Master List of Windows 10 "phone home" connections - gHacks Tech News

Master List of Windows 10 "phone home" connections

Microsoft released the first version of Windows 10 three years ago and privacy has been a hot topic ever since.

We published Windows 10 and Privacy back in 2015 to highlight privacy issues such as the inability to turn off Telemetry collection and transfers in the user interface.

Microsoft was criticized by government agencies in various countries such as France or the Netherlands for privacy issues, and a rising arsenal of privacy tools for Windows 10 promised users protection against the data hunger of Microsoft.

One option that Windows users and administrators have is to block endpoints so that connections can't be established. The method requires extensive testing as critical functionality may become unavailable when connections are blocked.

windows 10 telemetry

If you block Windows Update endpoints, you should not be surprised that you cannot use the automatic updating system anymore to keep the operating system up to date.

Default Windows 10 systems, those installed using default settings and left untouched, make a large number of connections automatically for a variety of purposes. Windows 10 checks for updates regularly, checks new files against Windows Defender databases, or submits telemetry data to Microsoft.

While some connections are required for the operating system to work properly, others may be disabled without noticeable impact in functionality; the latter is true especially if features are not used on the system.

Microsoft released a master list of Windows Endpoints for non-Enterprise and for Enterprise editions of Windows recently. The non-Enterprise listing is available for Windows 10 version 1709 and 1803, the Enterprise-specific listing for Windows 10 version 1709.

Tip: Check out my side-project Privacy Amp for detailed lists and other privacy related topics.

Without further ado, here are the connection endpoints of Windows 10 version 1803 (non-Enterprise).

Windows 10 Family

DestinationProtocolDescription
*.e-msedge.netHTTPSUsed by OfficeHub to get the metadata of Office apps.
*.g.akamaiedge.netHTTPSUsed to check for updates to maps that have been downloaded for offline use.
*.s-msedge.netHTTPSUsed by OfficeHub to get the metadata of Office apps.
*.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/HTTPEnables connections to Windows Update.
arc.msn.com.nsatc.netHTTPSUsed to retrieve Windows Spotlight metadata.
arc.msn.com/v3/Delivery/PlacementHTTPSUsed to retrieve Windows Spotlight metadata.
client-office365-tas.msedge.net*HTTPSUsed to connect to the Office 365 portal’s shared infrastructure, including Office Online.
config.edge.skype.com/config/*HTTPSUsed to retrieve Skype configuration values.
ctldl.windowsupdate.com/msdownload/update*HTTPUsed to download certificates that are publicly known to be fraudulent.
cy2.displaycatalog.md.mp.microsoft.com.akadns.netHTTPSUsed to communicate with Microsoft Store.
cy2.licensing.md.mp.microsoft.com.akadns.netHTTPSUsed to communicate with Microsoft Store.
cy2.settings.data.microsoft.com.akadns.netHTTPSUsed to communicate with Microsoft Store.
displaycatalog.mp.microsoft.com*HTTPSUsed to communicate with Microsoft Store.
dm3p.wns.notify.windows.com.akadns.netHTTPSUsed for the Windows Push Notification Services (WNS).
fe2.update.microsoft.com*HTTPSEnables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
fe3.delivery.dsp.mp.microsoft.com.nsatc.netHTTPSEnables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
fe3.delivery.mp.microsoft.comHTTPSEnables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
g.live.com/odclientsettings/ProdHTTPSUsed by OneDrive for Business to download and verify app updates.
g.msn.com.nsatc.netHTTPSUsed to retrieve Windows Spotlight metadata.
geo-prod.dodsp.mp.microsoft.com.nsatc.netHTTPSEnables connections to Windows Update.
ipv4.login.msa.akadns6.netHTTPSUsed for Microsoft accounts to sign in.
licensing.mp.microsoft.com/v7.0/licenses/contentHTTPSUsed for online activation and some app licensing.
location-inference-westus.cloudapp.netHTTPSUsed for location data.
maps.windows.com/windows-app-web-linkHTTPSLink to Maps application.
modern.watson.data.microsoft.com.akadns.netHTTPSUsed by Windows Error Reporting.
ocos-office365-s2s.msedge.net*HTTPSUsed to connect to the Office 365 portal's shared infrastructure.
ocsp.digicert.com*HTTPCRL and OCSP checks to the issuing certificate authorities.
oneclient.sfx.ms*HTTPSUsed by OneDrive for Business to download and verify app updates.
query.prod.cms.rt.microsoft.com*HTTPSUsed to retrieve Windows Spotlight metadata.
ris.api.iris.microsoft.com*HTTPSUsed to retrieve Windows Spotlight metadata.
settings.data.microsoft.com/settings/v2.0/*HTTPSUsed for Windows apps to dynamically update their configuration.
settings-win.data.microsoft.com/settings/*HTTPSUsed as a way for apps to dynamically update their configuration.
sls.update.microsoft.com*HTTPSEnables connections to Windows Update.
storecatalogrevocation.storequality.microsoft.com*HTTPSUsed to revoke licenses for malicious apps on the Microsoft Store.
storeedgefd.dsx.mp.microsoft.com*HTTPSUsed to communicate with Microsoft Store.
tile-service.weather.microsoft.com*HTTPUsed to download updates to the Weather app Live Tile.
tsfe.trafficshaping.dsp.mp.microsoft.comHTTPSUsed for content regulation.
ip5.afdorigin-prod-am02.afdogw.comHTTPSUsed to serve office 365 experimentation traffic.
watson.telemetry.microsoft.com/Telemetry.RequestHTTPSUsed by Windows Error Reporting.

Windows 10 Pro

DestinationProtocolDescription
*.e-msedge.netHTTPSUsed by OfficeHub to get the metadata of Office apps.
*.g.akamaiedge.netHTTPSUsed to check for updates to maps that have been downloaded for offline use.
*.s-msedge.netHTTPSUsed by OfficeHub to get the metadata of Office apps.
.tlu.dl.delivery.mp.microsoft.com/HTTPEnables connections to Windows Update.
*geo-prod.dodsp.mp.microsoft.com.nsatc.netHTTPSEnables connections to Windows Update.
arc.msn.com.nsatc.netHTTPSUsed to retrieve Windows Spotlight metadata.
au.download.windowsupdate.com/*HTTPEnables connections to Windows Update.
ctldl.windowsupdate.com/msdownload/update/*HTTPUsed to download certificates that are publicly known to be fraudulent.
cy2.licensing.md.mp.microsoft.com.akadns.netHTTPSUsed to communicate with Microsoft Store.
cy2.settings.data.microsoft.com.akadns.netHTTPSUsed to communicate with Microsoft Store.
dm3p.wns.notify.windows.com.akadns.netHTTPSUsed for the Windows Push Notification Services (WNS)
fe3.delivery.dsp.mp.microsoft.com.nsatc.netHTTPSEnables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
g.msn.com.nsatc.netHTTPSUsed to retrieve Windows Spotlight metadata.
ipv4.login.msa.akadns6.netHTTPSUsed for Microsoft accounts to sign in.
location-inference-westus.cloudapp.netHTTPSUsed for location data.
modern.watson.data.microsoft.com.akadns.netHTTPSUsed by Windows Error Reporting.
ocsp.digicert.com*HTTPCRL and OCSP checks to the issuing certificate authorities.
ris.api.iris.microsoft.com.akadns.netHTTPSUsed to retrieve Windows Spotlight metadata.
tile-service.weather.microsoft.com/*HTTPUsed to download updates to the Weather app Live Tile.
tsfe.trafficshaping.dsp.mp.microsoft.comHTTPSUsed for content regulation.
vip5.afdorigin-prod-am02.afdogw.comHTTPSUsed to serve office 365 experimentation traffic

Windows 10 Education

DestinationProtocolDescription
*.b.akamaiedge.netHTTPSUsed to check for updates to maps that have been downloaded for offline use.
*.e-msedge.netHTTPSUsed by OfficeHub to get the metadata of Office apps.
*.g.akamaiedge.netHTTPSUsed to check for updates to maps that have been downloaded for offline use.
*.s-msedge.netHTTPSUsed by OfficeHub to get the metadata of Office apps.
*.telecommand.telemetry.microsoft.com.akadns.netHTTPSUsed by Windows Error Reporting.
.tlu.dl.delivery.mp.microsoft.comHTTPEnables connections to Windows Update.
.windowsupdate.comHTTPEnables connections to Windows Update.
*geo-prod.do.dsp.mp.microsoft.comHTTPSEnables connections to Windows Update.
au.download.windowsupdate.com*HTTPEnables connections to Windows Update.
cdn.onenote.net/livetile/*HTTPSUsed for OneNote Live Tile.
client-office365-tas.msedge.net/*HTTPSUsed to connect to the Office 365 portal’s shared infrastructure, including Office Online.
config.edge.skype.com/*HTTPSUsed to retrieve Skype configuration values.
ctldl.windowsupdate.com/*HTTPUsed to download certificates that are publicly known to be fraudulent.
cy2.displaycatalog.md.mp.microsoft.com.akadns.netHTTPSUsed to communicate with Microsoft Store.
cy2.licensing.md.mp.microsoft.com.akadns.netHTTPSUsed to communicate with Microsoft Store.
cy2.settings.data.microsoft.com.akadns.netHTTPSUsed to communicate with Microsoft Store.
displaycatalog.mp.microsoft.com/*HTTPSUsed to communicate with Microsoft Store.
download.windowsupdate.com/*HTTPSEnables connections to Windows Update.
emdl.ws.microsoft.com/*HTTPUsed to download apps from the Microsoft Store.
fe2.update.microsoft.com/*HTTPSEnables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
fe3.delivery.dsp.mp.microsoft.com.nsatc.netHTTPSEnables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
fe3.delivery.mp.microsoft.com/*HTTPSEnables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
g.live.com/odclientsettings/*HTTPSUsed by OneDrive for Business to download and verify app updates.
g.msn.com.nsatc.netHTTPSUsed to retrieve Windows Spotlight metadata.
ipv4.login.msa.akadns6.netHTTPSUsed for Microsoft accounts to sign in.
licensing.mp.microsoft.com/*HTTPSUsed for online activation and some app licensing.
maps.windows.com/windows-app-web-linkHTTPSLink to Maps application
modern.watson.data.microsoft.com.akadns.netHTTPSUsed by Windows Error Reporting.
ocos-office365-s2s.msedge.net/*HTTPSUsed to connect to the Office 365 portal's shared infrastructure.
ocsp.digicert.com*HTTPCRL and OCSP checks to the issuing certificate authorities.
oneclient.sfx.ms/*HTTPSUsed by OneDrive for Business to download and verify app updates.
settings-win.data.microsoft.com/settings/*HTTPSUsed as a way for apps to dynamically update their configuration.
sls.update.microsoft.com/*HTTPSEnables connections to Windows Update.
storecatalogrevocation.storequality.microsoft.com/*HTTPSUsed to revoke licenses for malicious apps on the Microsoft Store.
tile-service.weather.microsoft.com/*HTTPUsed to download updates to the Weather app Live Tile.
tsfe.trafficshaping.dsp.mp.microsoft.comHTTPSUsed for content regulation.
vip5.afdorigin-prod-ch02.afdogw.comHTTPSUsed to serve office 365 experimentation traffic.
watson.telemetry.microsoft.com/Telemetry.RequestHTTPSUsed by Windows Error Reporting.
bing.com/*HTTPSUsed for updates for Cortana, apps, and Live Tiles.
Summary
Master List of Windows 10 "phone home" connections
Article Name
Master List of Windows 10 "phone home" connections
Description
Microsoft published master lists of endpoint connections that recent versions of the company's Windows 10 operating system make recently.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. noe said on August 3, 2018 at 10:40 am
    Reply

    thx, informative contribution. especially for simplewall users (which i am not). as far as windows is concerned, i recommend o & o shutup : https://www.oo-software.com/en/shutup10 .

  2. John C. said on August 3, 2018 at 10:42 am
    Reply

    M$ is making all these connections because they’re trying to eventually force end users to have to be online all the time in order to use Windows. They will then rent the OS instead of allowing a one-time payment for its use. Being online will also keep the feds happy because… well…. you know, 1984. M$ always talks about their “stategy” as if the end user is their opponent. That’s because they’ve completely lost respect for their customers. It’s time for somebody else to step up to the plate and create an alternative to the (IMO) M$ monopoly. The way I see it, once a fully functional and bug-free NON-LINUX or other UNIX knockoff OS is created, then programmers can be recruited to meet end user program needs. However, with all the copyrights and patents the government has allowed M$ to acquire, this won’t happen until some other alternative is found. M$ is just plain evil. The U.S vs. M$ case was a P.R. hoax.

    1. Dave said on August 3, 2018 at 6:17 pm
      Reply

      “You” are the product.

    2. Eye of the Tiger said on August 3, 2018 at 11:23 pm
      Reply

      m$ strategy is pretty clear at this point; convince users to stream its OS, Games and Data with the convenience of pushing that data to any device for a monthly fee, that will go up every year or two.. forever. Then they will create obstacles between you and your data for even more control. Add on the windows store that will gouge a cut of profits from Dev’s and you’ve got a pretty solid ever expanding revenue stream. End goals of companies today are easy to spot when you consider that their only care is higher stock value, and they will do anything the law will allow to accomplish that task. When the law blocks their path they hire lobbyists, politicians and lawyers to clear the way.

  3. Emil said on August 3, 2018 at 10:45 am
    Reply

    Spybot Anti-Beacon… already made a list longer than this in the HOSTS file. Frankly, it’s incredible what M$ gets away with. The slave mentality they are working with…

    1. jern said on August 3, 2018 at 7:15 pm
      Reply

      MS is now worth $800 billion. MS can afford to have contempt for users like us.

      see…
      https://www.baystreet.ca/techinsider/1325/Microsoft-Now-Worth-800-Billion

  4. Yuliya said on August 3, 2018 at 10:55 am
    Reply

    I never used Home/Pro of 10, only Enterprise, LTSB and Server. Looking at those lists (and I assume “Family” SKU is actually Home), I have a hard time believing Pro does so many less traffic compared to Home. Knowing how notorious Enterprise CBB is, it’s just not possible. Even LTSB initiates a connection whnever I open a new explorer window through explorer.exe.

    Btw, don’t trust the “hosts” file in W10. I you use this OS and you want to block either of those domains, do it in your router. If it’s a portable machine, such as a laptop, well, then just don’t connect to other *LANs.

    ANd my advice, just avoid those “privacy applications” for W10. They can’t do more than what the OS allows them to. Do yourself a favour, open gpedit.msc and disable, as much as you’re allowed to do, of course, through a non-destructive way.

    1. Keith said on August 3, 2018 at 2:46 pm
      Reply

      @Yuliya, could you please elaborate on what to disable in the Group Policy Editor? Thanks!

      1. Yuliya said on August 3, 2018 at 5:16 pm
        Reply

        A good start would be these (on the right side you have the paths): imgur.com/cXN59lh
        Note this is from a LTSB 1607. Also pay attention to the wording, for instance:
        Allow Telemetry = Enabled [Secure] is the most “disabled” state of that policy.
        Allow Telemetry = Disabled on the other hand does not do anything. It’s the same as Windows 10’s default. Also I think you won’t be able to set it to “Secure” unless you run Enterprise.

      2. stefann said on August 6, 2018 at 8:29 pm
        Reply

        I remember they had these things about disabled and enabled that really didn’t be what it said, but the opposite in GPEDIT.msc already in Windows 2000. Some could be really confusing when the explanation did sound a bit odd. But i found the explanations online. Back then there were many good sites with guides You could follow, there probably still are. You are right about this thing about being awake ! (Thumb up !)

      3. TekWarfare said on August 4, 2018 at 2:26 am
        Reply

        Did you not check out Martin’s link in the article?

        https://privacyamp.com/knowledge-base/windows-10-privacy-settings/

    2. John Fenderson said on August 3, 2018 at 6:08 pm
      Reply

      “Btw, don’t trust the “hosts” file in W10. I you use this OS and you want to block either of those domains, do it in your router”

      I just wanted to reinforce this. Windows 10 ignores the hosts file when doing some of its “phone home” connections.

  5. dark said on August 3, 2018 at 2:55 pm
    Reply

    There are over 457 microsoft servers in Simplewall open source firewall blocklist. That’s the crazy amount of data mining servers.

  6. GAK said on August 3, 2018 at 3:01 pm
    Reply

    What is the procedure used to ‘block’ the end points listed above?

    1. Anonymous said on August 4, 2018 at 8:36 am
      Reply

      If I remember correctly, you do need a separate device for dropping the connections. So, there’s no way to block them from inside Windows, as these connections ignore the hosts-file.

      That separate device could be your router, if it can be configured to do such things. Or you can also buy a Linux-compatible single-board computer, most prominent in this category is the Raspberry Pi, and then install Pi-Hole on there: https://pi-hole.net/

      In a corporate network, you’re most likely routing internet traffic through a proxy, where you could easily block these, or do it in the dedicated firewall hardware that you probably have before that still.

  7. Deo-et-Patriae said on August 3, 2018 at 3:46 pm
    Reply

    I know I’m giving away my privacy, but since Windows 10 ( brand new installation will all the latest drivers installed ) is blazing fast and free… such is life.

    1. AnoreKneeMerce said on August 3, 2018 at 8:33 pm
      Reply

      @ Deo —

      “There is no free lunch in this world.”

      In July 2014, M$ abolished her Windows Testing Division comprising of about 150 professional testers and 1200 test-computers = M$ saved a bundle of ca$h. As replacement, every Win 10 Home & Pro users are forced to become M$’s unpaid Beta-testers for her forced auto-updates/upgrades. Windows Insiders and a few M$ staff became unpaid Alpha-testers.
      ……. Hence, the quality of Windows Update has dropped and become amateurish or unprofessional.

      Their Win 10 computers have also become M$’s money-making ad-box, eg preinstalled Candy Crush.

      P S – M$ also tried to recruit Win 7/8.1 users as unpaid Beta-testers by sneaking Telemetry updates to their computers from Oct 2015 onwards. Unfortunately for M$, Win 7/8.1 users can manually block updates.

    2. A said on August 4, 2018 at 11:13 am
      Reply

      The mentality of this guy Deo lol

  8. James T. said on August 3, 2018 at 5:47 pm
    Reply
  9. Rush said on August 3, 2018 at 6:37 pm
    Reply

    The M$$$$$oft Eco-system has grown so massive…like very hot melted lead seeping into the works. You can’t shut down or toggle a setting for more privacy, without adversely affecting your normal operating experience.

    I am experimenting with Linux mint as a dual boot, in an effort to one day…go all in for Linux.

    Microsoft has been doing a lot of glad-handing (with an evil smile) with Linux.

    Please beware Linux… Microsoft couldn’t figure out how to reverse engineer your android so their phone was crap. Microsoft would never admit it but…..IMO,

    The PLAN: If Microsoft plans to completely take over the world, they need Linux.

    It is sad that the United States hasn’t established better controls over Microsoft like the EU has….at least attempted.

  10. Rush said on August 3, 2018 at 6:41 pm
    Reply

    Because the comment doesn’t immediately post…so I couldn’t edit or immediately reply…
    will make a new comment. I just wanted to say, “thanks Martin,” This article was very informative.

  11. ilev said on August 3, 2018 at 7:00 pm
    Reply

    Martin,

    First : The are clean install connections, no 3rd party software.

    Second: Missing from your list the apps servers, like :

    candycrushsoda.king.com
    evoke-windowsservices-tas.msedge.net
    star-mini.c10r.facebook.com
    wildcard.twimg.com, oem.twimg.com/windows/tile.xml
    cdn.onenote.net/livetile/?Language=en-US
    tile-service.weather.microsoft.com, blob.weather.microsoft.com
    wallet.microsoft.com
    mediaredirect.microsoft.com
    store-images.s-microsoft.com
    http://www.bing.com/proactive, http://www.bing.com/client, http://www.bing.com/threshold/xls.aspx
    ctldl.windowsupdate.com
    location-inference-westus.cloudapp.net…

    1. TekWarfare said on August 4, 2018 at 2:32 am
      Reply

      This isn’t Martin’s list, it was published by Dani Halfin at Microsoft per the link in the article.

      A lot of those are Microsoft domains which do feature in the list, however things like facebook, twitter and candy crush do not phone home to Microsoft.

  12. johnjames said on August 3, 2018 at 7:59 pm
    Reply

    Some really good efforts here to combat Windows’ (serious) privacy issues. I’ve been on Linux for several years now and looking over the work required to maintain (the semblance) of privacy seems never-ending and exhausting.

    I honestly don’t think it’s possible to protect yourself from all the spyware built into Windows (and other similar OSes). The only answer is forcing these companies to be 100% transparent about every aspect of data collection and sharing. This will slowly help force the changes required (ala Facebook).

    1. OldNvayGuy said on August 3, 2018 at 10:09 pm
      Reply

      Once the OS’s of the world are totally transparent, then all you’ll need to worry about is data breaches, ransomware, and banks and insurance companies sharing your personal data.

    2. John Fenderson said on August 4, 2018 at 12:44 am
      Reply

      @johnjames: “The only answer is forcing these companies to be 100% transparent about every aspect of data collection and sharing.”

      Transparency is very important. However, I don’t think that transparency, all by itself, will change any of this behavior.

      “This will slowly help force the changes required (ala Facebook).”

      I think that what’s happened with Facebook is more supportive of my conjecture than of yours. The changes that Facebook has been engaging aren’t even beginning to address the underlying privacy problems with Facebook. I think that’s 100% intentional — Facebook is hoping that if they make enough noise about “fixing” some of the tangential privacy issues, that will make people forget about the real privacy issues.

  13. Linux said on August 3, 2018 at 11:30 pm
    Reply

    Linux Has No Such Problems

  14. Dennis said on August 3, 2018 at 11:46 pm
    Reply

    I like Crazy Max’s Windows Spy Blocker:

    https://github.com/crazy-max/WindowsSpyBlocker

    1. ilev said on August 4, 2018 at 7:35 pm
      Reply

      Remember Microsoft bought github. Such tools will be obsolete.

      1. Dennis said on August 5, 2018 at 3:32 pm
        Reply

        “Good……Good……” (said in my best Emperor Palpatine voice!)

        Let M$ spend even more beellions of dollars on the *next* hosting sevice that harbours code it doesn’t like!

  15. Anonymous said on August 4, 2018 at 2:33 am
    Reply
  16. M1cr0C1A$0ft said on August 4, 2018 at 2:41 am
    Reply
  17. AnoreKnee Merce said on August 4, 2018 at 11:03 am
    Reply

    Is M$ secretly passing on such data to the NSA when requested.?

    1. stefann said on August 6, 2018 at 8:37 pm
      Reply

      Since 2007 Microsoft’s own servers were fully open for NSA, as many other American companies servers. The last couple of years i have heard about that everything that were going on in f.ex Live and Skype were re-routed via NSA. Today when the spying is expanded (by the Trump administration) so be prepared to that they even can walk right in to Your computer and do whatever they want to via backdoors. Backdoors were found already in Windows 95.

    2. Das_Grimmig said on September 21, 2018 at 7:18 pm
      Reply

      MS operates withing 14 Eyes countries. Of course they do.

  18. Croatoan said on August 5, 2018 at 12:06 am
    Reply

    To much websites. My scroll buton almost broke.

    Martin, do you have all websites in one document for easy copying?

  19. space marine said on August 5, 2018 at 7:08 am
    Reply

    Somewhat on topic –

    This is the best hosts lists I’ve found to date. While it may not add blocks for W10 problems, (they can easily be added by the user) it is massive and it works well:

    https://github.com/StevenBlack/hosts

    “This repository consolidates several reputable hosts files, and merges them into a unified hosts file with duplicates removed.”

    In addition, “A variety of tailored hosts files are provided.”

    If you want the default one (latest release):

    https://github.com/StevenBlack/hosts/releases

    Users of *nix will probably want to change all ‘0.0.0.0’ entries to ‘127.0.0.1’. (and maybe some Windows users, too, IDK)

  20. Cor said on August 9, 2018 at 10:05 pm
    Reply

    I think what’s most hilarious is how Microsoft created these findings, their methodology clearly explained in its introduction.
    Because that’s what these lists are based on: findings.
    Not gathered from source, but by logging network traffic.
    We used the following methodology to derive these network endpoints:

    1. Set up the latest version of Windows 10 on a test virtual machine using the default settings.
    Leave the devices running idle for a week (that is, a user is not interacting with the system/device).
    2. Use globally accepted network protocol analyzer/capturing tools and log all background egress traffic.
    3. Compile reports on traffic going to public IP addresses.
    4. The test virtual machine was logged in using a local account and was not joined to a domain or Azure Active Directory.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.