The Windows 10 Telemetry Problem

If you’re a Windows user or manage environments with Windows devices, Microsoft has put you in a tight place. On the one hand, they have revolutionized their product deployment model. Free Windows version updates, say what? Of course, there’s an angle here. Historically, Microsoft has had difficulty getting people to move on from Windows XP. While that goes a long way to show that XP’s functionality meets the public’s general operating system needs, it is a dinosaur in terms of security. From a publicity standpoint, it favors Microsoft a great deal to get their Windows userbase on to a modern operating system.


With the good comes the bad, of course. It is quite obvious that Microsoft is trying to offset the cost of getting users onto Windows 10 for little-to-no cost with a hyperbolic push for cloud integration with Microsoft platforms at the OS level. Cortana, OneDrive, XBox Garbage, etc., are permanently affixed to your system. We are back to having applications and functionality bundled with the operating system that are difficult and risky to remove as users and administrators. What else is in this cloud integration you ask? Telemetry. You’re shiny, seemingly free, Windows 10 system is constantly communicating with Microsoft serves about the on-goings of your system. Connor MacLeod did a neat little study comparing Windows 10 and Ubuntu idle network traffic with graphs and what not, titled “Where is My Data Going?“.

Windows 10 Telemetry Packet Length.

For users, welcome to a whole new, much expanded world of “Who is reading/listening/watching me and my data?” Businesses and security professionals have to worry about backdoors, corporate risks, and secondary or unintended consequences of allowing Windows 10 in their domain and network environment. Here are a few recommendations:

  1. Block known Windows telemetry hosts at the client hosts and/or firewall level. This is relatively easy to do and reduces the risk of network accessibility to your computer. Unfortunately this does not prevent Microsoft from changing its servers or hard coding IP addresses to prevent DNS resolution solutions in the future.
  2. Block update nagging by removing or preventing the installation of known malicious Windows updates.
  3. Start testing Windows 10 now. With forced updates, and Microsoft insisting that all previous versions of Windows are no longer secure (but not this version, of course), the migration to Windows 10 is inevitable for those unwilling or incapable of migrating to Xubuntu or other awesome Linux desktops systems like Mint.  Waiting to dedicate time and energy to understand how Windows 10 interacts with your corporate environment will likely ensure frustration with support staff and loss of productivity when Windows 10 devices start cropping up in your environment. This is particularly applicable with BYOD sites or places that, god forbid, give average users administrator privileges.


I know what you’re thinking, “What a pain in the ass, fuck you very much Microsoft.” Have no fear, Mr. Windows Lies created a nice repository with some code to get you started in this epic battle against the corporate Microsoft overlords seeking to botnet their user base (read before you run). It turns out there are plenty of solutions to this problem currently in development, which you can monitor by searching windows telemetry.

Tropical Winter

Check out the video from my time at the beach this winter:

Experimental Ink Video

This is a piece I developed the idea for and created with the help of a friend, Leilani Hurd. All content was created using paper, water and ink. Movement was photographed as stop-motion sequences and composed into the following video:

Abandin Pictures Photoshoot

Here are some traditional and experimental photos of a friend’s band, Abandin Pictures. Don’t miss their album release party this New Year’s Eve at the Larimer Lounge.

[AFG_gallery id=’6′]

Yellowstone Photography

Here are some of my photos from Yellowstone National Park.

[AFG_gallery id=’5′]

1940’s WWII Era Ball

Here is a selection of photos I took at the Boulder 1940’s WWII Era Ball.

[AFG_gallery id=’4′]

RAW Artists Boulder

Check out some of my pictures from a RAW Artists Boulder boulder event, featuring Howl Moonshine Howl and others.

[AFG_gallery id=’3′]

Java Update Bundling

This morning I updated Java (JRE) on my Windows computer for the last time. Every update comes with some worthless bundled software, this one in particular has the toolbar. Usually I catch these crappy bundles, which always come pre-checked for installation, but today I missed it. I really dislike the idea of having to watch that my computer isn’t torpedoed with worthless programs every time I update my computer, so I went searching for alternatives. This kind of behavior puts Oracle as a company in the same group as spammers and virus makers in my view. I quickly found others who are disgruntled by Oracle’s disservice of an existance here and here.

I found there are a few solutions to this problem. The first is to stick with Oracle Java and install the ‘developer’ version of the Java Runtime Environment, called ” Windows x86 Offline” (File name ending in “-windows-i586.exe”), available here. Another option is a Java Runtime Environment (JRE) made by IBM. Unfortunately, this is not available as a standalone package for Windows… To use this one you must install IBM’s programming IDE called Eclipse. I looked into a third option, which i would have chosen personally, called OpenJDK. While there is a Windows installer here, it does not include a browser plugin.

In the end, I’ve decided to go without a web plugin, and have OpenJDK installed should any program outside my web browser need Java to run.

Fly Fishing Photoshoot

Check out these photos of fly fishing at Steamboat in April.

[AFG_gallery id=’2′]

Parkour Photoshoot

In March, I shot some photos of friends at a parkour meetup event.

[AFG_gallery id=’1′]