Cortana Is Listening

Page 2 - Seeking answers? Join the Tom's Hardware community: where nearly two million members share solutions and discuss the latest tech.
Not open for further replies.

Math Geek

can you provide citation for this? i understood that turning it off disabled cortana collection from you. of course there is still a ton of stuff MS collects that is not related but i am pretty sure there was some specific stuff only related to cortana that goes away with disabling it.
Thanks very much for the article. I have been trying to get this information out in the forums as much as possible. But no one wanted to believe it , other responses were I must be some nut job conspiracy theorist or something hiding under my tin foil hat.
Hopefully now people will understand that what I have been saying is true and revolt against the massive invasion of privacy.


Jul 19, 2013
You know in this day and age, if they really wanted to profess your data is secure and your privacy won't be violated when some end-user agreement permits then, these items should be open sourced, localized first, not be all condensed to one hackable account, and when needed use a decentralized architecture when searching online.

Just the upload data from my router. All of the uploads are encrypted so I can not say exactly what they contain.
Even with cortana,live search,suggested sites, search tracking,Bing removed, basically everything that I could find to turn off that might create upload data.

Then my testing was open Outlook and edit contacts with fake data. Upload packets sent.
Open Word and create a work contract. Upload packets sent.
Open Excel and start a spreadsheet. Upload packets sent.
Do a computer search with live search turned off. Upload packets sent.
Create a post on toms hardware on my main computer. then edit it. Go to the win10 computer and make the same edit and post it. The upload from the win10 computer is 40% larger than the upload packets from the win7 computer. So why is 40% more information sent from the win10 computer as compared to the win7 computer for the same edit?

Can I prove it?? not really ,as I can not intercept the packets and decrypt them.
But I can prove that just about everything you do on a win 10 computer creates upload packets.


Math Geek


that's pretty interesting either way. does make you stop for a moment and wonder. i have not gotten this deep yet into the os but will start looking at this type of stuff as well. by any chance have you tried blocking this with a software firewall yet? i know back in the day i used to use zone alarm to keep programs from "phoning home" and auto updating and all that stuff. i wonder if it would allow you to block some of the MS traffic as well. just a thought anyway.

and as a side note, i did expect this version of windows to be a privacy nightmare since all MS talked about was monetizing the os as much as possible. they took the lead from the other os makers and adopted their money makers for themselves. my problem is the os is still not free!!! sure we get a freebie upgrade once, but will still have to buy it for the next system build. i feel a bit more violated by having to pay them to collect all this info on me. at least google and apple let me play for free while they mine my life for every cent they can.


all you need to know when using windows 10

as p.t barnum said ''a sucker is born every second ''

your personal pc is now a public pc


I think it all goes well with this as well for review - ''snitch software''

first red flag with 10 is the forced updates - they can load up what ever they want back doors what ever .. who in there right mind is ok with that to start with ??

I've been making them wrong all this time. They always come out looking like Napoleon's hat when I need a new one. And take forever to make.
Will this new style hat protect me from win10 intrusions also?




I'm not saying that Microsoft shouldn't gather some data. Even in Windows 7 some was normal, like Unolocogringo stated. The problem isn't that they are gathering data so much as the extent to which they are doing it. Some is okay. They could just look at our Bing search results, Windows Store purchases, the music added to Groove, and the videos added to the TV & Movies application and have a ton of material to work with for advertising. If Microsoft gathered this data and sold advertising info gathered from Bing to other companies, and used the information gathered from the rest for in-app advertisement then I would be perfectly happy with it. The problem is that it gathers essentially everything it can and doesn't set appropriate limits to which that data can be shared. It isn't limited to just Microsoft, and it isn't limited to just a handful of services. I focused on Cortana, as that is the biggest part of the problem, really it goes far beyond that. Just covering this aspect of it made for a rather large article, but covering all of it would simply be too huge for one piece. I might aim for a second article to cover the rest.

I really do hope you do the second article.
I do jest some in the forums ,but I also try to help out a lot also.
Once I figured out all of thid data was being uploaded ,I did not have a good way of getting the information out the the general populace and be taken seriously.
Thanks again.



you got to figure - most folks don't care they just hit ''I agree'' and move on - all put the full lives and there family's on face book- most use steam for games [ there eula just about covers as 10 ] as its put ''with out limitations '' to make changes and accept there content to your computer -

they just give it all away and not realize what the just did to them selves ..

For reasons that include, without limitation, ''system security'', stability, and multiplayer interoperability, Steam may need to automatically update, pre-load, create new versions of or otherwise enhance the Content and Services and accordingly, the system requirements to use the Content and Services may change over time. You consent to such automatic updating.

now what part of the system security don't affect your whole system ?? and you allow them to make changes to that as ''THEY'' see fit ???

heck you may as well just load up 10


Mar 16, 2013

And for all previous version of Windows (or Linux, iOS, whatever)....I assume you decompiled and inspected each line of code for each update?


I honestly don't see it as a big deal. As said, Apple/Google have been doing just this for years. In fact some apps need permissions to parts for certain things but use them for other things and send that data to servers.

My GMail has used names in my contacts and have had spam sent to me with those names (not email addresses but the names of the people).

The majority of people wont care. They don't even understand Geo tagging, when a picture is tagged with your location based on your phones GPS and location information. With that I can find where you were when you posted it and to add onto it use that to triangulate where you live, work, eat most often and other information.

I do give Microsoft credit for actually giving the information up so freely for people to find easily. Most are buried so deep under legal jargon that you might never know what they do and do not use.

Let us one up it. Facebook sells peoples pictures to be used in advertisements

Yet people still use Facebook en mass.

Unolocogringo, I do wonder. Are you using BitLocker? That would make sense if it was re-uploading your encryption key, encrypted of course, every time you made a change to or a new file on your PC. I can say that even with Windows 7/8 I watched my traffic monitor on my Asus router and there is always some sort of traffic, even small amounts, going on. Remember the system will check into the update servers, time servers and other servers depending on what you have running.


dang right -- funny there not pasted all over the web as like you see for 10 ... that's how blatant it seems to be - funny how it was close to the same for 8 as well and with 7 I can look up what each update is inspect notes web sites what ever on it then ''I'' decide weather to download and install or not and then i can uninstall them all if I do find a issue ...

see with 7 or Linux I can decline any or all updates I don't ever need to be on the internet with them at all --- I got to wonder how long that postpone deal lasts ?? after a set amount of time will it turn off certain features in 10 until you do accept the forced updates ?? kinda like if you don't activate older windows with in that 30 days ??

what you need to do is show where all this said is totally wrong when you try to defend it -- like a lot of folks get them and render your rig useless or find theres no compatibility no drivers no nothing but Microsoft says ''your copy of 10 is ready '' ya ready to do you in for ...

''I do give Microsoft credit for actually giving the information up so freely for people to find easily''

wheres them links to all that ??



The defer is set to 9 months for pro, indefinitely for Enterprise.


You can still remove Windows updates if you need to. And yes that is Windows 10. - Cortana FAQ - Windows 10 FAQ

As for drivers, Microsoft is not responsible for that. They already have basic drivers for the vast majority of hardware. The hardware vendors need to be actively working on them as Microsoft is releasing a new OS, much like NVidia did for 10.


better re read that agreement -- about as useless as tits on a boar hog

says here you will accept

•Windows 10 Home users will receive updates from Windows Update automatically when it’s available. Windows 10 Pro and Windows 10 Enterprise users will have the ability to postpone updates. The amount of time that Windows 10 Pro users can postpone updates is limited.

so I don't see it as you say it is ??

give me the Microsoft link backing that up ??

well to each his own no one is twisting your arms to use it or not [yet] enjoy

No I keep a safe network at home and keep all of my backups on external hard drives.
I do not do cloud,Facebook,external storage etc...
I have all automatic updates turned off on all computers and programs. I will take care of all of that myself. My start-up is clean with only the basic need programs run at start-up.
I have one box that is used for credit card processing, but it is only turned on as needed and shut down when I am finished. Except 4 times a year I have to log onto a website and let them try to hack into my network for 4 hours for PCI compliance. Always score a 99 on their test. 1 point off because my computer is ping-able. But turning that off makes it so that automatic emailing of charge receipts does not work properly with office.
So no there is no reason what so ever besides windows 10 for all of the extra upload traffic.



Apr 3, 2001
As I mentioned, I can see a certain amount of this to be understandable, I just feel that it goes too far overall.

For those of you wondering about turning Cortana off, there are ways to turn it off. It is off by default until you activate it, so just check settings if you are wondering about that.
Yeah you're right, in fact they go nearly as far as Google. Strange, where's your big Google exposé? Or are they just better at indoctrinating and obfuscating? Ah, how silly of me to ask, the answer is self-evident.
I run my router with DD-WRT installed. much more secure and stable than the consumer firmware on routers you buy.
It also allows me to see and log up/down data for all computers or individual computers on my network.
So I am absolutely sure that the uploads seen were from the win10 computer and that they were created as I was doing each of my tests.
I live in a rural area and the best DSL connection available is 11mbps down and .768mbps. Downloads are usually not a problem, but too many uploads will crash the connection and bring all activity to a stop up or down.
With 3 computers folding full time, my wife watching Netflix, ( cable or satellite are not an option, they do not exist here) I have to prioritize my internet connections even if that means some of my folding units take forever to upload and sometimes time out and have to restart. All that basically means I have to limit each connection in the router to keep a connection. Otherwise I lose connection and the folding uploads will crash it again as soon as a connection is reestablished.
So yes I watch and configure my network carefully to ensure all goes well.


Jul 26, 2008
The problem I have with Cortana isn't her indexing and analyzing behavior then storing it locally, but the fact that it's uploading everything you do to Microsoft. Run an application, it lets Microsoft know. Open a Movie file, it lets Microsoft know along with the meta data of that Media file. Play a game, it lets Microsoft know the game, how long you played it and any other information it can scrape off it. If your on a tablet or other device with a mobile services, it uploads your messages, who you called, how long you talked and any other data it can get it's hands on. It's the ultimate spying device and goes far far beyond whats necessary. Any voice data that it comes across it also uploads that and I wouldn't be surprised if there was a backdoor switch to silent full record and transmit.

This is flat out mass surveillance packaged as a nice "feature". They took some nice stuff, things that are useful, and then packaged it with over and beyond surveillance capability. This way people take it, think "this is cool new technology" and accept it without realizing they are buying into a full surveillance package recording everything they do. This is another reason it's being pushed out and offered cheaply or even "free", MS wants that surveillance option on as many devices as possible.

Here is a simple case on how this can come back to hurt someone. Your on your home PC at 7PM at night. You open a media file you got from a friend, Cortana silently records the file name, all metadata and even hash from the file and sends it to MS. At MS datacenter a data combing programs analysis your data and determines that file was potentially copywrited from Sony pictures. It then sends a notification to Sony, along with all included information pairs with your name, location, computing habits, metadata of other media files on your computer and any other potentially useful information. Then you get a nice nasty mail from Sony or are suddenly subject to a lawsuit. And lets not get into law enforcement in relation to 4th and 5th amendment rights. Those don't count if the data is given to them by a third party.

I won't go near Windows 10 until it's been out for awhile, after several updates, and someone (not from MS) has come out with a procedure / software for removing all the surveillance options and preventing it from reporting on you.

It's just extremely scary to imagine MS headquarters knowing every single file on your computer and everything you do on that computer.
Someone in Germany wrote a program called DoNotSpy, which will let you easily turn off a whole bunch of settings in Windows 10 that are related to tracking you and your data.

Just a warning ahead of time, this program is ad supported.

Here is the list of features that you control with the app:

Defer Windows Upgrades
Disable Access to Language List
Disable and reset Advertising ID
Disable and reset Cortana
Disable app access to Account Info, Calendar, Camera, Location Info, Messages, Microphone, Radios
Disable App Notifications
Disable Automatic Driver updates
Disable Automatic Windows updates
Disable Biometric
Disable enabling Lock Screen Camera
Disable Getting to know me
Disable Handwriting Data Sharing
Disable Inventory Collector
Disable Location
Disable OneDrive
Disable Password Reveal Button
Disable sending Writing Info
Disable Sensors
Disable SmartScreen Filter for URLs
Disable Steps Recorder
Disable Telemetry
Disable Web Search
Disable WiFi Sense
Disable Windows Defender
Disable Windows Feedback Requests
Disable Windows Media DRM Internet Access
Disable Windows Update for other products
Disable Windows Update sharing

Obviously some of these things are not spy related, but things like being able to stop Windows Update from loading new video drivers could be a benefit by itself.

DoNotSpy website:


Oct 12, 2011
Dumbest article ever - why you are not so concerned when the apple equivalent gathers the same information as well as sends voice commands to remote servers? Toms, stop writing cheap articles or if you are concerned about your readers! The level of the articles constantly drops from some time
Not open for further replies.