Jump to content

Windows 10 is a keylogger

Agazed
By Agazed
in Tech News
 Share
Posted

Source: http://localghost.org/posts/a-traffic-analysis-of-windows-10

 

Some Czech guy did a traffic analysis of data produced by Windows 10, and released his findings the other day. His primary thesis was that Windows 10 acts more like a terminal than an operating system -- because of the extent of the "cloud" integration, a large portion of the OS functions are almost dependant on remote (Microsoft's) servers. The amount of collected information, even with strict privacy settings, is quite alarming.

Information transmitted

All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:

oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com

There isn't a clear purpose for this, considering there there's no autocorrect/prediction anywhere in the OS. The implications of this are significant: because this is an OS-level keylogger, all the data you're trying to transmit securely is now sitting on some MS server. This includes passwords and encrypted chats. This also includes the on-screen keyboard, so there is no way to authenticate to a website without MS also getting your password.

Telemetry is sent once per 5 minutes, to:

vortex.data.microsoft.com
vortex-win.data.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net

You might think that "telemetry" has to do with OS usage or similar... turns out it's telemetry about the user. For example, typing a phone number anywhere into the Edge browser transmits it to the servers above. In another example, typing the name of any popular movie into your local file search starts a telemetry process that indexes all media files on your computer and transmits them to:

df.telemetry.microsoft.com
reports.wes.df.telemetry.microsoft.com
cs1.wpc.v0cdn.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com

It's hard to imagine any purpose for this other than the obvious piracy crackdown possiblities.

When a webcam is first enabled, ~35mb of data gets immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net

Everything that is said into an enabled microphone is immediately transmitted to:

oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.urs.microsoft.com
cs1.wpc.v0cdn.net
statsfe1.ws.microsoft.com

If this weren't bad enough, this behaviour still occurs after Cortana is fully disabled/uninstalled. It's speculated that the purpose of this function to build up a massive voice database, then tie those voices to identities, and eventually be able to identify anyone simply by picking up their voice, whether it be a microphone in a public place or a wiretap on a payphone.

Interestingly, if Cortana is enabled, the voice is first transcribed to text, then the transcription is sent to:

pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com
df.telemetry.microsoft.com

If Windows is left unattended for ~15 mins, a large volume of traffic starts being transmitted to various servers. This may be the raw audio data, rather than just samples.

Other concerns

While the inital reflex may be to block all of the above servers via HOSTS, it turns out this won't work: Microsoft has taken the care to hardcode certain IPs, meaning that there is no DNS lookup and no HOSTS consultation. However, if the above servers are blocked via HOSTS, Windows will pretend to be crippled by continuously throwing errors, while still maintaining data collection in the background. Other than an increase in errors, HOSTS blocking did not affect the volume, frequency, or rate of data being transmitted.

CPU: Intel i5 4690k @ 4.3 GHz       GPU: MSI GTX 980                      Cooling: be quiet! Pure Rock                     OS: Windows 7            Monitor: BenQ XL2411Z

Motherboard: AsRock Z97 PRO4   PSU: Corsair 600W CX600M       Keyboard: Razer BlackWidow Ultimate   SSD: Intel 120GB 520   Headset: HyperX Cloud II

RAM: 12GB Crucial Ballistix            Case: Corsair 750D                       Mouse: Logitech G502                         HDD: Seagate 1TB        Speakers: Audioengine A5+

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Hmm, guess I'm going back to windows 7.

Specs: CPU - Intel i7 8700K @ 5GHz | GPU - Gigabyte GTX 970 G1 Gaming | Motherboard - ASUS Strix Z370-G WIFI AC | RAM - XPG Gammix DDR4-3000MHz 32GB (2x16GB) | Main Drive - Samsung 850 Evo 500GB M.2 | Other Drives - 7TB/3 Drives | CPU Cooler - Corsair H100i Pro | Case - Fractal Design Define C Mini TG | Power Supply - EVGA G3 850W

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I thought this was only an issue in early beta builds. This is why I went from using the beta build as my primary OS back to Windows 8.1. And now I think I might switch back. Freaking come on Microsoft. 

COMIC SANS

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Are you f*cking kidding me

00110000 00110001 00110000 00110000 00110000 00110000 00110001 00110000 00100000 00110000 00110001 00110001 00110000 00110001 00110001 00110001 00110001 00100000 00110000 00110001 00110001 00110001 00110000 00110000 00110001 00110000 00100000 00110000 00110001 00110001 00110000 00110000 00110001 00110000 00110000 00100000 00110000 00110001 00110001 00110000 00110000 00110001 00110000 00110001 00100000 00110000 00110001 00110001 00110000 00110001 00110001 00110000 00110001 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Bruh

 

 

You know what? FUCK DIRECTX 12! AND MICRSOFOT IF YOU'RE READING SUCK MY.... DATA!

 

 

what you thougt I was going to say dick? you perv 

[spoiler=My PC]

Spoiler

CPU: Intel Core i7 6700K | COOLER: Corsair H105 | MOBO: ASUS Z170i Gaming Pro AC | RAM: Corsair LPX DDR4 16GB 2400MHz | GPU: EVGA GTX 980 Classified | CASE: BitFenix Prodigy | SSD: Samsung 950 Pro 512GB | PSU: XFX XTR 650W [spoiler= Le Other Stuff] Monitor: BenQ XL2411Z | Keyboard: Ozone Strike Pro | Mouse: A4 Tech X7 F4 | MousePad: Ozone

Spoiler
Spoiler

PlayStation 2 | PSP 2000 | Game Boy Color | Nintendo DS Lite | Nintendo 3DS | Wii

Spoiler

Sony Xperia J (Why u so bad D:) | iPod 4th gen | iPhone 4 | Yarvik Xenta 13c (3muchchrome5her)

Spoiler
Spoiler

Pentium B980 | 500GB WD Blue | Intel HD Graphixxx | 4Gegabeytes of REHAM

Current OS: MSX 10.0 ( ͡° ͜ʖ ͡°)Ilikethelennyfaceyouknow( ͡° ͜ʖ ͡°) Windows Password Reset Guide

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Tadah!

Corsair 600T White | Gigabyte Z77-UD3H | Intel Core i5-2500k | 8GB Gskill Ares@1600MHz | Gigabyte G1 GTX970 | OCZ ZT 550 | Western Digital Caviar Blue 500GB | Western Digital Caviar Black 1TB | Samsung 840 EVO 250GB (boot) | Full Custom Loop | NZXT HUE

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I'm waiting a bit longer for other sources to shine some more info on this.

●CPU: i7-4790K w/H100i ●Mobo: MSI Z97 MPower ●RAM: Corsair 16GB Dominator ●GPU: EVGA ACX SC 780 3GB(X2) ●SSD: 850 Pro 256GB ●Case: 450D ●PSU: AX 860i ●Monitor: Asus PB278Q 1440p

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

If this is true, I wish I didn't jump on the switch so quickly. So much shady and obtrusive stuff going on here.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

And now myself and everyone in my family will be staying with their current OS (Windows XP, Vista, 7 and 8.1).

"We also blind small animals with cosmetics.
We do not sell cosmetics. We just blind animals."

 

"Please don't mistake us for Equifax. Those fuckers are evil"

 

This PSA brought to you by Equifacks.
PMSL

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I'll be staying on Windows 7 and once support is gone I'm off to Ubuntu.

Keep a chair open for me.

 

Oh wait, it's linux, there's always a chair open. Free of charge.

Ketchup is better than mustard.

GUI is better than Command Line Interface.

Dubs are better than subs

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Was it just me that expected this kind of shit when they announced it would be free? Windows 10 Windows DataMiner

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

i have nothing to hide but this is still pretty fucked up.  dx12 isnt really enough to get me to want to stay with w10 anymore..

Personal Rig v3: AMD Ryzen 7 2700X | Noctua NH-U14S | Gigabyte B450 Aorus Pro ITX | Zotac GTX 2070 8GB | 16GB G-Skill Trident DDR4 3200MHz | EVGA Supernova 750B | Phanteks Enthoo Evolv ITX 

Peripherals: Sennheiser HD518 & Classic ModMic | Corsair K65 Luxe | Zowie EC2 | ASUS VG259QM  |  ASUS VG278E | Klipsch ProMedia 2.1

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

There are people at the source commenting that this is a kind of clickbaity article from an unreliable source, but it does warrant investigation. I'll have no company keylogging my every move, that should just be illegal to the nth degree,

Linux, here I come!

... again...

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

We need those guys working on making OS X Binaries compatible on Linux funded the shit out of so that Windows can just die.

I still can't believe that I was able to play most Windows 98 games on my Asus A3H better under WINE than Windows XP-and the version of XP I was using was tweaked to be lighter than even Lubuntu.

"We also blind small animals with cosmetics.
We do not sell cosmetics. We just blind animals."

 

"Please don't mistake us for Equifax. Those fuckers are evil"

 

This PSA brought to you by Equifacks.
PMSL

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Keep a chair open for me.

 

Oh wait, it's linux, there's always a chair open. Free of charge.

And completely Open Source.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I still can't believe that I was able to play most Windows 98 games on my Asus A3H better under WINE than Windows XP-and the version of XP I was using was tweaked to be lighter than even Lubuntu.

I hate windows so fucking much... I hate microsoft. So Fucking Much.

Link to comment
Share on other sites
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing Tech News

×