How to block in Windows10 Telemetry with pfsense
-
Hi there,
I would like to do more than editing the regsitry in Windows to block the funktion telemetry. Is it possible to block it in pfblocker, squidguard or native with firewall rules? The aim is that the updates should still work.
In the regedit you can navigate to "HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Windows \ Data Collection" and create by right-clicking a file DWORD (32-bit). Rename it to "AllowTelemetry". The value must be set to "0" (normally this is done automatically).
Another idea is to block cloud-server to microsoft an d those to https://www.iblocklist.com/.
Any ideas?
-
Hi,
try this:make an alias to allow MS_update with this:
download.windowsupdate.com -w7 xp update.microsoft.com - w7 xp sls.update.microsoft.com.akadns.net - w8.1 vortex.data.microsoft.com - w8.1 vortex-win.data.microsoft.com - w8.1 fe2.update.microsoft.com.akadns.net - w8.1 statsfe2.update.microsoft.com.akadns.net -w8.1 not required at the moment ?make another alias to block MS_telemetry with this:
vortex.data.microsoft.com vortex-win.data.microsoft.com telecommand.telemetry.microsoft.com telecommand.telemetry.microsoft.com.nsatc.net oca.telemetry.microsoft.com oca.telemetry.microsoft.com.nsatc.net sqm.telemetry.microsoft.com sqm.telemetry.microsoft.com.nsatc.net watson.telemetry.microsoft.com watson.telemetry.microsoft.com.nsatc.net redir.metaservices.microsoft.com choice.microsoft.com choice.microsoft.com.nsatc.net df.telemetry.microsoft.com reports.wes.df.telemetry.microsoft.com wes.df.telemetry.microsoft.com services.wes.df.telemetry.microsoft.com sqm.df.telemetry.microsoft.com telemetry.microsoft.com watson.ppe.telemetry.microsoft.com telemetry.appex.bing.net telemetry.urs.microsoft.com telemetry.appex.bing.net:443 settings-sandbox.data.microsoft.com vortex-sandbox.data.microsoft.com survey.watson.microsoft.com watson.live.com watson.microsoft.com statsfe2.ws.microsoft.com corpext.msitadfs.glbdns2.microsoft.com compatexchange.cloudapp.net cs1.wpc.v0cdn.net a-0001.a-msedge.net statsfe2.update.microsoft.com.akadns.net sls.update.microsoft.com.akadns.net fe2.update.microsoft.com.akadns.net diagnostics.support.microsoft.com corp.sts.microsoft.com statsfe1.ws.microsoft.com pre.footprintpredict.com i1.services.social.microsoft.com i1.services.social.microsoft.com.nsatc.net feedback.windows.com feedback.microsoft-hohm.com feedback.search.microsoft.com rad.msn.com preview.msn.com ad.doubleclick.net ads.msn.com ads1.msads.net ads1.msn.com a.ads1.msn.com a.ads2.msn.com adnexus.net adnxs.com az361816.vo.msecnd.net az512334.vo.msecnd.net vortex-bn2.metron.live.com.nsatc.net vortex-cy2.metron.live.com.nsatc.net dmd.metaservices.microsoft.comadd appropriate rules at firewall to allow the MS_update and after that rule to block the MS_telemetry.
feel free to experiment and add another domains if you have… in case you want to block all MS just disable the MS_update rule.
-
Hi,
thnx 4 the quick response. Where did u get all the urls from?
-
from here and from traffic logs:
http://pastebin.com/ULJjVM7wedit:
here it is an updated list
http://www.pcsympathy.com/ -
Thank you very much.
-
Thank you very much.
telemtry uses a million links
Blocking those won't rely block it
I have created some powershell to disable this . -
Hi there,
and do you show us all this script?
-
A centralized solution would be best. If you're going to go local, why not just use one of the many utils already out there?
http://www.oo-software.com/en/shutup10
http://pxc-coding.com/portfolio/donotspy10/
-
http://thehackernews.com/2015/08/windows-10-privacy-spying.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
http://thehackernews.com/2015/08/windows-10-disables-pirated-games-microsoft.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
-
Well, looking at the news, I decided to simply not upgrade my Win7 to the free Win10.
Instead, I'm starting to evaluate seriously using a Linux distro as a desktop OS. Ubuntu-MATE is a really good candidate given that the user interface can be easily customized to look similar to Windows (just as Linux Mint too). -
Thank you very much.
telemtry uses a million links
Blocking those won't rely block it
I have created some powershell to disable this .Hi there,
Still waiting for the script. Will it be posted?
-
Well, looking at the news, I decided to simply not upgrade my Win7 to the free Win10.
Instead, I'm starting to evaluate seriously using a Linux distro as a desktop OS. Ubuntu-MATE is a really good candidate given that the user interface can be easily customized to look similar to Windows (just as Linux Mint too).Hi,
do u really think, that win7 or above are not connecting to MS? LOL
You mentioned to stay close to win7. That is OK 4 me, but a solution to the problem that ms-infos of your station might be send to ms or even other companies working with ms together is still present. There I would test your workstation, with a firewall before, what traffic is going to which URL or ip.The best solution is say farewell 2 your ms-system and switch over to linux.
It just an idea ;) Do not 4get that the whole world wants 2 go to cloudservices (not only ms)
cu
-
I decided to simply not upgrade my Win7
All the same telemetry shit was added to 7, 8 and 8.1 in a recent Windows Update.
-
Do you have that w7 w8.1 update nr ?
If is not marked as security then can be uninstalled if by mistake somebody installed.
-
Thank God I already switched my machines to Linux.
To be really honest, I really don't see any difference while using it. I was perfectly able to switch over all my workflows to Ubuntu Mate.Win7 is still there "dormant" on the disk as the installs are dual-boot at the moment, but if I'll be able to sustain the Linux desktop the way it is, absolutely frustrationless for about 2-3 months, I'll be surely deleting the Windows partition to reclaim the space.
-
@KOM:
A centralized solution would be best.
Agree, but that would be very hard to accomplish, because at a central location, it will be very hard to distinguish between useful traffic and and Microsoft telemetry traffic.
I guess they were smart enough to bypass simple firewall rules by frequently changing CDN IPs and addresses.And local solutions installed on Windows 10s themselves are not trustful.
So, the only real solution is to either:
a) don't upgrade to Windows 10
b) switch over to something elseOf course the fact that all this telemetry was deployed to Win7 and Win8 engraves the situation. Hopefully it can be uninstalled somehow.
-
Do you have that w7 w8.1 update nr ?
http://www.infoworld.com/article/2911609/operating-systems/kb-2952664-compatibility-update-for-win7-triggers-unexpected-daily-telemetry-run-may-be-snooping.html
https://www.reddit.com/r/pcmasterrace/comments/3g7hr0/removing_telemetry_from_windows_7_and_8x/ -
Thank God I already switched my machines to Linux.
I've been contemplating that for 10+ years, but there was always a reliance on special software that I couldn't get for Linux. Now that I don't do a lot of desktop stuff at home anymore, I'm thinking now might be the time to dump Win10 and go with Mint Cinnamon.
-
You can find equivalent programs under Linux for most of the daily tasks. No to little effort is required to switch over.
There could be though very special industrial apps which were made for Windows-only, that's true. But for the regular home user, Linux is a perfect alternative. -
I've been adminning Linux boxes for more than a decade so I'm generally aware of what's available. For me, the showstoppers were always a decent money-management app (eg. Quicken, MS Money), a good Usenet browser (eg. Newsleecher, Forte Agent) and a decent RSS reader (eg. Feeddemon, QuiteRSS). Nowadays I don't use a money app, Usenet indexers have removed the need for an NNTP browser, and there are several decent RSS readers for Linux. I really should have thought of this 2 weeks ago before I spent a weekend doing the Windows 10 thing.
