Bert

Windows 10 traffic - security concern

13 posts in this topic




It will be interesting to see when someone comes out with a detailed analysis of all this (there seems to be some questions over this article). Microsoft really know how to create bad PR for themselves, don't they? I'm trying to create a "corporate" image at the moment with all the unneeded settings disabled. There are GPOs for about two privacy settings, everything is registry hacks. That's appalling.

What is interesting is that 90% of this stuff existed in Windows 8.1 but because no-one ever took notice of it we didn't have these revelations.

Share this post


Link to post
Share on other sites

for every os and software ever, since ever.

1) fire up a fresh image in a sandbox

2) let it sit for a day

3) go block every ip that the machine talked to on the host firewall and your network firewall

 

Sure they are a bag of dicks for not providing a handy mechanism to disable it, but so are adobe/oracle/cisco/google/mozilla/yourmother :)   We run them all through quarantine.

1 person likes this

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

I think the toughest one for me to stomach is 'Skype for Business'.  We havent gone o365 yet, Im waiting to see that light up our SIEM.

Edited by boththose

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites

for every os and software ever, since ever.

1) fire up a fresh image in a sandbox

2) let it sit for a day

3) go block every ip that the machine talked to on the host firewall and your network firewall

 

Sure they are a bag of dicks for not providing a handy mechanism to disable it, but so are adobe/oracle/cisco/google/mozilla/yourmother :)   We run them all through quarantine.

It's a good notion, but microsoft could just covertly change the IP's or domains it uses in any update it wanted.

The whole reason I never got windows 8 is because I did not want a mobile phone on my PC, I was really hoping that windows 10 would not be that too. It's a real shame. I'll be using windows 7 until it's dead and start learning some linux OS in the meantime.


AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites

#8 ·  Posted (edited)

Win 8.1 is pretty clean, it takes a minimal amount of effort to stop all updates from the internet in gp (stopping the calls home is still a firewall entry).  The risk of them breaking everyone who whitelisted the last update address, just to trick the people who have it blocked, is minimal.  As long as you are gentle, the public will give up the butt.

Edited by boththose

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites

Ive been using this to help with the known problems so far

It may not cover everything but seems to be a ok for a one use out the box solution

http://www.oo-software.com/en/shutup10

Share this post


Link to post
Share on other sites

Well it is better to keep a check on the Unsuccessful Login attempts in order to keep the data secure. I had to face this problem once and got hacked. With  Event Log Explorer it is easier to explore who logged on and when

Share this post


Link to post
Share on other sites

 

 


,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now