12. Telemetry
These services either do user data tracking, or are an unnecessary performance hit. See Telemetry Info.
Danger
After every major windows update, verify these settings.
Note
As of 20H2, only GPO’s are covered, unless the value0 cannot be set or enforced via GPO. A reference link is provided to determine the appropriate Registry value to use.
Disable Connected User Experiences and Telemetry Service
⌘ › services.msc › Connected User Experiences and Telemetry › General
Service name
DiagTrack
Startup type
DISABLED
Service status
STOPPED
Windows 10 collects user data and sends it to Microsoft.
See Diagnostics & Feedback to restrict data collection.
Updated: 2021-02-19 Reference
Disable application telemetry
Computer Configuration › Administrative Templates › Windows Components › Application Compatibility › Turn off Application Telemetry
☑
ENABLED
Windows 10 collects information on application usage.
Updated: 2021-02-19 Reference
Disable customer experience improvement program
Computer Configuration › Administrative Templates › System › Internet Communication Management › Internet Communication settings › Turn off Windows Customer Experience Improvement Program
☑
ENABLED
Windows 10 devices send hardware and software usage information to Microsoft via customer experience improvement program.
Disable sending browser history for Edge
Edge browser automatically reports browser history to Microsoft.
GPO
Computer Configuration › Administrative Templates › Windows Components › Data Collection and Preview Builds › Configure collection of browsing data for Desktop Analytics
☑
DISABLED
Updated: 2021-02-19 Reference
Disable inventory collector
Computer Configuration › Administrative Templates › Windows Components › Application Compatibility › Turn off Inventory Collector
☑
ENABLED
Windows 10 Inventory Collector inventories applications, files, devices, and drivers on the system and sends the information to Microsoft.
Updated: 2021-02-19 Reference
Disable program compatibility assistant
Computer Configuration › Administrative Templates › Windows Components › Application Compatibility › Turn off Program Compatibility Assistant
☑
ENABLED
The Program Compatibility Assistant detects known compatibility issues in older programs. After you have run an older program in this version of Windows, it notifies you if there is a problem and offers to fix it the next time you run the program. If the compatibility issue is serious, the Program Compatibility Assistant might warn you or block the program from running.
Updated: 2021-02-19 Reference
Disable steps recorder
Computer Configuration › Administrative Templates › Windows Components › Application Compatibility › Turn off Steps Recorder
☑
ENABLED
Steps Recorder automatically capture steps you take on a PC, including a text description of what you did and a picture of the screen during each step.
Updated: 2021-02-19 Reference
Force desktop analytics to honor telemetry settings
Computer Configuration › Administrative Templates › Windows Components › Data Collection and Preview Builds › Limit Enhanced diagnostic data to the minimum required by Windows Analytics
☑
DISABLED
Desktop Analytics will report additional telemetry information if enabled.
Updated: 2021-02-19 Reference
12.1. Firewall
Endpoints for telemetry may change. Peridiocally verify these have not changed. See references for additional documentation.
Warning
These endpoints should be blocked or routed to a blackhole. See Pi-Hole and DNAT for Captive DNS.
Connected User Experiences and Telemetry endpoints
Microsoft Defender Advanced Threat Protection is country specific and the prefix changes by country, e.g.: de.vortex-win.data.microsoft.com
Release |
Diagnostic Endpoint |
Functional Endpoint |
Settings Endpoint |
---|---|---|---|
1703 with 2018-09 cumulative update |
v10c.vortex-win.data.microsoft.com |
v20.vortex-win.data.microsoft.com |
settings-win.data.microsoft.com |
1803 without 2018-09 cumulative update |
v10.events.data.microsoft.com |
v20.vortex-win.data.microsoft.com |
settings-win.data.microsoft.com |
1709 or earlier |
v10.vortex-win.data.microsoft.com |
v20.vortex-win.data.microsoft.com |
settings-win.data.microsoft.com |
Diagnostic data services endpoints
Service |
Endpoint |
---|---|
Windows Error Reporting |
watson.telemetry.microsoft.com |
› |
ceuswatcab01.blob.core.windows.net |
› |
ceuswatcab02.blob.core.windows.net |
› |
eaus2watcab01.blob.core.windows.net |
› |
eaus2watcab02.blob.core.windows.net |
› |
weus2watcab01.blob.core.windows.net |
› |
weus2watcab02.blob.core.windows.net |
Online Crash Analysis |
oca.telemetry.microsoft.com |
OneDrive app for Windows 10 |
|
› |
vortex.data.microsoft.com/collect/v1 |
Microsoft Defender Advanced Threat Protection |
|
› |
References