Windows Telemetry data is always in discussion among security geeks. But before moving forward lets first understand what is Telemetry Data with respect to Windows. Telemetry data present in every windows machine. According to ethical hacking researcher of International Institute of Cyber Security, this telemetry data is system diagnostics information, system details, and logs of how frequently Windows user is using some applications, features & some more details internal to Microsoft.
So today we will talk about a Windows spy blocker a tool, used for spying and tracking the network traffic on your Windows system. This is completely built on go language. We can use this tool in windows 7, 8 and 10.
- OS: Windows 10 64 bit
- Version: Microsoft Windows [Version 10.0.18363.720]
- Firstly we have to download the windows spy blocker on your windows machine.
- Use this link to download the spy blocker, https://github.com/crazy-max/WindowsSpyBlocker/releases/download/4.28.0/WindowsSpyBlocker.exe
- Open the spy blocker tool, after downloading the file.
- In the main menu we see two options.
- 1- Telemetry
- 2- Dev
- Now choose option 1-Telemetry. In the telemetry, we have 2 classifications.
- 1- Firewall
- 2- NCSI (Network Connection Status Icon).
Telemetry > Firewall Option
A firewall is used to protect our system from unauthorized access. We can use this firewall in software and hardware form.
- In the firewall option we five different options like add extra rules, add spy rules, add update rules, remove windows spy blocker rules and, display your current windows spy blocker rules.
- We can run these options by selecting the required option’s number.
- Now, choose option 2-Add spy rules
- When we choose, these options add extra rules and add spy rules, it downloads 3 different files as shown in below picture.
- This will be stored in windows Spy Blocker’s folder.
- In the above picture, we see Adding outbound firewall rules.
- All these IP’s belong to Microsoft.
- Now let’s check in our search engine, by choosing an IP from the List.
- In this tool, we have an option called extract data. When we use that option, it collects all the data and stores in a file depending on the data.
- We can see extract data option at the final step.
Telemetry > Network Connection Status Indicator (NCSI) Option
- Now, choose option 2-NCSI (Network Connection Status Indicator).
What is NCSI?
The main purpose of the Network Connection Status Indicator in windows is to provide network connection information.
- In NCSI we have four options to display your current NCSI values, Apply WindowsSpyBlocker NCSI, Apply Microsoft NCSI and Test the internet connection.
- Choose option 4-Test the connection.
- Now, choose option 1-Display your current NCSI values.
- The aim of this NCSI tool is to check the internet connection.
What is DEV?
DEV, it is used for tracking files. In the Dev, we have 7 options to track the hardware files proxifier, sysmon, Wireshark, test, Diff, merge and, extract data.
Dev > Wireshark Option
- Choose option 3-Wireshark, to capture all the traffic.
- First we have to install Npcap to capture any details.
- After installing the Npcap choose the required option.
- The captured data file stored in the Temp file in windows Spy Blocker.
Dev > Extract Data Option
- Next, choose option 7-To extract data
- Extracted data is stored on this path.
- Let’s see the extracted data.
- Now, let’s open any folder to check the data files.
Now lets show another tool to disable telemetry data on your Windows system.
- We can also disable telemetry data.
- For this, we need to download DisablewinTracking.exe file from the below link https://github.com/10se1ucgo/DisableWinTracking/releases/
- Now, extract the zip file.
- Then we see DisablewinTracking.exe file.
- Run the file as an Administrator.
- Here, select the telemetry option.
- Select service method and click on go.
- It will disable the telemetry option.
By using Windows spy blocker tool we can capture the network traffic to track our telemetry data and act upon it. This tool can also be used for auditing purpose.
Cyber Security Specialist with 18+ years of industry experience . Worked on the projects with AT&T, Citrix, Google, Conexant, IPolicy Networks (Tech Mahindra) and HFCL. Constantly keeping world update on the happening in Cyber Security Area.