A lot has been found out about the data collection that is going on in Microsoft's new operating system Windows 10.
We have covered these issues in our Windows 10 privacy guide, but it became clear quickly that Windows was still phoning home at times even when you disable or block all options provided under settings and elsewhere.
Most users are probably unaware of this since it all happens in the background. You can check out Ars Technica's findings on the matter which provide you with details about network activity after turning off or disabling phone-home features such as Cortana or Web Search.
But what if you want to find out about that on your own? The following guide provides you with information on how to set up your own network monitor to get a detailed account on what is happening in the background when you are using your computer and when your computer is idle.
It works well for all kind of tasks, not only to monitor the operating system level but also applications or apps.
Note: Fiddler may not catch all network traffic even if you configure it to capture http and https traffic. As Ars Technica notes, Windows appears to use a content deliver network that bypasses network monitors.
It is recommended to run the program in a virtual machine as it needs to install a root certificate on the system in order to capture https traffic. While you can install the certificate on the underlying system as well, it is not recommended. If you still want to go ahead, make sure you remove it once you are done.
You need to download Fiddler4 from the developer website and install it afterwards. Start the program, and select Tools > Fiddler Options.
Switch to HTTPS and check the "Decrypt HTTPS traffic" box. Make sure all processes are listed and click ok. Fiddler displays its root certificate warning prompt which you need to accept to continue.
A security warning is displayed afterwards which you need to accept as well. You need to accept the User Account Control prompt as well to complete the process, and then that you "really" want to add the certificate.
Once you are back in the main interface select Stream in the main toolbar so that it is highlighted with a rectangular box around it.
Make sure capturing is listed in the lower left corner.
That's all you need to do and network traffic should start to show up in the interface as soon as it occurs. A simple example of this is the ping to bing.com when you use the search, even if you have disabled web search previously.
As soon as you start typing the first character in the search form, a ping to bing.com is sent by the operating system.
Remove the root certificate
To remove the root certificate again, do the following:
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.