12. Telemetry

These services either do user data tracking, or are an unnecessary performance hit. See Telemetry Info.

Danger

After every major windows update, verify these settings.

Note

As of 20H2, only GPO’s are covered, unless the value0 cannot be set or enforced via GPO. A reference link is provided to determine the appropriate Registry value to use.

Disable Connected User Experiences and Telemetry Service

⌘ › services.msc › Connected User Experiences and Telemetry › General

Service name

DiagTrack

Startup type

DISABLED

Service status

STOPPED

Windows 10 collects user data and sends it to Microsoft.

See Diagnostics & Feedback to restrict data collection.

Updated: 2021-02-19 Reference

Disable application telemetry

Computer Configuration › Administrative Templates › Windows Components › Application Compatibility › Turn off Application Telemetry

ENABLED

Windows 10 collects information on application usage.

Updated: 2021-02-19 Reference

Disable customer experience improvement program

Computer Configuration › Administrative Templates › System › Internet Communication Management › Internet Communication settings › Turn off Windows Customer Experience Improvement Program

ENABLED

Windows 10 devices send hardware and software usage information to Microsoft via customer experience improvement program.

Updated: 2021-02-19 Reference Reference

Disable sending browser history for Edge

Edge browser automatically reports browser history to Microsoft.

GPO

Computer Configuration › Administrative Templates › Windows Components › Data Collection and Preview Builds › Configure collection of browsing data for Desktop Analytics

DISABLED

Updated: 2021-02-19 Reference

Disable inventory collector

Computer Configuration › Administrative Templates › Windows Components › Application Compatibility › Turn off Inventory Collector

ENABLED

Windows 10 Inventory Collector inventories applications, files, devices, and drivers on the system and sends the information to Microsoft.

Updated: 2021-02-19 Reference

Disable program compatibility assistant

Computer Configuration › Administrative Templates › Windows Components › Application Compatibility › Turn off Program Compatibility Assistant

ENABLED

The Program Compatibility Assistant detects known compatibility issues in older programs. After you have run an older program in this version of Windows, it notifies you if there is a problem and offers to fix it the next time you run the program. If the compatibility issue is serious, the Program Compatibility Assistant might warn you or block the program from running.

Updated: 2021-02-19 Reference

Disable steps recorder

Computer Configuration › Administrative Templates › Windows Components › Application Compatibility › Turn off Steps Recorder

ENABLED

Steps Recorder automatically capture steps you take on a PC, including a text description of what you did and a picture of the screen during each step.

Updated: 2021-02-19 Reference

Force desktop analytics to honor telemetry settings

Computer Configuration › Administrative Templates › Windows Components › Data Collection and Preview Builds › Limit Enhanced diagnostic data to the minimum required by Windows Analytics

DISABLED

Desktop Analytics will report additional telemetry information if enabled.

Updated: 2021-02-19 Reference

12.1. Firewall

Endpoints for telemetry may change. Peridiocally verify these have not changed. See references for additional documentation.

Warning

These endpoints should be blocked or routed to a blackhole. See Pi-Hole and DNAT for Captive DNS.

Connected User Experiences and Telemetry endpoints

Microsoft Defender Advanced Threat Protection is country specific and the prefix changes by country, e.g.: de.vortex-win.data.microsoft.com

Release

Diagnostic Endpoint

Functional Endpoint

Settings Endpoint

1703 with 2018-09 cumulative update

v10c.vortex-win.data.microsoft.com

v20.vortex-win.data.microsoft.com

settings-win.data.microsoft.com

1803 without 2018-09 cumulative update

v10.events.data.microsoft.com

v20.vortex-win.data.microsoft.com

settings-win.data.microsoft.com

1709 or earlier

v10.vortex-win.data.microsoft.com

v20.vortex-win.data.microsoft.com

settings-win.data.microsoft.com
Diagnostic data services endpoints

Service

Endpoint

Windows Error Reporting

watson.telemetry.microsoft.com

ceuswatcab01.blob.core.windows.net

ceuswatcab02.blob.core.windows.net

eaus2watcab01.blob.core.windows.net

eaus2watcab02.blob.core.windows.net

weus2watcab01.blob.core.windows.net

weus2watcab02.blob.core.windows.net

Online Crash Analysis

oca.telemetry.microsoft.com

OneDrive app for Windows 10

https://vortex.data.microsoft.com/collect/v1

vortex.data.microsoft.com/collect/v1

Microsoft Defender Advanced Threat Protection

https://wdcp.microsoft.com

https://wdcpalt.microsoft.com

References

  1. All Windows 10 GPO Settings

  2. Configure Windows Diagnostic Data

  3. Manage connections from Windows 10 to Microsoft Services

  4. Manage connections from Windows 10 OS components to Microsoft Services

  5. Application Telemetry