Windows 10 PC’s phone home even after privacy hardening

When you install Windows 10 on a new PC or upgrade an existing version of Windows to the new operating system, you get the option to customize select preferences or use the defaults instead.

If you select to customize, you get the option to disable three pages full of features related to privacy.

While that is a good start at limiting Windows 10’s hunger for data, it is nowhere near sufficient to keep the operating system from talking with Microsoft servers regularly.

A user on Voat analyzed the network traffic of Microsoft’s Windows 10 operating system using a DD-WRT router and a Linux Mint laptop with remote logging and Windows 10 Enterprise installed on Virtualbox recently.

mod apk

He turned off all privacy-related features during custom installation, and let the computer sit idle for eight hours straight afterwards logging network traffic.

In the eight hours Windows 10 made 5508 connection attempts.

Here is the roughly 8-hour network traffic analysis of 5508 connection attempts of an unused, base install of Windows 10 Enterprise

The top 10 sites the operating system tried to establish connections to are:

ip_address nslookup port protocol connection_attempts route origin description 3544 UDP 1619 AS8075 MICROSOFT 443 TCP 764 AS8075 MICROSOFT 443 TCP 271 AS8075 MICROSOFT 443 TCP 242 AS8075 MICROSOFT-CORP-MSN-AS-BLOCK 443 TCP 189 AS8075 MICROSOFT 443 TCP 158 AS8075 MICROSOFT 80 TCP 107 AS8075 MICROSOFT-CORP-MSN-AS-BLOCK 80 TCP 96 AS8075 MICROSOFT-CORP-MSN-AS-BLOCK 443 TCP 83 AS8075 MICROSOFT-CORP-MSN-AS-BLOCK 443 TCP 63

He analyzed the network traffic again after 30 hours, and posted his finding on Pastebin as a dump this time. We have uploaded the full dump to our own server, you may download it with a click on the following link: windows10-connections.txt

After 30 hours of use, Windows 10 attempted to connect to 113 non-private IP addresses.

He then decided to run a privacy tool for Windows 10, DisableWinTracking, and monitor network traffic again for a period of time to see how it affects the connections made during that time.

DisableWinTracking is not the most complete privacy tool for Windows 10, but it enables you to make several changes related to privacy to the system including disabling telemetry, services, blocking domains and IP addresses, and uninstalling applications.

disable windows tracking

After running the tool, he monitored the network traffic for another 30-hour period and noticed a drop in connection attempts (from 5508 to 2758) and a drop in unique IP addresses the operating system tried to connect to (from 95 to 30).

It is likely that tools that programs that offer more options than DisableWinTracking reduce the numbers further.

The takeaway from the test — which requires verification — is that Windows 10 will connect to remote sites regularly even if the operating system has been configured for privacy and the computer is idle.

It is unclear why Windows 10 makes that many connections even when idle.

Windows 10 users who don’t want any of those connections to be made can use the researcher’s recommended list of IP ranges to block in a firewall / router. Please note that doing so may impact functionality such as update checking and downloading as well.


Article Name

Windows 10 PC’s phone home even after privacy hardening


Windows 10 PCs communicate with Microsoft servers regularly even after making all available privacy related changes.


Martin Brinkmann


Ghacks Technology News


About Martin Brinkmann

Martin Brinkmann is a journalist from Germany who founded Ghacks Technology News Back in 2005. He is passionate about all things tech and knows the Internet and computers like the back of his hand. You can follow Martin on Facebook, Twitter or Google+

You are here: Home > Windows > Windows 10 PC’s phone home even after privacy hardening

This entry passed through the Full-Text RSS service – if this is your content and you’re reading it on someone else’s site, please read the FAQ at