I just pointed out that _the exact source_
someone was citing _itself_ leads with a warning that the original source is
currently unverified and has been repeatedly challenged, which I thought was
worthwhile since the HN poster citing it didn't mention that significant
detail.

I'm also making no claims about the privacy policy being fictional or any of
the other stuff you just made up.

Please stop putting words into my fingers that weren't even remotely there. It
makes intelligent discussion impossible.

------
davexunit
Best way to disable Windows 10 tracking: Switch to GNU/Linux.

~~~
teacup50
Unfortunately, that's also the best way to not get any work done because:

1) None of the software most people need is available for Linux, and

2) "GNU/Linux" sucks at providing a rich and stable API/ABI on which
proprietary software can be built and supported, and

3) Usability of what does exist generally sucks, because unsurprisingly, not
charging for your work makes it very hard to hire artists and designers.

Also unfortunately, that means the majority of people are stuck choosing
between relinquishing privacy to either Apple, MS, or Google.

~~~
sarciszewski
> 2) "GNU/Linux" sucks at providing a rich and stable API/ABI on which
> proprietary software can be built and supported, and

Care to elaborate on this one? I don't see what sucks about it. You can build
proprietary software and run it on Linux. See also: Steam games.

> 3) Usability of what does exist generally sucks, because unsurprisingly, not
> charging for your work makes it very hard to hire artists and designers.

I've personally found the latest editions of Debian-based OSes (such as Linux
Mint) to be very intuitive and beautiful.

~~~
userbinator
_Care to elaborate on this one? I don 't see what sucks about it. You can
build proprietary software and run it on Linux. See also: Steam games._

I've run into this before many times. Binaries for proprietary apps, from 20
years ago, will probably still work today on Windows 10 if they didn't do
anything too crazy or need low-level system functions (e.g. disk
defragmenters). I don't think the same can be said of proprietary apps on
Linux; there, the vast amount of diversity is also its greatest weakness and
apps tend to have these massive (version-locked) dependency chains attached to
them.

~~~
sarciszewski
> Binaries for proprietary apps, from 20 years ago, will probably still work
> today on Windows 10

Do you really want to run 20 year-old software?

> I don't think the same can be said of proprietary apps on Linux

So, you don't know then.

\-------------

In my experience, getting something to run on Linux is easier than getting it
to run on Windows. The only reason that more software isn't built on Linux is
the network effect.

"All of our paying customers use Windows, why would we want to build on Linux?
Only free software hippies use that!" \- Caricature of the average IT manager

Steam for Linux is going to gradually be a... game-changer. B)

~~~
Karunamon
_Do you really want to run 20 year-old software?_

Games? Line of business applications? Other applications that still work for
me and I have no reason to upgrade?

Yes. Yes I do.

    
    
        <post type="rant" intensity="105%">
    

Windows is literally the only OS out there right now that gives a toss about
backwards compatibility.

Try compiling old code on a new linux - prepare to be stuck in dependency hell
for hours as you try to find libraries that the distro maintainers ever-so-
helpfully deleted outright or renamed with no pointer.

Apple _shamelessly_ breaks things every time there's a point release to iOS or
OSX. Killing this API, turning on that "security" feature which breaks your
addons, etc etc.

------
huhtenberg
Keep in mind that Windows filters the contents of etc/hosts and basically
ignores (some) entries for its own domains. For example, you cannot null-route
Windows Update servers this way.

~~~
bloaf
And so for those sites you break out the firewall settings.

------
blackbeard
One KB or sfc run later and that'll all be turned back on again...

------
nly
Checked my parents PC on a visit this morning to find the latest Patch Tuesday
set of updates hadn't installed automatically because Windows Update was too
busy advertising Windows 10. I was also greeted with a balloon popup rather
than just the subtle GWX icon in the tray nagging me to install it.

Microsoft are pushing this OS fervently and, given their aggressive service
integration, I've recently been musing about whether the Microsoft of today
are really 'better' just because they've become more open with their software,
or whether they're actually just a different, possibly nastier, kind
monopolistic threat.

We could look back in 5 years and see the majority using Bing (via the Start
Menu), Cortana, IE, OneDrive, and syncing all their devices through MS servers
and cringe. Microsoft can't win on the strength of their brand when it comes
to consumer facing services (except for Xbox), so maybe integration will see
them break through and muscle out the likes of Chrome, Google, Gmail, Android,
and Dropbox.... _if_ W10 on mobile takes off that is.

Oddly, despite not owning and having never owned any Apple product, I find
myself comforted these days that they are there with an almost bottomless pile
of money.

~~~
_pmf_
> just because they've become more open with their software

Visual Studio Community Edition is unsuitable for any medium sized company.

dotNET's openness does not extend to the actually interesting parts (WPF,
WinForms).

The new openness is purely a communication effort; they take care to
communicate their openness without changing anything.

It's disconcerting to see that they need developers more than developers need
them.

~~~
zamalek
VS community is _unlicensed_ for any medium sized company. You can't complain
about something that you are stealing.

~~~
marcosdumay
What? It's free software, but one does not have a license to use it?

What kind of free software is that?

(And no, I didn't read the license, I don't know either way.)

~~~
zamalek
It is freely licensed for personal, OSS and small teams. You do not get the
free license grant for other uses. It's like using GPL code in closed source
software. GPL is free but has conditions about that free license that gets
granted to you.

> I didn't read the license

Oh boy... Keep that up and you're going to have interesting times ahead of
you. Always read licenses, or at the very least (if you can't be asked to deal
with legalese) find a summary somewhere.

~~~
marcosdumay
I don't use this software. I have no reason to read the license.

~~~
zamalek
With such a snide retort, why ask for the facts in the first place?

------
mesozoic
Apparently you can't fully disable it so it looks like it's Windows 7 for me
for another 5 years or so.

------
thescrewdriver
You have to know that your privacy defaults are batshit crazy when people
start developing tools to automate correcting them.

------
EugeneOZ
With such "open" system don't even think about large or government companies,
especially non-US.

------
Spearchucker
Is the tracking limited to Home edition, or does this also apply to Pro and
Enterprise? Nothing I've read definitively confirms which versions are
affected to what extent. Knowing this is useful in that I'd happily pay to not
have the spying. Paying is also preferable to downloading an .exe that
disables tracking that has dependencies I haven't installed (Python, for
example). I'm more likely to trust a PowerShell script, but(for now) haven't
the time to invest to create my own.

~~~
nathanaldensr
See my top-level comment. I did just that--created a PowerShell script.

------
kn9
Can anyone please share the list of GPO's to block in enterprise environment

------
talles
Kudos for stating on the README what it does.

------
juliangregorian
Personally, I'd rather fuzz their servers with terabyte after terabyte of
garbage, but to each his own.

~~~
cautious_int
Can you also fake/spoof the appropriate signatures/headers? Otherwise
separating that data is going to be very easy. Unless you do it on a higher
level like emulating input, but then you won't have a very useful machine.

~~~
marcosdumay
He probably can. His computer is able to create those signatures, and he
didn't lose low level access to it once he installed Windows 10.

It's probably not easy, but might be a very interesting thing to do. Will the
US start to criminally persecute everybody that does that?

And also, the most important question. Will people still be able to do that on
newer computers that ship with Windows 10?

------
crystalgiver
I run Windows as a guest with vga passthrough and completely disable
networking (though a very strict firewall could also work, e.g. For online
games).

