• Transporter@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    3
    ·
    2 years ago

    Really you’d have to fire up Wireshark and see what telemetry Windows was blabbing away behind your back. Analysing those logs can be a tedious business, especially as you’d need a large dataset.

    Thing with just about any tech related question posted is likely some geek will have done the heavy lifting for you already. Here is a nice start:

    https://www.zdnet.com/article/windows-10-and-telemetry-time-for-a-simple-network-analysis/

    Here is another one:

    https://www.comparitech.com/blog/information-security/windows-10-data/

    That’s logs required to be collected, doesn’t say whether or not the data is sent back to Windows. Best assume yes.

    Course, all that proprietary software will have a voluminous licence agreement that nobody reads. They’ll collect as much data as they can to “maximise user experience” or whatever rubbish.

    • MigratingtoLemmy@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 years ago

      Could one mirror the traffic from the VM into Suricata/Snort to analyse it? Although if it were to be HTTPS traffic I doubt these or Wireshark would be able to do anything about them. The only alternative remains is to run a MiTM proxy in your network, which is a bit more advanced