Windows 10 spies on your use of System Settings (2021)

Original Article ↗ Hacker News Discussion ↗

What the Settings traffic might be doing

  • Several commenters suggest the observed requests look like:
    • Network connectivity checks (similar to “ping google.com”).
    • Version / update checks (the 2021.1019.1.0 value is interpreted by multiple people as a date-like version string).
    • Fetching content for the Settings “banner” (Microsoft Rewards, OneDrive, Edge prompts, etc.), i.e., data from Microsoft to the user.
  • Others argue that regardless of purpose, it is unexpected and unsolicited traffic and therefore functionally telemetry: it can timestamp your use of specific UI pages.

Telemetry vs spyware and trust in Microsoft

  • One camp views Microsoft as fundamentally untrustworthy, citing past security failures, long history of anti-competitive behavior, and products like Recall. For them, any opaque data leaving the machine is “close to spyware.”
  • Another camp defends Microsoft as unlikely to deploy “true spyware” (e.g., webcam capture), arguing they depend on business trust and that telemetry is anonymized and controlled.
  • Several people counter that “trust” must be scoped: enterprises may trust Microsoft to ship patches, but not to respect privacy by default.

Ethics and purpose of telemetry

  • Pro‑telemetry arguments:
    • Common justification: understanding feature usage, deprecating unused features, prioritizing bug fixes, informing UX decisions.
    • Claims that usage data answers “was this feature a good idea?” in ways pre‑release testing and surveys cannot.
    • Telemetry is seen as acceptable if: opt‑in, clearly labeled, anonymous, and free of sensitive content (URLs, filenames, personal data).
  • Anti‑telemetry arguments:
    • “It’s not their computer”: any unsolicited call home is a privacy violation and extra attack surface.
    • Even “anonymous” data can often be re‑identified via IP, TLS fingerprinting, etc.
    • Additional code and networking add latency, complexity, and potential bugs; vendors should do proper testing or paid user studies.
    • “Done right” is criticized as a moving target; users have little real control over what is collected.

Control, blocking, and technical limits

  • Hosts‑file blocking is shown to be weak: tools and programs can bypass it via direct DNS queries, alternative resolvers, DNS‑over‑HTTPS, or hardcoded IPs.
  • Firewalls are suggested as the only robust line of defense, though fully preventing connectivity without disabling the Internet is described as difficult.

Windows, privacy, and alternatives

  • Multiple commenters describe Windows 10/11 as effectively ad/spyware and isolate it (guest networks, dual‑boot) or move to Linux.
  • Others warn against pure speculation (e.g., Photos app “likely” exfiltrating facial data) and call for concrete network analysis rather than FUD.