https://korben.info/en/gdid-windows-cut-tracker-vpn.html
This Korben track it's a golden nugget, thanks for sharing it.
I still have some doubts about possible system instability issues with proprietary software if the OS were to detect that telemetry has been disabled.
The svchost.exe system file is the generic container that, on Windows, hosts telemetry instances of files such as "diagTrack" or "UtcSvc".
By running the following command as an administrator in PowerShell
tasklist /svc /fi "imagename eq svchost.exe"
You will simultaneously see all instances currently running on your win pc in the svchost container (I tryed in win10, but the command it's a standard troubleshooting from win xp to 12)
You obtain a list with more than 10 active processes, the factors to be taken into account are as follows (or similar if you use another version of win):
Process PID Service
========================= =====================
svchost.exe xxxx DispBrokerDesktopSvc
svchost.exe xxxx DiagTrack
svchost.exe xxxx DoSvc
I voluntarily deleted the Process ID (PID) because, even though they change every time the machine restarts, a tracking system might have logged them. Am I being too cautious? I'm always been that way, and it’s always paid off.
These are files of telemetry services:
- diagTrack: collects diagnostic data, user habits, and software and hardware information. It is Microsoft tracking and fingerprinting system.
- dispBrokerDesktopSvc: manages the monitor resolution, orientation, refresh rate, and layout (very important for fingerprinting, anyone who uses Tor knows this is critical data).
- DoSvc: is Windows P2P service designed to optimize the distribution of updates to other PC. It causes spikes in ram usage and constantly scans the disk.
Disabling these services may compromise the OS proper functioning in the long run. As soon as I have a reason to use Windows for a certain period of time, I will try disabling them and assessing the OS stability.
I tried to force access to the diagTrack file to see what data it contained, but the system categorically blocks access to this file. Even though it is our own data.
There’s an app in the Microsoft Store that’s supposed to read the telemetry and show what’s being sent. I have never trusted it because it’s proprietary software rather than open source, so it might have an interest in hiding certain data.