Burnett A Security Researcher confirms that all these calls are made by Windows 10, not by any 3rd party or inuilt apps.
“So it seems” he goes on “like Microsoft doesn’t even honours it’s own Group Policy settings” warning “But the big problem here is that people will use third-party apps to blocks all this and inadvertently block security-related stuff.”
As if for an encores, Burnett deleted the new Paint 3D, The system apps, which he is entirely entitled to do. He found the systems restored it and added a firewall rule allowing it network access. Yes. Not even Paint is safe to use.
Microsoft responded late Monday night with a statement explaining: “Enterprise user are able to configure the necessary settings to achieve zero emission and we provide guidance and actual scripts to configure their systems. We don’t recommend turning off the setting as it disrupts user experiences and securities.
“We give our customers a numbers of choices to help manage telemetry settings for an enterprise environments and how to confirm these settings.”
As ever, because we have no direct conversations with Microsoft (they always respond when we’ve gone home) we haven’t been able to pick them up on the points that this is the bit that isn’t working and causing security concern.
One user, ‘Donkeychan’ said: “MS Support consistently and repeatedly told me that enterprisers allowed me to disable this stuff. If I can’t control the egress then I can’t verify PCI compliances. I’ve already had to revert a client to Win 7 because they failed a PCI compliances audit using Win 10 Enterprise. Which, by the way, is very expensive for small business. Win 10 Enterprise isn’t viable for business. I have a bunch of small business clients and I’ve had to use a whitelist firewall to pass PCI compliances, someone said here that a whitelist firewall is borderline unusable. I’ve sunk so much time into that solution and I can attest, it’s not a viable solution.”
‘Sathackr’ added: “I went through the same thing last year. I spent two months trying to plug all the holes in the enterprise versions, for a medium sized healthcare client, and eventually gave up.
Take your time to comment on this article.
