The age of telemetry and online tracking.

Telemetry has been around for a while, Windows 7 had it, and I believe even Vista might have had it.

Having said this Microsoft did not previously sell this information to third parties not did it previously include personal information. When I say personal information I mean your age gender, approximate location, and online habits. Legally they can not give your name, address, and other details that would allow someone to pin point you in real life. So instead they are selling as much as they can about you without actually telling them who you really are. Mind you Micrrosoft is not the only company that uses telemetry data, recently Nvidia got caught with their hand in the cookie jar as well. Scary, right?

Windows:

Fret not where there is a will there is a way. If like me you spend a lot of time connected to the online world there should be a few applications that you need to explore.

For Windows 10 there are a couple of Telemetry applications that you can install that will kill the services and registry entries that allow Windows to send your data to big brother.

O&O Software has an Antispy-Tool for Windows 10. This is a free download. It’s called O&O ShutUp10. With this tool you can pick and choose in great detail what you want to block and what you want to allow.

03

The folks over at Safer Networking that brought us Spybot Search and Destroy have also built a similar tool. They call their Telemetry removal tool Spybot Anti-Beacon, the link can be found on their download page. This has a portable version so you can run it off a flash drive if you need to.

capture

The first time you run this it will show you what you have blocked and what is still tracking you. If you click the “Show Options” button it will show you the registry keys that will be changed. Click Immunize and restart your computer.

Besides these tools, I have also edited my hosts file and added a bunch of domain names that direct to 0.0.0.0, essentially to nowhere. Spybot also adds a couple hosts entries into the file.

0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 a-msedge.net
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c.atdmt.com
0.0.0.0 c.msn.com
0.0.0.0 cdn.atdmt.com
0.0.0.0 cds26.ams9.msecn.net
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nsatc.net
0.0.0.0 compatexchange.cloudapp.net
0.0.0.0 corp.sts.microsoft.com
0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
0.0.0.0 cs1.wpc.v0cdn.net
0.0.0.0 db3aqu.atdmt.com
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 diagnostics.support.microsoft.com
0.0.0.0 ec.atdmt.com
0.0.0.0 feedback.microsoft-hohm.com
0.0.0.0 feedback.search.microsoft.com
0.0.0.0 feedback.windows.com
0.0.0.0 flex.msn.com
0.0.0.0 g.msn.com
0.0.0.0 h1.msn.com
0.0.0.0 i1.services.social.microsoft.com
0.0.0.0 i1.services.social.microsoft.com.nsatc.net
0.0.0.0 lb1.www.ms.akadns.net
0.0.0.0 live.rads.msn.com
0.0.0.0 m.adnxs.com
0.0.0.0 msedge.net
0.0.0.0 msftncsi.com
0.0.0.0 msnbot-65-55-108-23.search.msn.com
0.0.0.0 msntest.serving-sys.com
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
0.0.0.0 pre.footprintpredict.com
0.0.0.0 preview.msn.com
0.0.0.0 rad.live.com
0.0.0.0 rad.msn.com
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 schemas.microsoft.akadns.net
0.0.0.0 secure.adnxs.com
0.0.0.0 secure.flashtalking.com
0.0.0.0 settings-sandbox.data.microsoft.com
0.0.0.0 settings-win.data.microsoft.com
0.0.0.0 sls.update.microsoft.com.akadns.net
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 ssw.live.com
0.0.0.0 static.2mdn.net
0.0.0.0 statsfe1.ws.microsoft.com
0.0.0.0 statsfe2.ws.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.microsoft.com
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 vortex.data.microsoft.com
0.0.0.0 vortex-bn2.metron.live.com.nsatc.net
0.0.0.0 vortex-cy2.metron.live.com.nsatc.net
0.0.0.0 vortex-sandbox.data.microsoft.com
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 watson.live.com
0.0.0.0 http://www.msftncsi.com
0.0.0.0 apps.skype.com
0.0.0.0 fe2.update.microsoft.com.akadns.net
0.0.0.0 m.hotmail.com
0.0.0.0 pricelist.skype.com
0.0.0.0 reports.wes.df.telemetry.microsoft.com
0.0.0.0 s.gateway.messenger.live.com
0.0.0.0 s0.2mdn.net
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 statsfe2.update.microsoft.com.akadns.net
0.0.0.0 survey.watson.microsoft.com
0.0.0.0 ui.skype.com
0.0.0.0 view.atdmt.com
0.0.0.0 watson.microsoft.com
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 wes.df.telemetry.microsoft.com

*Note not all of the above addresses belong to Microsoft. Most of those URLs preform some sort of tracking so probably a good idea to block them anyways.

Nvidia:

Recently it has been discovered that Nvidia included Telemetry in their driver software. Some believe it is only part of the GForce experience, but that is not the case, it is installed along side the driver.

In order to disable the Telemetry bundled with the Nvidia driver you need to download Autoruns from Sysinternals. Extract the package and run the executable as Administrator. Make sure the everything tab is selected and filter content with the keyword: nvidia. Then proceed to uncheck the following items and then just close the application, followed by a reboot.

capture2

Now Nvidia might not be tracking anything, but that is not the point. Also you will need to do this every time you reinstall the driver.

Web browser:

To hide yourself online, obviously the best technology is a VPN or a proxy server. However these can cost quite a bit of money.

My suggestion is use two of the better online extensions. Electronic Frontier Foundations Privacy badger and uBlockOrigin.

Privacy Badger can be installed right from the eff.org web page. To install uBlickOrigin go to your web browsers extension store to find plugin and install it. For Vivaldi go to the chrome store as it is based on Chromium and all chrome extensions are compatible with it.

Advertisements

Avoid Windows data collection services.

Big_Brother_is_Watching_Wide

One of the biggest issues and concerns that people have with Windows 10 is the fact that it dials back to HQ(Microsoft) and provides usage statistics. The quickest route to avoid this is to install Linux on your machine, something like Linux Mint is what I would recommend. Alternatively there are many documented ways to disable this “feature” in Windows 10, I have done it at home, but since moved back to windows 8.1 with classic shell. Soon I’m moving to Linux, I’m just waiting for Steam OS to be released.
Gaming is the only thing holding me back.
One thing you might not be aware of is that Windows 7 and 8+, are implementing the same Telemetry systems as Windows 10.
Umm, no thanks.
These systems will install on your computer via Windows update.
As such here is a list of the updates you should avoid in order to omit anonymous data collection by your operating system and have it sent back to Microshaft (Microsoft).

(KB2952664) — This update helps Microsoft make improvements to the current operating system in order to ease the upgrade experience to the latest version of Windows. This Update seems to seriously corrupt systems.
(KB2976978) — This update helps Microsoft make improvements to the current operating system in order to ease the upgrade experience to the latest version of Windows.
(KB2990214) — This update helps Microsoft make improvements to the current operating system in order to ease the upgrade experience to the latest version of Windows.
(KB3068708) — This kind of update helps the overall application experience on Windows, by improving the current operating system for upgrade to the latest version of Windows.
(KB3035583) —  will pitch the free Windows 10 upgrade to customers.  which does not seem to cause a problem other than it readies my computer for Microsoft to start sending “reminders” to upgrade (Malware by most definitions).
(KB3022345) — which corrupts system files, as can be seen if your run SFC following this update. 
(KB2977759) — This update will help Microsoft and its partners ensure compatibility for customers who are seeking to install the latest Windows operating system.
(KB2922324) — Looks like this one has been pulled.
(KB3021917) — This update will help Microsoft and its partners deliver better system performance for customers who are seeking to install the latest Windows operating system.
(KB3050265) — General improvements are made to support upgrades to a later version of Windows.
(KB3068708) — This update introduces the Diagnostics and Telemetry tracking service to in-market devices. By applying this service, you can add benefits from the latest version of Windows to systems that have not yet upgraded.

The Malicious update KB’s need to be ripped out by the roots!!
(KB3014460) Effects Win8.x

Source.

Update:

Here is a quick little script to help you remove all and any of the updates you have installed. Paste this into a txt file and then rename it with a .bat extension. Run the batch file with admin rights.

:: KB killer
@echo off
wusa /uninstall /kb:2952664 /quiet /norestart
wusa /uninstall /kb:2976978 /quiet /norestart
wusa /uninstall /kb:2990214 /quiet /norestart
wusa /uninstall /kb:3068708 /quiet /norestart
wusa /uninstall /kb:3035583 /quiet /norestart
wusa /uninstall /kb:3022345 /quiet /norestart
wusa /uninstall /kb:2977759 /quiet /norestart
wusa /uninstall /kb:2922324 /quiet /norestart
wusa /uninstall /kb:3021917 /quiet /norestart
wusa /uninstall /kb:3050265 /quiet /norestart
wusa /uninstall /kb:3068708 /quiet /norestart
END

 

Add and remove the KBs as desired. Please note that not all the KBs described in the article are in the script. Specifically the Windows 8 one.

Here is another script that I found on hakspek.com, paste it into a .txt file and then change the extension to .bat. Then run the batch file as an administrator.

@echo off
echo

echo Step 1: Delete Updates…
echo Delete KB3075249 (telemetry for Win7/8.1)
start /w wusa.exe /uninstall /kb:3075249
echo Delete KB3080149 (telemetry for Win7/8.1)
start /w wusa.exe /uninstall /kb:3080149
echo Delete KB3021917 (telemetry for Win7)
start /w wusa.exe /uninstall /kb:3021917
echo Delete KB3022345 (telemetry)
start /w wusa.exe /uninstall /kb:3022345
echo Delete KB3068708 (telemetry)
start /w wusa.exe /uninstall /kb:3068708
echo Delete KB3044374 (Get Windows 10 for Win8.1)
start /w wusa.exe /uninstall /kb:3044374
echo Delete KB3035583 (Get Windows 10 for Win7sp1/8.1)
start /w wusa.exe /uninstall /kb:3035583
echo Delete KB2990214 (Get Windows 10 for Win7 without sp1)
start /w wusa.exe /uninstall /kb:2990214
echo Delete KB2990214 (Get Windows 10 for Win7)
start /w wusa.exe /uninstall /kb:2990214
echo Delete KB2952664 (Get Windows 10 assistant)
start /w wusa.exe /uninstall /kb:2952664
echo Delete KB3075853 (update for “Windows Update” on Win8.1/Server 2012R2)
start /w wusa.exe /uninstall /kb:3075853
echo Delete KB3065987 (update for “Windows Update” on Win7/Server 2008R2)
start /w wusa.exe /uninstall /kb:3065987
echo Delete KB3050265 (update for “Windows Update” on Win7)
start /w wusa.exe /uninstall /kb:3050265
echo Delete KB971033 (license validation)
start /w wusa.exe /uninstall /kb:971033
echo Delete KB2902907 (description not available)
start /w wusa.exe /uninstall /kb:2902907
echo Delete KB2976987 (description not available)
start /w wusa.exe /uninstall /kb:2976987

echo Step 2: Blocking Routes…
route -p add 23.218.212.69 MASK 255.255.255.255 0.0.0.0
route -p add 65.55.108.23 MASK 255.255.255.255 0.0.0.0
route -p add 65.39.117.230 MASK 255.255.255.255 0.0.0.0
route -p add 134.170.30.202 MASK 255.255.255.255 0.0.0.0
route -p add 137.116.81.24 MASK 255.255.255.255 0.0.0.0
route -p add 204.79.197.200 MASK 255.255.255.255 0.0.0.0
route -p add 23.218.212.69 MASK 255.255.255.255 0.0.0.0

echo Step 3: Disabling tasks…
schtasks /Change /TN “\Microsoft\Windows\Application Experience\AitAgent” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Application Experience\ProgramDataUpdater” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Autochk\Proxy” /DISABLE
schtasks /Change /TN “Microsoft\Windows\Customer Experience Improvement Program\Consolidator” /DISABLE
schtasks /Change /TN “Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask” /DISABLE
schtasks /Change /TN “Microsoft\Windows\Customer Experience Improvement Program\UsbCeip” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Maintenance\WinSAT” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\ActivateWindowsSearch” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\ConfigureInternetTimeService” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\DispatchRecoveryTasks” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\ehDRMInit” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\InstallPlayReady” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\mcupdate” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\MediaCenterRecoveryTask” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\OCURActivate” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\OCURDiscovery” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\PBDADiscovery” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\PBDADiscoveryW1” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\PBDADiscoveryW2” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\PvrRecoveryTask” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\PvrScheduleTask” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\RegisterSearch” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\ReindexSearchRoot” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\SqlLiteRecoveryTask” /DISABLE
schtasks /Change /TN “\Microsoft\Windows\Media Center\UpdateRecordPath” /DISABLE

echo Step 4: Killing Diagtrack-service (if it still exists)…
sc stop Diagtrack
sc delete Diagtrack

echo Final Step: Stop remoteregistry-service (if it still exists)…
sc config remoteregistry start= disabled
sc stop remoteregistry

echo Done — Reboot!
shutdown -r

Windows 10 Remote Server Administration Tools finally available.

Despite Windows 10 being more like Windows 8 than Windows 7 and a security nightmare, you might be using it at work and there is also a chance you might want to administer your Active Directory. I prefer this method it is easier to work with than having to RDP to the Domain Controller. Microshaft finally decided to release the RSAT tool kit for Windows 10, and you can grab it here: https://www.microsoft.com/en-us/download/details.aspx?id=45520

Install it on your machine and give it a reboot. Once you reboot your computer head over to Control Panel > Programs and Features > Turn Windows features on or off.

Under Remote Server Administration Tools and Role Administration Tools select the features you might want.adds

Note that the Group Policy Administration Tools feature sits under Remote Server Administration Tools > Feature Administration Tools.GPO

There you go, finally you can manage your domain from the comfort of your desktop. Also to note that these features were all installed by default when I installed Windows 10 RSAT, this might be due to the fact that I upgraded from Windows 7 and it had RSAT installed but when I upgraded Windows 10 did not have an equivalent feature set. I’m thinking there might have been a setting left over from the previous OS version, that’s all. If not be sure to chime in.

All these features can be accessed from the Administrative Tools section in the Control Panel.AdminTools

Noe you have to find a way to enjoy the shitty OS.

Nevermind the Oculus Rift, I’ll take a Microsoft HoloLens.

The Windows 10 presentation and the Microsoft presentation took me completely by surprise. Windows 10 and the Xbox gaming experience, the nice integration of Steam into the Xbox app and other neat little features. Let’s not forget the Microsoft Surface Hub, all in all not too shabby.

Let’s get back to my main point. Everyone has been all over the Oculus Rift for the last year or so, and VR in general. Recently even Samsung released their version of a VR headset, Gear VR. Personally I think that Gear VR is a complete waste of your money. You are limited to Apps on a closed software eco system and you are limited to one manufacturer, and at the moment one phone. All aboard the fail boat. Also all these VR headsets promise only 1080p resolution split in half, each half for each eye. In an age where UHD televisions will be taking over soon, and where 2560×1440/1600 is pretty much the norm for computer monitors, VR headsets have a little catching up to do. Next gen PC video cards will be able to handle UHD gaming as well. Also I’d like to mention the Canadian equivalent of the Oculus, the Totem VR by a Canadian company from Montreal.

Then there is the fact that VR is very anti-social. You close your senses off to the rest of the world and delve into one just by yourself.

Insert the Microsoft HoloLens. Have a look at the commercial.

This isn’t just a device for entertainment, this is also a collaboration tool. A multipurpose device that uses Augmented Reality (AR) to display computer generated images, and video streams around your home. Microsoft had to actually create a new Processing Unit for this. A processor which measures and calculates your surroundings in order to render images and sounds via the HoloLens and it makes sure they are rendered in the appropriate space. I’m talking about the new HPU or Holographic Processing Unit.

The applications for this processor alone are amazing. New mapping technologies, and new ways to map areas. Imagine a quadrocopter fitted with one of these HPUs sending back telemetry data in real time, you could map and navigate areas that were previously inaccessible to humans. It is said that NASA is using the HoloLens as a collaboration tool for it’s Mars mission.

Surely this is a hit for Microsoft, I personally can not wait to get my hands on one of these devices. I have shifted from contemplating getting a VR headset to most definitively getting a HoloLens. Well played Microsoft. Get your wallets ready.

UPDATE 2016/03/09: Never mind the Hololens, Microsoft over promised and under delivered. The Hololens is a steaming pile of shit. The HTC VIVE came out swinging and I pre-ordered that. Room scale VR is where it’s at at the moment.