The 'you can turn it off' argument is moot:
- Even after turning off on-line search results and Cortana, the search box entries are still send to Microsoft. You have to manually block traffic in the outgoing search firewall rule to stop this. That's very odd behaviour.
- I can change my privacy settings accordingly, but Microsoft has the tendency to provide updates that will show a dialogue box with deceiving questions, that will ask to enable 'recommended settings', which will reset your privacy settings to something very different that what I intended.
- you, as an end customer, cannot turn of 'telemetry data' or whatever that's supposed to be. The EULA is worded in an ambiguous way, where Microsoft can decide to include things as they desire. If this is so harmless, then why do only Enterprise customers get the ability to turn it off?

I'm not comfortable with a company exhibiting this type of behaviour, knowing that they have a strong wish to monetize their customers OS usage data starting at Windows 10. (and now seemingly being backported to Windows 7/8, when customer agree to the Windows 10 EULA before they actually perform the upgrade).

With services such as email, search, social networks, etc. I at least have the option of using a service that monetizes my private data or not. Guess what? I do not use Facebook, Twitter, LinkedIn, Gmail, etc. Why should I be so accepting Microsoft data-mining my OS usage?

Right now, people using software and services are frogs in a large pan. Companies turn up their privacy invading behaviour one degree at a time, hoping that nobody will notice. Sometimes they mis-judge, and then you get a backlash. This is what's going on with Windows 10 right now. Saying they're wrong at being upset, is akin to telling customers that they're holding their phone 'the wrong way' when they have reception issues.

Just a heads-up: Facebook tracks all people visiting websites that have a like button

Do some google searches (when you are not logged into google) for e.g. a router. After some time you start getting targeted adverts for routers. Then surf the web using the same internet connection but using a different computer (with a clean installation): you'll also have the router adverts. They have you on IP address.
There is no way to opt out of those. And those are the visible effects of the tracking. No idea what other things they follow.

That is not to say I don't agree with your argumentation. The weekend I read that some linux distribution even does it (can't find the reference). I fully agree that companies should not track users without their knowledge and without their explicit consent.

"Anymore"? When could they, 1995?

Never. But now the attack surface has been greatly increased and you have no choice in the matter.

This is already resonating among the average non technical people.

The other day my father who is completely non technical person (he doesn't use copy paste) and I don't talk about tech with him told me: "Did you know that Windows 10 now sends all you write to Microsoft? Is it true? Why do they need that?"

Now if they could just get the same feeling about Google and Apple*, who are much worse than MS, we might make some headway against it.


* And Facebook, and Snapchat, etc, etc...

Seems windows 10 is broken for optical audio(maybe just digital audio in general), I cant' find anyone who has it working and its been a known bug for months.

If you use optical out to a receiver you can only get stereo, All other formats are just not available(not DTS or 5.1).

Weird thing if you can do a speaker test in the playback devices and get sound from all speakers but it won't work for anything else.

Tempted to rollback to windows 8.1 at this point(as it worked perfectly)

Note: Analogue will work in 5.1

Haven't seen this one yet. I use optical for stereo only so I've never looked for surround options. Hopefully it will be fixed in the next build.

That's odd. I'm getting normal DTS/DD 5.1 from optical outputs on my setup. Using release version same as everyone else, no beta, no testing builds, etc.

The only thing I can think of, is that it's using drivers all the way from Windows 7. It's an Asus Xonar D2X PCIe card. Drivers used were originally the Windows 7 lot, updraged to Windows 8, then 8.1. Finally recently upgraded to Win 10. ie, NOT a clean installation. That's the only thing I can think of that might be protecting me from issues everyone else is having with Optical and Win 10.

J1NG

This one appears to be possible through policy. I haven't run tests to confirm, but these policies were setup for Enterprise security and MSFT doesn't mess around with enterprises.



I can't say that's I've seen this with Metro settings. Have you? Have you seen people reporting this? Most of this I've seen was old Action Center related stuff.

Enterprises have very stringent security and update requirements. That's the gift horse, so to speak. Users are a different ball game.


I wish there was a single button solution to disable all this, too. Personally, I am not a fan of forced data mining at the OS level. Give it some time and someone will make a simple button for this. Hopefully enough people will pressure changes. That's one bonus of Win10, changes are easy to release.

Have you and all your friends submit feedback. That plus the media pressure can make a change.

Maybe it is realtek specific, but interestingly the only guy on windows insider forum I have been reading who got to work did actually use the original driver CD(windows 7) and installed it in win 7 compatibility mode.
I have not been able to find my original driver CD and all the official realtek,asus and MS windows 10 drivers give me stereo only

This machine was upgraded from windows 8.1, so I might have to resort to dredging up some old windows 7 drivers....

As the Threshold 2 update has arrived (Windows 10 November update), it seems that Microsoft's idea of providing updates seems to be to reinstall the OS every 4 months? (the November update basically upgrades the entire OS, much like Windows 8 to 8.1).

I can't imagine this policy aiding the popularity of the OS with users and businesses...

Another thing I noticed, since Windows 8.1 you can no longer leverage the built-in Firewall to block outgoing connections by the OS while still allowing Windows Update.
Previously to Windows 8.1, you could create a rule that would allow only the Windows update service from using svhost.exe to access the internet. Now, the service is no longer specified when windows update uses the svhost process to access internet; you either have to give svhost.exe full access to internet, or you lose Windows Update functionality.

The only easy workaround I see, is to set up an AD domain and use WSUS for updates, limiting network access for svhost.exe to the WSUS server IP address / hostname.

The enterprise update world is totally different for Win10. There is a LTSB (Long Term Stable Build) for enterprises that does not get minor builds...unless the admins want to push it. The LTSB build also uses the traditional update model where each update can be pushed or blocked by the system admins and the CU does not need to be used.

The CU (Cumulative Update) and minor build pushes are for the consumer model only.

You can block or allow by service in Windows Firewall still. Though the process may be a little different.

Set outgoing traffic to block. Then create an Custom firewall rule through the UI. Select the "Customize..." button next to Services when you get to the Program screen. Select the "Apply to this service" radio button and select "Windows Update". Then create a standard allow rule for TCP ports 80 and 443 (or all ports if you like, but those two should be the only ones you need).

That should allow WU to work even with the default outgoing policy set to block.

From PowerShell:

New-NetFirewallRule -Name WU-Allow-TCP-out -DisplayName "Windows Update (TCP-Out)" -Description "Allow outgoing TCP port 80 and 443 traffic by the Windows Update service." -Enabled True -Action Allow -Protocol TCP -RemotePort 80,443 -Direction Outbound -Service wuauserv

Basically. It's part of the Windows as a service ideal. It also allows Windows to be more agile, adding features and new technology on-the-fly, rather than waiting 2-3 years to get with the times.

It's more of an in-place upgrade than a reinstall. Potato, potatoe...

Did you try that rule in Windows 10? It doesn't work.

Ever since Windows 8.1, Microsoft has made it impossible to define practical firewall rules for Windows Update that are less broad than 'allow all outgoing connections by svhost.exe'. I suppose they don't want you to use the built-in firewall to block telemetry and any other data gathering.

Through data collection, Microsoft is turning non-Enterprise-edition Windows users into revenue streams, much like Google treats its users.
Thanks but no thank you...

oh and the update policy sucks... it resets a lot of the OS customisation that was done;
For example, after installing the November build, my firewall rule that blocks outgoing Search requests (that are launched regardless of 'search online' being disabled) has been turned into an 'allow rule' again.
There's plenty of anecdotal evidence that other users have seen all kinds of issues with the OS 'upgrade' changing settings and removing programs.

Upgrading the entire OS (in-place) just is not a reasonable upgrade strategy on a frequent basis, except for users that keep the OS to the default settings (and even then there's just too much room for things to go wrong).

Windows 10 is pushing me more and more towards the idea of using some desktop linux distro (Ubuntu/Fedora) + VMWare Workstation with Windows in a VM for Windows-on-demand needs.

I have already seen 2 ruined Windows 10 installations that people upgraded from 7. One was BSOD before starting Windows, other had filesystem and windows image files hosed and also wasn't booting. Managed to boot with media (this is getting harder and harder) and repair filesystem, repair image (dism) and system files (sfc /scannow)

I would say for business use 7 is better than 10 at the moment. Updates failed in previous versions sometimes, I think updates with 10 are less robust (they need exorbitant amounts of free space).

The laptop I ordered for Linux was bad and I returned it, waiting for reimbursement. After that IT plan is to phase out Windows as personal machines in few years. Only keep firewalled workstation around.

dZeus, you could use tails iso image in virtual machine for browsing. This week I'm on ethical hacking course, lots of cool new stuff I learned.