According to Mark Burnett, an independent IT security analyst, the OS lets users enable their preferred privacy settings only to ignore them after the fact [...] Despite having telemetry and the tracking-related services disabled, the system still connects to these services. Adding a few extra reg hacks doesn’t help blocking telemetry services. [...] With every possible setting to block connections to Microsoft disabled (except updates), a bunch of advertising-related connections are still visible. [...] Ultimately, Microsoft doesn’t honor it’s own Group Policy settings. For more details about this strange Windows 10 Enterprise behavior, you can check out Mark Burnett Twitter page. You’ll also find screenshots for all the privacy issues listed above as well.
The actual Windowsreport article isn't much longer than the except I've blogged here (and which I've rather savagely cut down, to avoid simply quoting their entire article), although it mentions some more technical issues like the system still connecting out to perform IPV6 Teredo tests, even with both IPV6 and Teredo diabled; the system still connecting to SmartScreen, even with SmartScreen diabled; and so on. The basic point seems pretty clear, though: Microsoft is still ignoring user privacy settings to harvest data to which those users have explicitly denied them, and they're doing it so that they can advertise to these users... and these are Enterprise users, remember, not just people making personal use the PCs in question.
I'll admit it: I'm a little surprised to learn that even Windows 10's Enterprise edition has these issues. To find this sort of Microsoft bullshittery in the Home edition, or even the Pro edition, wouldn't have surprised me at all, but Enterprise is the really expensive purchase plan, the one that Microsoft is pushing to larger corporations. I'm not a larger corporation, but if I were, this is the kind of thing that would turn me off Windows 10. Almost two years later, and Microsoft are still screwing up on basic privacy. GG, Microsoft! Well done.
It will be interesting to see what happens with Windows 10 adoption rates over the month...
UPDATE:
Mark Burnett ran some more thorough tests on a clean install of Win10 Enterprise, and posted about the results here. His summarized assessment of the situation boils down to these points:
UPDATE:
Mark Burnett ran some more thorough tests on a clean install of Win10 Enterprise, and posted about the results here. His summarized assessment of the situation boils down to these points:
- I made mistakes on my original testing and therefore saw more connections than I should have, including some to Google ads.
- You can cut back even more using the Windows Restricted Traffic Limited Functionality Baseline but break many things.
- Settings can be set wrong if you aren’t paying attention. Also, settings are not consistent and can be confusing to beginners.
- You are opted-in to just about everything by default and have to set hundreds of settings to opt out, even on an Enterprise Windows system. Sometimes multiple settings for the same feature. Most Microsoft documentation discourages opting out and warns of a less optimal experience. It’s almost like they don’t want you to opt-out.
- But you can’t completely opt-out. Windows still tracks too much.
- Home and Professional users are much worse off due to limitations of some settings and lack of an IT staff. I’m not going to bother with captures from those systems, this has already been shared by many others. Spoiler: it’s bad.
- I’m not saying ditch Windows. I’m saying let’s fix this. If we can’t fix it, then we ditch Windows.