Now Reading
Microsoft Updates allow NSA to listen and track users
0

Microsoft Updates allow NSA to listen and track users

by irleaksSeptember 1, 2015

Over the past years has been caught red handed, giving information out to the the .

NSA-Relationships-1024x499

Now Microsoft allows the NSA to track you without a spyware program. In the past Microsoft was caught allowing the  NSA to read your emails before encrypting them.   They have been caught allowing the NSA to grab Skype conversations.  They have given the NSA a back door to track or access your computer.  Click our database for more Microsoft NSA agreements

Now through updates the joint venture between the Microsoft Nsa is through Microsoft updates. We learned recently that Microsoft is no longer going to label what the update does, before this goes into effect we found some disturbing things, that even port updates to Windows 7, and 8  as we know Windows 10 is bugged.

Microsoft is updating those operating systems with the same telemetry gathering software it deployed on Windows 10.

Ghacks.net has discovered four KB updates for Windows 7 and 8, each of which is described as an “Update for customer experience and diagnostic telemetry.” Each is detailed below:

KB 3068708: This update introduces the Diagnostics and Telemetry tracking service to existing devices. By applying this service, you can add benefits from the latest version of Windows to systems that have not yet upgraded. The update also supports applications that are subscribed to Visual Studio Application Insights.

KB 3068708 is listed as collecting diagnostics about functional issues on systems that take part in the Customer Experience Improvement Program. Determining whether or not you are a member of the CEIP, however, is less than obvious. The KB also notes that “Most programs make CEIP options available on the Help menu, although for some products, you might have to check settings, options, or preferences menus.” This is a recommended Windows update.

KB 3022345: This update has been superseded by KB 3068708, but previously provided the same telemetry-tracking services. It’s not clear how the two updates differ, but if you want to remove all traces of telemetry tracking, you’ll want to remove this update as well.

KB 3075249: This update adds telemetry points to the User Account Control (UAC) feature to collect information on elevations that come from low integrity levels. What this appears to mean is that MS wants more information about the kinds of applications that trigger UAC in the first place, presumably because it wants to know what they do and why they need that access. This update is classified as Optional.

KB 3080149: This update is described in identical language to the first two. “This package updates the Diagnostics and Telemetry tracking service to existing devices. This service provides benefits from the latest version of Windows to systems that have not yet upgraded. The update also supports applications that are subscribed to Visual Studio Application Insights.” It is provided as an Optional update, even though the first was classified a “Recommended” update.

Hard-coded phoning home

One of the assumptions made by various privacy advocates and journalists, including me, is that third-party utilities would be able to shut down the tracking Microsoft deployed in Windows 10. To some degree, that’s already happened, but there are certain new “features” of the operating system that can’t be blocked by any OS-level tweaks, including the hosts file. The updates listed above connect to vortex-win.data.microsoft.com and settings-win.data.microsoft.com. These addresses are hard-coded to bypass the hosts file and cannot be prevented from connecting. No software firewall can stop them, either, because the data doesn’t flow through the usual channels.

Telemetry2

 

The only way to block some of these connections is if your router has a firewall you can configure and if that firewall allows you to block HTTPS connections instead of simply passing them through. Some users have reported that they can block these connections, but plenty of other devices can’t, at least not completely. It’s still possible to reduce the amount of information flowing to Microsoft, but disabling it completely seems to be impossible unless you build a software router or replace your current hardware with a dedicated box.

Windows 7’s GPEdit.msc contains a setting that allows users to disable all application telemetry, and another setting that can shut off user participation in the Consumer Experience Improvement Program. Whether these options continue to function after the latest patches isn’t known. Users who do not wish to send Microsoft their own telemetry should uninstall the updates and tell Windows Update to hide them from now on.

The latter two updates are flagged as Optional, but KB3068708 holds Recommended status, which means it would be downloaded and installed if you have Windows Updates set to automatic. It’s only functional in PCs that participate in Microsoft’s Customer Experience Improvement Program, which already sends Microsoft information on how you use your computer.

Opting out of the CEIP isn’t a single straightforward flip to switch. You have to disable it in all the software you’ve agreed to use it with. From Microsoft’s CEIP website:

“Most programs make CEIP options available from the Help menu, although for some products, you might need to check settings, options, or preferences menus. Some pre-release products that are under development might require participation in CEIP to help ensure the final release of the product improves frequently used features and solves common problems that exist in the pre-release software.”

If you use Office’s default settings, it signs you up for Microsoft’s CEIP. How-to Geek has a tutorial explaining how to disable it, though if sending information to Microsoft before didn’t bother you, this new update probably won’t either.

Begone!

Disabling the tracking tools in the Recommended KB3068708 update isn’t simple, either. It connects to vortex-win.data.microsoft.com and settings-win.data.microsoft.com, which are hard-coded to bypass the Windows HOSTS file. In other words, it’s tricky to block unless you have a firewall that can block HTTPS connections as well as be configured manually, ExtremeTech explains. There are options in GPEdit.msc that allow you to disable application telemetry and CEIP participation, but it’s unknown if they behave correctly after the new patches are installed.

uninstall update
Where to uninstall updates. (Image ironically taken on Windows 10.)

If you don’t want these new tracking tools on your PC, the best thing to do seems to be simply uninstalling the offending updates, then blocking them from being reinstalled.

To do so, head to Control Panel > Programs > Uninstall or change a program. Here, clickView installed updates in the left-hand navigation pane. In the search box in the upper-right corner, search for the KB3068708, KB3022345, KB3075249, and KB3080149 updates by name. If they’re installed, they’ll pop right up. If you find one, right-click on it and select Uninstall to wipe it from your system.

updates

To block the updates from being downloaded again, dive back into the Control Panel and head to System and Security > Windows Update > Check for updates. The system will look for updates, then say you have a certain number of updates available, separated by status (Optional, Recommended, Critical). Simply click the recommended updates link, find the KB3068708 and KB3022345 updates, then right-click them and select Hide update. Boom! Done.

Now dive into the optional updates and hide KB3075249 and KB3080149 as well.

About The Author
irleaks
irleaks