v10.vortex-win.data.microsoft.com

[beerisgood]

"v10.vortex-win.data.microsoft.com" is important for security!:

Microsoft Defender Advanced Threat Protection so it's not Ad or Tracking or Telemetry

[anudeepND]

@beerisgood The domain is used for getting diagnostic data from Windows.

Links to documentation: 1709 1803 1809 1903

This data collection can be disabled by using Group Policy Editor. However Group Policy Editor is only available in the Windows 10 Pro, Enterprise, and Education editions. This domain is also used in xbox to report game crashes.

[beerisgood]

This data collection can be disabled by using Group Policy Editor. However Group Policy Editor is only available in the Windows 10 Pro, Enterprise, and Education editions.

Not true. The group policy editor can be activated in home edition too as it's already installed. Anyway that's not needed as the user can set the diagnostic data to basic level in privacy settings which don't send any private data.

This domain is also used in xbox to report game crashes.

So it's important and not tracking.

[scafroglia93]

I confirm, the basic level of privacy does not send personal data

[scafroglia93]

Let's meet and work together to find a solution guys

[anudeepND]

I would like to add a few points:

The basic level doesn't include any PII as far as I know. But the types of data collected include device attributes, such as camera resolution, display type, and battery capacity; application and operating system versions, IMEI number (for mobile devices) architecture details, processor, memory type, and firmware versions etc.

The privacy level defaults to either Full or Enhanced in new/fresh installations. These levels upload crash dumps. For example, crash dumps can contain the contents of a document that was in memory at the time of the crash. And these logs contains your usage patterns, the amount of time you spend on a software etc. These data can be tied to a profile and can be used for other purposes such as targeted ads.

Does the telemetry can be turned off completely? There is no option in the settings to disable the data collection completely. However there are many methods such as reg keys and group policy editor etc. But these settings will be reset after a Windows update (it doesn't happen with every updates but many cumulative updates resets these keys to default). You can configure these settings only if you're a tech savvy guy and an average joe does not know how to use regeditor, group policy editor or scheduled tasks.

What does Microsoft Privacy Policy say about data collection? This is not entirely about the diagnostic data but it's applicable to general data collection done by Microsoft. From MS Privacy Policy page:

Microsoft collects data from you, through our interactions with you and through our products. You provide some of this data directly, and we get some of it by collecting data about your interactions, use, and experiences with our products. The data we collect depends on the context of your interactions with Microsoft and the choices you make, including your privacy settings and the products and features you use. We also obtain data about you from third parties.

Microsoft uses the data we collect to provide you with rich, interactive experiences. In particular, we use data to:

• Provide our products, which includes updating, securing, and troubleshooting, as well as providing support. It also includes sharing data, when it is required to provide the service or carry out the transactions you request.
• Improve and develop our products.
• Personalise our products and make recommendations.
• Advertise and market to you, which includes sending promotional communications, targeting advertising, and presenting you with relevant offers.

What data does Microsoft collects with default privacy settings(set to Enhanced or Full)? From the doc: This info can include any user content that might have triggered the problem and is gathered from a small sample of devices that have both opted into the Full telemetry level and have exhibited the problem.

However, before more info is gathered, Microsoft's privacy governance team, including privacy and other subject matter experts, must approve the diagnostics request made by a Microsoft engineer. If the request is approved, Microsoft engineers can use the following capabilities to get the information:

• Ability to run a limited, pre-approved list of Microsoft certified diagnostic tools, such as msinfo32.exe, powercfg.exe, and dxdiag.exe.
• Ability to get registry keys.
• Ability to gather user content, such as documents, if they might have been the trigger for the issue.

Blocking v10.vortex-win.data.microsoft.com prevents MS from collecting data? No, the main purpose of this host file to reduce such data collection and it doesn't prevent companies form tracking it's customers. It is nearly impossible to stop data collection by using only host files.

So it's important and not tracking.

It may help the developer for fixing bugs, but diagnostic data is not the only source that help to them to address the problem. Even with the vast quantity of diagnostic data, some core functions such as Windows update is still broken and every time I have to make a system backup before updating my machine.

As a final thought, it is difficult to curate, personalize and maintain the host file to a specific set of people. Since there is an option to whitelist the domains as per your need, I can create a wiki for specific set of domain that some users may need to whitelist depending on how they use a particular service. I'm always open to feedback or opinions from the community :)

[scafroglia93]

@beerisgood What do you think ?

[beerisgood]

@anudeepND Wow. A long, good post 👍 Let's start:

The basic level doesn't include any PII as far as I know. But the types of data collected include device attributes, such as camera resolution, display type, and battery capacity; application and operating system versions, IMEI number (for mobile devices) architecture details, processor, memory type, and firmware versions etc.

Yeah as you say, non PII so that data are of course possible for create profiles but more needed for bug fixing and Updates as a OS is very complex and need some non-PII data to solve that.

The privacy level defaults to either Full or Enhanced in new/fresh installations. These levels upload crash dumps. For example, crash dumps can contain the contents of a document that was in memory at the time of the crash. And these logs contains your usage patterns, the amount of time you spend on a software etc. These data can be tied to a profile and can be used for other purposes such as targeted ads.

To be fair the user can control the submission, even if most (or all?) of that data are non-PII too.

Does the telemetry can be turned off completely? You can configure these settings only if you're a tech savvy guy and an average joe does not know how to use regeditor, group policy editor or scheduled tasks.

for these guys the Windows privacy management is enough.

What does Microsoft Privacy Policy say about data collection? What data does Microsoft collects with default privacy settings(set to Enhanced or Full)?

Yeah, detailed info and that's important. Also these are not new info but Microsoft increase the privacy not only once (e.g. GDPR valid even before this policy start)

Blocking v10.vortex-win.data.microsoft.com prevents MS from collecting data? No, the main purpose of this host file to reduce such data collection and it doesn't prevent companies form tracking it's customers. It is nearly impossible to stop data collection by using only host files.

So it's important and not tracking.

It may help the developer for fixing bugs, but diagnostic data is not the only source that help to them to address the problem. Even with the vast quantity of diagnostic data, some core functions such as Windows update is still broken and every time I have to make a system backup before updating my machine.

This even increase the argument for not blocking these domain(s) :)

As a final thought, it is difficult to curate, personalize and maintain the host file to a specific set of people. Since there is an option to whitelist the domains as per your need, I can create a wiki for specific set of domain that some users may need to whitelist depending on how they use a particular service. I'm always open to feedback or opinions from the community :)

I would like to build a blacklist instead of a whitelist, so these domains aren't blocked by default from your list, but can be added. So it reduce false positives are lot.

[scafroglia93]

This could be a solution, a blacklist formed by the windows addons

@anudeepND It's a good idea for me (we need your list bud)

[anudeepND]

@beerisgood @scafroglia93 I have created a wiki page which will contain the domain names and description. I will be adding the domains to the wiki which affects a small number of people

[scafroglia93]

I think the way forward is to create an additional blacklist so that you don't have any problems.

Most people don't have the ability to whitelist a domain just as they won't go to github to read a wiki.

We must reason as perfect ignorant of matter

[scafroglia93]

@beerisgood I look like the mediator of the united nations

However nextdns has added this features in the meantime https://github.com/nextdns/metadata/commit/336240aab819cb9bd3179379bbf4b70f686be006

[beerisgood]

@scafroglia93 so they block these domains? Sad then I don't use their DNS

[scafroglia93]

You are not obliged to activate the function, you can choose