Microsoft Adding Windows 10 Style Spyware to Windows 7 and Windows 8
August 31st, 2015Update: Several Windows 10 Privacy Tools
—
How many hosts is Microsoft phoning everything home to? Is it feasible to just block them all with an external firewall so a Windows box simply can’t reach Microsoft?
The article below says that Windows 10 is ignoring the hosts file and phoning home anyway, so it seems like an external firewall would be the way to go.
Of course, as soon as you get your Microsoft blacklist established, if you’re still pulling OS updates, Microsoft could just change the hosts that the telemetry apps are using, and you’re back to square one. You would have to use a packet sniffer, firewall log, etc and make a new catalog of hosts that Microsoft is using.
*pfft* It’s a shit sandwich, no doubt about it.
As bad as this situation is, my guess is that it’s overly optimistic to assume that 1% of Windows users even care. Of that 1%, maybe 1% of those users are able to run any sort of technical countermeasures. I hope this disaster doesn’t embolden Apple to screw its OSX users over in a similar manner.
Via: ghacks:
Windows 7 and 8 users have been plagued by “upgrade preparation” updates but left alone otherwise up until recently when it comes to this new level of data collecting.
This changed recently with the release of several updates for both operating systems that step up the game.
KB3068708 Update for customer experience and diagnostic telemetry – This update introduces the Diagnostics and Telemetry tracking service to existing devices. By applying this service, you can add benefits from the latest version of Windows to systems that have not yet upgraded. The update also supports applications that are subscribed to Visual Studio Application Insights. (Windows 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1 (SP1), and Windows Server 2008 R2 SP1)
KB3022345 (replaced by KB3068708) Update for customer experience and diagnostic telemetry – This update introduces the Diagnostics and Telemetry tracking service to in-market devices. By applying this service, you can add benefits from the latest version of Windows to systems that have not yet been upgraded. The update also supports applications that are subscribed to Visual Studio Application Insights. (Windows 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1 (SP1), and Windows Server 2008 R2 SP1)
KB3075249 Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7 – This update adds telemetry points to the User Account Control (UAC) feature to collect information on elevations that come from low integrity levels. (Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1 (SP1), and Windows Server 2008 R2 SP1)
KB3080149 Update for customer experience and diagnostic telemetry – This package updates the Diagnostics and Telemetry tracking service to existing devices. This service provides benefits from the latest version of Windows to systems that have not yet upgraded. The update also supports applications that are subscribed to Visual Studio Application Insights. (Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1 (SP1), and Windows Server 2008 R2 SP1)
If these updates are installed on the system, data is sent to Microsoft regularly about various activities on it.
Microsoft lists two host names in KB3068708 that data is received from and sent to:
vortex-win.data.microsoft.com
settings-win.data.microsoft.com
These, and maybe others, appear to be hardcoded which means that the Hosts file is bypassed automatically.
What?! I was naively expecting them to leave my Windows 7 alone. I guess my transition to LINUX will have to go sooner than planned.
But I guess I already knew that the Biblical one-world system would come someday (thank you Katherine Albrecht). What can you do when pretty much every institution globally will end up running Windows 10? Will Linux fold eventually?
Forgot to mention, I used this for the time being: https://fix10.isleaked.com/oldwindows.html
We probably should have all stayed on XP.
Microsoft has gone nuts with these recent changes.
In the past, I always kept two computers.
I did all my work, including emails and web browsing, on a Linux (Slackware) machine.
I used my Windows machine exclusively for gaming and testing, such as someone saying a site didn’t behave properly in MSIE. It could (and did) sit idle for months, when I was too busy to play games.
In recent years, I’ve had to consolidate to one desktop machine, so I just used Windows.
I’m switching back to using Linux only.
I prefer Slackware, because they keep packages current, rather than other distro’s choice to backport security changes to old or obsolete versions.
I installed Slackware on a fresh drive in my laptop. I did it, acting like a normal user. I did the full install, and got all the way through firing up a web browser. I barely touched the keyboard, and didn’t edit any files. Everything, including the wireless network card, and video drivers, set themselves up perfectly. When KDE came up, it looks and behaves like OS/X.
So the age old excuse of “It’s too hard to install and use” isn’t an excuse any more.
I’m installing Wine and all the DLLs via winetricks, so I can try out games that I play.
Over the next few weeks, time permitting, I’ll have the computers I use switched over to Linux.
Worst case, I *might* keep a Windows box around to game, but it’ll stay turned off when I’m not playing. Gaming isn’t that high of a priority, but if they’re going to spy, they’ll only get to spy on what games I’m playing, and the hours they’re being played.
a family member just experienced a rather sophisticated, unnerving ransom attack when she decided to download Windows 10 because she wasn’t that happy with Windows 8. I still have to figure out if she clicked on the Windows 10 icon that popped up on many computers with Windows 7, 8, or XP, or if she somehow clicked on a deceptive icon that lead her to a decoy site.
Windows 10 got through about 85% completion, and she went through the registration step, but then it stalled. As she was sitting by the computer, she got a phone call from ‘microsoft’ or windows support, and they asked how her product download was going, and she said she couldn’t find Outlook for email and it seemed to be stuck. With an air of a tech support person at a corporate network, where the IT administrator can remotely take control of a computer, he showed her that he had control of her computer and he made the mouse move around on the screen, and he went through some sort of script saying that she must have done something wrong. Then he asked for her Outlook password. She didn’t want to do it, but she gave it to him, and he restored Outlook while having remote control of the computer, and said he saw several other mistakes he would have to repair. Then he said he would need her credit card number because the repair bill would be $225.
It ended with him giving her her email back, but communicating that it would only last for a month and they’d return for more ransom. It’s super creepy because this is far more sophisticated than the calls many people were getting last year with a very unbelievable script that staff from Windows Support had detected a problem with your computer. Here, the calls are timed with the download of Windows 10 and they’re already in your computer and holding it hostage.
@quintanus
That family member of yours is dangerously clueless and should pull the ethernet cable out of the computer and then power it off. If wifi is being used, shut it down. She should have someone who knows what they’re doing wipe the drive and install a known good copy of the desired operating system.
If she is still able to get control of her Outlook account, she should enable 2 factor authentication.
If a credit card was used to make the extortion payment, it should be cancelled.
XP won’t prompt to install Windows 10.
Never give your password to anyone.
In case you haven’t figured it out yet, whatever she downloaded contained a malicious payload, and it wasn’t Microsoft on the other end of the phone.
Etc.
I’m just going to stop now. Good luck.