Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The connections in the first screenshot[0] aren't necessarily from Microsoft. This screenshot shows a DNS lookup for google-analytics.com followed by an attempt to use Teredo. If Chrome is installed then this could be from the Google Update service. It seems unlikely that Microsoft would send usage information to a Google site.

[0] https://twitter.com/m8urnett/status/866353982217699328

Edited to omit needless words



Chrome is not installed according to this tweet:

"Also note this is a system with minimal software install, all default windows store apps removed, and nothing running on it."

https://twitter.com/m8urnett/status/866354381012189184


I saw that tweet but I still doubt that any Windows 10 service would connect to analytics.google.com. It seems more likely that he has a Google application installed.

Edited to reword the second sentence.


Doesn't have to be a user installed google app. Google analytics use is ubiquitous for mobile and web apps could easily be something Microsoft bundled into their os like for example candy crush (not implying that's the culprit) or something that carries over that pervasive track every click and mousemove type mentality.


Here is the list of installed applications: http://imgur.com/a/mdrTv

Also note that the only third-party software running at the time was wireshark, DNSQuerySniffer, and Glasswire.


Interesting, have you tried configuring Process Monitor to log all network traffic?


Wouldn't it be better to log that traffic from outside of the client? There's nothing that prevents Windows/Process Monitor from hiding this traffic from an application.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: