search

hagezi / dns-blocklists

DNS-Blocklists: For a better internet - keep the internet clean!
GNU General Public License v3.0
6.77k stars 226 forks source link

Microsoft Family Safety App #3277

Closed Dynamic5912 closed 2 weeks ago

Dynamic5912 commented 3 months ago

Currently, Microsoft Family Safety app reports zero usage for Windows and Xbox devices that are linked to the parental account despite being in use - this doesn't prevent devices from working or going beyond their allocated daily time limits - but it does affect reporting to the app and occasional affects requests for time extensions from apps/devices.

My understanding and from Reddit is that allowing *. events.data.microsoft.com fixes this - but I don't want to allow all subdomains through - just the ones required for Family Safety.

Do you (or the community) know which domains are required for the app to function and report usage correctly?

I've looked online and on Microsofts forums/help pages and they say to allow the domain and all subdomains as a whole for "all Microsoft services to function correctly".

hagezi commented 3 months ago

I don't know anyone who uses it and I don't know which telemetry domains Microsoft “misuses” for it. If it really is the telemetry events, my guess is:

mobile.events.data.microsoft.com

Depending on the region:

au-mobile.events.data.microsoft.com
eu-mobile.events.data.microsoft.com
in-mobile.events.data.microsoft.com
jp-mobile.events.data.microsoft.com
uk-mobile.events.data.microsoft.com
us-mobile.events.data.microsoft.com

These are used by almost everything that “smells” of Microsoft.

Which list version are you using? Which event domains are blocked according to your log? Have you unblocked *.events.data.microsoft.com to see if this is the cause?

hagezi commented 3 months ago

I can also think of the following:

vortex.data.microsoft.com - This subdomain is often used for collecting telemetry data and is probably also relevant for Microsoft Family Safety.

self.events.data.microsoft.com - This subdomain is specifically for collecting telemetry data and events triggered by user actions or system operations, which may also be important for tracking activity in Microsoft Family Safety. Only blocked in Ultimate.

Dynamic5912 commented 3 months ago

Thanks for the hints.

I'm using the Ultimate List.

For now, i have whitelisted the domain in AGH as follows: @@||events.data.microsoft.com^

And will see if this yields any results then try to figure out which domains are being used.

Kids are on downtime this evening but they should be on their devices tomorrow so I can see what happens :)

hagezi commented 3 months ago

For Ultimate, I would unblock self.events.data.microsoft.com and see if that is enough.

Dynamic5912 commented 3 months ago

self.events.data.microsoft.com

OK. Will change my custom filter to that domain and see if it works tomorrow.

Will update as I know more...

Dynamic5912 commented 3 months ago

OK, so..

Allowing self.events.data.microsoft.com made no difference - no time used etc. was being reported to the Family Safety App.

So I whitelisted events.data.microsoft.com to allow all subdomains and within a couple of minutes, the app updated with usage time for the kids laptops as well as time spent in individual apps (previously this all said "not used today").

Now begins the game of figuring out which subdomain of events.data.microsoft.com is required for Family Safety to work - I'll need to trawl through the logs for the evening and see which whitelisted subdomains were used then take it step-by-step I guess..

Dynamic5912 commented 3 months ago

It might be functional.events.data.microsoft.com not 100% sure..

I have other Windows machines in the household and only the kids laptops are calling this subdomain when in use..

Dynamic5912 commented 3 months ago

It's not functional.events.data.microsoft.com so back to searching again.

I've whitelisted events.data.microsoft.com as a whole again so will see what crops up and if it starts working...

hagezi commented 3 months ago

@Dynamic5912 Anything new here?

Dynamic5912 commented 3 months ago

Still testing - whitelisting events.data.microsoft.com seems to work sporadically.

Disabling blocking/filtering altogether in AGH makes it work as it should - so something else is required to be whitelisted as well it seems.

I think it might be activity.windows.com but need to do more testing.

xRuffKez commented 3 months ago

@Dynamic5912 new results?

Dynamic5912 commented 2 months ago

Been on holiday 😀

Will check again over the next few days

paddyofurniture commented 1 month ago

Wondering if there's been progress on this?

Also, where are you whitelisting? Windows Firewall, router, or..?

hagezi commented 2 weeks ago

@Dynamic5912 Is there anything new or can I close here?

hagezi commented 2 weeks ago

@Dynamic5912 If the problem still exists, or if you know what you need to unblock, just contact here in the topic again. I'll close it for now.

Dynamic5912 commented 2 weeks ago

Hey - sorry been busy with work and stuff so not gotten around to re-testing this again.

Will update the post again if there's any update.