Burnett's Twitter bio describes him as an Independent IT Security Analyst, author, and former Microsoft MVP and throughout this thread he talks about testing/monitoring outbound connections to various Microsoft services when those settings/options are disabled on Windows 10 Enterprise. He even stated that he had to go into the system registry to disable some of these connections.
The gist of his results was that he continued to see outbound connections from this virtual machine running Windows 10 Enterprise even though some of those options had been disabled using GPO's and other methods.
The thread solicited a lot of comments and conversation but about six hours after he started discussing his testing he did tweet and state that his initial testing wasn't tightly controlled and that he planned to perform these tests again using more controlled setup and baseline measurements. This morning he started another thread and shared that he admits that he was not doing a research paper about this process or publishing a vulnerability report on what he saw but just sharing his observations on everything. It appears he is continuing his testing but went on to share a document that can help system admins and IT Pros to understand the outbound connections that occur between Windows and Microsoft Services.
We have previously shared Microsoft's resources about the Full and Basic Telemetry levels in Windows 10 and what controls you have over those settings in Windows 10 Professional, Education and Enterprise versions of the operating system.
This new document from last week named Manage connections from Windows operating system components to Microsoft services goes into a lot of detail about these different connections from Windows 10 to Microsoft Services and is well worth your time to read and review.
Burnett wraps up his thread this morning calling for more options that allow users at all levels to opt out of telemetry and take more control over their systems. That may be a hard nut to crack this far down the Windows as a Service (WaaS) road as Microsoft has built a telemetry system that gives them the feedback they need to help users maintain and manage their systems. Some level of telemetry is necessary just so Microsoft knows what you have installed on your system in order to validate any updates that might be needed.
I do not think we will ever get away from some the need for some data feedback to Microsoft in order to keep systems up to date and safe from attacks like WannaCry and there is likely not a solution that will make everyone happy but I suspect there is a happy medium somewhere out their on the continuum.
Looking for an awesome, no-nonsense technical conference for IT Pros, Devs, and Devops? Check out IT/Dev Connections!