It's quite funny how until a couple of years ago it was perfectly fine to run applications that didn't need to connect to the internet, but now every software company is trying to convince everyone that it's absolutely essential. And it's of course for your own safety. Each and every software company has only one interest and no other: your safety.
I am amazed that any of this phoning home is allowed inside the EU seeing the strict privacy regulations. Either a lot of money is changing hands or it is ignorance.
It is likely incompetence as most of them don't understand what is presented here, they cannot understand the meaning behind a web request. I don't think its bribery but sheer stupidity.
It's pretty wild when you start digging into how much data actually gets sent back. Microsoft claims GDPR compliance, but their privacy settings are confusing, and defaults aren’t privacy-friendly. Windows skirts the rules with vague opt-outs, banking on its massive user base. EU regulators should crack down, and they have fined companies like Facebook and Google, but enforcement is inconsistent, and big tech has the money to push boundaries.
Most likely it's simply not covered by regulation. GDPR has specific exemptions, such as anonymizing data. That's what is most likely happening here. Even if you have telemetry on and someone hacks Microsoft or Firefox (as an example) and gain access to all their telemetry data there would be no way for them to use just that data to find which of it pertains to you specifically or figure out who they have data on in general. Basically, imagine I sit in a caffee and count how many red cars pass on the street and write down the count. Well if someone gets my notes they won't exactly be able to say that you drove past me would they? That's basically all that needs to happen for this to be completely legal under EU regulation. That or express consent where they put it in your face (like what we get with the cookie popups) and specifically say that we will be using this data for X and Y and are you sure you want to allow us to do this?
i use simplewall to block ALL connections to the internet unless I go out of my way to allow a process to access the network. Windows is by far the top abuser.
Yep. Also the f they need my personal info for? Like literally they are trying to show you who's tracking your personal info by asking your personal info. LOL
I have certainly had enough of it. something needs to be done at a government level. Also the same with deleting people comments on YT and other platforms. I am just sick of it.
Ohh, I used this a fair bit at my workplace to figure out why certain pages failed to load or didn't work properly with certain proxy and firewall configurations on the corporate network. That said, none of that telemetry data would be enough to say any of it belongs to Bob from down the street. If you have data from somewhere else that you can cross reference you can play detective and figure it out though.
They'd already figured it out long time ago. That's why they have and needed those big data centers in the first place. All of that data is being sorted in real time to track personal activities and track people in general, it's already being done in real time as we speak.
I was searching for something like this. I would like if software like this would have "tree view", like Process Explorer but for connections. The great Outpost Firewall (RIP my friend) had that feature and was VERY useful for fast viewing of what is connecting outside, app by app, and the different components of the system. I really hate the amounts of constant connections of modern Window$. In old versions, it was awesome that the computer WAS IDLE if not using it and without any unnecessary connections. Now it uses YOUR connection and your hard disk/solid state media constantly, reducing the lifetime of the components, and taking bandwidth for something that is not useful for you, but money for them.
Have you looked at all the security measures available in the Sandboxie software. For example you can tweak it to not allow any program run inside the sandbox other than what you specifically allow...like your browser Or you can protect processes within the sandbox from host processes Or you can stop processes from capturing windows images in the sandbox etc etc
sandboxie is a shell of what it used to be before it was sold. i believe hypervisor with windows sandbox is the way now, ultimately linux guest or ultimately ultimately QubesOS
Not just powerpoint. Any program that deems it necessary to do whatever it wants it will run in the background. I've had Chrome/Firefox/Opera, running in the background at launch. As well as other programs. Because they were "updating" collecting information at their will.
@@RaymondMonk-f9d Check to see if there is any shortcut of MS Powerpoint in this folder: "C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"
@@RaymondMonk-f9d It's impossible to really block it. The only way to get rid of is to remove them. But you can't remove some windows apps. They will turn on whether the user wants its or not. That's the reality we live in. Violating privacy and there's no regulation that can stop it... I will always remember watching an interview with one of those guys in the programming security, where he had a camera on his monitor in the office... It was obviously "turned off", but he was giving an interview and in the background, that camera was covered with a duct tape... Yep... That is the only solution for no private information leak... is to physically block it/remove it yourself. Every other method and no "restrictions" etc won't stop anyone determined enough... With the amount of backdoors built in(deliberately), it is absolutely impossible.
right. they should know nothing about the user experience, so that when people complain about bugs, they cant figure out what the issue is . they should be issuing perfect software to begin with .
Fiddler has been around for a long time and I've used it for maybe 15 years or more, but ... Your demo is good but it could make a novice feel safe but totally missing that not all data communication is using HTTP. Appliances in your home, tv,vacuum or whatever, do the same but fiddler will not show you that.
I would like to see some videos around Linux security. No one should be surprised that Microsoft grabs as much data as they can but what about Linux distros?
As a Linux user, I'm quite interested in this. I know that Eric Parker checked Ubuntu and found nothing bad was going on there, but it would be good to have multiple sources (maybe he missed something or wasn't as rigorous as he could have been, idk, I have never done this kind of analysis, so it's hard for me to say).
@@the-answer-is-42 I'm also a Linux user and Portmaster lets you see all the connections of each application made. Its free and open source. Might be a good place to start.
Ah yes, let's download Fiddler Classic. But wait! In order to download this anti-spyware tool, we have to give up our email address AND our Country of origin. Amazing!
That's really not that unreasonable information to need, your email so you can recover your account, and country for potential legal and jurisdictional things. This isn't the hill to die on with privacy. Also just use a burner email, I have 5 email addresses, 3 of them I use for junk like this.
Do you have a solution to stop client side scanning? It’s becoming a little more common with iPhones, Microsoft etc. This is going to be a major problem, defeats need to end encryption etc.
I use Linux and so I dont think I have this problem, I do have a windows laptop in my workshop though, just for my CNC and 3D printing hobby, I will see whats going down with it, I am pretty security conscious though and If I remember correctly I ran some sort of debloating and security settings tool when I bought it.
It is so frustrating that everything just uses the internet now, even if it's not needed at all. Everything is slower and uses more energy than necessary. And it takes a lot of work to turne of everything, and sometime I might want it, for some things I might want auto update or maybe they are doing a study that I think is cool. But it is impossible to know what information they are collecting. At least give me the option to make a readable text file with the information you are asking for before I decided if I would like to send the data. My consent means nothing when I don't have a chance of understanding what and why you are collecting data. 🤷♂ I hate that my pc is doing a lot of work in the background that I would not have installed had I know what it was.
Now I have been hit by a RAT from China, it stole my sneaky photos when I dressed up as a hot girl. Asia: It sent a message through my computer screen saying, hey, your friend is a really beautiful guy, love. This is the first time I've been admired by a strange edge. 😢
You do great videos. But honestly as someone who's worked in IT for most of his life and part hobby. I genuinely don't understand. Can you not break it down further and he slower? Like what is telemetry, what am i meant to be looking for what am i not looking for. You seem to know what your talking about but i don't think a lot of people do.
What's spying on my Linux machine? Nothing. :) NoScript + Firefox + uBlock Origin + Pi-Hole + Linux + 250+ email aliases so I won't get phished + stay vigilant online = pure awesomeness. :)
The fact that you have to turn it off to begin with is criminal. I paid for it. It is my PC. What I do with it is none of your concern unless I harm someone with it. Plain and simple.
I have a question. We can block outbound calls using windows firewall, right? So if are able to identify all apps that are sending data from our laptop without our knowledge, we should be able to block them, right? Ofcourse unless the working of the application depends on no restriction applied via windows firewall.
Use Portmaster! I've been using on my PC and laptop for a while now. Windows 10 & 11. I have Portmaster to block internet access to every App, utility etc, that I decide shouldn't. Including much of Windows itself. I have it blocking all of that telemetry from Windows, Dell, RGB Lighting ect. I LOVE it.
the first thing I check in any software is the settings panel to see what telemetry is available. I update using winget so I don't want auto-updating apps, etc. it always helps to check, as well as looking towards the community to find ways to disable/block the telemetry if you can.
Because most of it is normal behaviour I have nothing against tutorials but you do not want to know how often people start digging and on the discord we have to calm the panic. Not that I agree with everything that is collected but in many cases it is for your benefit
Privacy or not, but... Is Microsoft PAYING for your connection to the internet? No? You are, right? Why do they get to use it willy nilly? Did Microsoft buy you a computer? No? Then why do they get to use your resources willy nilly? Does Microsoft use your hardware? Or is your hardware for you to use? I own my computer. It belongs to me. Microsoft's windows is just a damned computer program. It should make my computer usable, and then get out of the way. Nothing more. Nothing without my express permission. It shouldn't use my internet connection. It shouldn't decide to run services in the background that are unnecessary for me. It should NOT manage and tell me what I want and tell me what I need. An operating system should only be there to let you choose your programs to run, and then get out of the way of your purposes. It shouldn't be making you computer whine and run slow just because there was an update or just because Microsoft wanted more money and decided to make your hardware obsolete so you buy a new computer and choose their operating system again. I use Arch, by the way. It is beautiful, it works, and it doesn't make my fans spin up just idling because Windows is busy trying to figure out how to get me to spend more money and using my computer as a platform for advertisers and commercial interests to use my machine as thier personal billboard display.
It's quite funny how until a couple of years ago it was perfectly fine to run applications that didn't need to connect to the internet, but now every software company is trying to convince everyone that it's absolutely essential. And it's of course for your own safety. Each and every software company has only one interest and no other: your safety.
I am amazed that any of this phoning home is allowed inside the EU seeing the strict privacy regulations. Either a lot of money is changing hands or it is ignorance.
It is likely incompetence as most of them don't understand what is presented here, they cannot understand the meaning behind a web request. I don't think its bribery but sheer stupidity.
It's pretty wild when you start digging into how much data actually gets sent back. Microsoft claims GDPR compliance, but their privacy settings are confusing, and defaults aren’t privacy-friendly. Windows skirts the rules with vague opt-outs, banking on its massive user base. EU regulators should crack down, and they have fined companies like Facebook and Google, but enforcement is inconsistent, and big tech has the money to push boundaries.
Most likely it's simply not covered by regulation. GDPR has specific exemptions, such as anonymizing data. That's what is most likely happening here. Even if you have telemetry on and someone hacks Microsoft or Firefox (as an example) and gain access to all their telemetry data there would be no way for them to use just that data to find which of it pertains to you specifically or figure out who they have data on in general.
Basically, imagine I sit in a caffee and count how many red cars pass on the street and write down the count. Well if someone gets my notes they won't exactly be able to say that you drove past me would they? That's basically all that needs to happen for this to be completely legal under EU regulation. That or express consent where they put it in your face (like what we get with the cookie popups) and specifically say that we will be using this data for X and Y and are you sure you want to allow us to do this?
i use simplewall to block ALL connections to the internet unless I go out of my way to allow a process to access the network. Windows is by far the top abuser.
probably lack of knowledge. In NLD the people that should know are completely oblivious and depend on commercial consultancy firms.
You know the drill by now: 'Plot twist: Fiddler spies on your computer' lol
Yep. Also the f they need my personal info for? Like literally they are trying to show you who's tracking your personal info by asking your personal info. LOL
the amount of telemetry that Microsoft is gathering on customer devices including running powershell scripts is nuts . Excellent video!
I have certainly had enough of it. something needs to be done at a government level.
Also the same with deleting people comments on YT and other platforms. I am just sick of it.
Ohh, I used this a fair bit at my workplace to figure out why certain pages failed to load or didn't work properly with certain proxy and firewall configurations on the corporate network. That said, none of that telemetry data would be enough to say any of it belongs to Bob from down the street. If you have data from somewhere else that you can cross reference you can play detective and figure it out though.
They'd already figured it out long time ago. That's why they have and needed those big data centers in the first place. All of that data is being sorted in real time to track personal activities and track people in general, it's already being done in real time as we speak.
I was searching for something like this. I would like if software like this would have "tree view", like Process Explorer but for connections. The great Outpost Firewall (RIP my friend) had that feature and was VERY useful for fast viewing of what is connecting outside, app by app, and the different components of the system.
I really hate the amounts of constant connections of modern Window$. In old versions, it was awesome that the computer WAS IDLE if not using it and without any unnecessary connections. Now it uses YOUR connection and your hard disk/solid state media constantly, reducing the lifetime of the components, and taking bandwidth for something that is not useful for you, but money for them.
this channel is soooo good. thanks a lot for fiddler. do you know about something similar for linux?
i was wondering the same thing
Not as detailed but OpenSnitch firewall does similar on Linux.
i will ask chatGPT. there must be a bash one-liner command with tail -f or something 🤣. linux is unbelievably good.
so, what part of this video teaches us how to find backdoors and identify malware?
Try the movie War Games.
Exactly 😂. Why isn’t he just checking real malware in this video? Should be easy to find infostealer malware nowadays
are you like genuinely rtrded
Have you looked at all the security measures available in the Sandboxie software.
For example you can tweak it to not allow any program run inside the sandbox other than what you specifically allow...like your browser
Or you can protect processes within the sandbox from host processes
Or you can stop processes from capturing windows images in the sandbox
etc etc
sandboxie is a shell of what it used to be before it was sold. i believe hypervisor with windows sandbox is the way now, ultimately linux guest or ultimately ultimately QubesOS
Shout out Portmaster
Thanks for the interesting find Leo, I'll be sure to check out Fiddler
This would be really helpful, thanks.
Excellent video as always! Thanks..
Thank you! This is very useful.
Why do not use WireShark ?
He mentioned it first 2 minutes. Answer= this might be simpler for everyday users.
Pay attention to the video lol
Sometimes I feel like this channel is a front for more spyware
Reminds me of the Mac OS variety called Little Snitch. Thanks for the tip for the Windows equivalent.
Can you explain why PowerPoint is running in the background when I didn’t open PowerPoint after reboot?
Its probably set itself automatically as a startup program.
Not just powerpoint. Any program that deems it necessary to do whatever it wants it will run in the background. I've had Chrome/Firefox/Opera, running in the background at launch. As well as other programs. Because they were "updating" collecting information at their will.
@ but I actively blocked open at startup, to no avail..
@@RaymondMonk-f9d Check to see if there is any shortcut of MS Powerpoint in this folder: "C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"
@@RaymondMonk-f9d It's impossible to really block it. The only way to get rid of is to remove them. But you can't remove some windows apps. They will turn on whether the user wants its or not. That's the reality we live in. Violating privacy and there's no regulation that can stop it...
I will always remember watching an interview with one of those guys in the programming security, where he had a camera on his monitor in the office... It was obviously "turned off", but he was giving an interview and in the background, that camera was covered with a duct tape... Yep... That is the only solution for no private information leak... is to physically block it/remove it yourself. Every other method and no "restrictions" etc won't stop anyone determined enough... With the amount of backdoors built in(deliberately), it is absolutely impossible.
Programs like Firefox shouldn't be collecting data or running studies without your consent.
Generally that's a crime if you catch my drift.
right. they should know nothing about the user experience, so that when people complain about bugs, they cant figure out what the issue is . they should be issuing perfect software to begin with .
@@loupasternak Any good application will allow you to run / send a diagnostic report.
@@avp2501 yeah, 1 out of 10,000 users will even know what that is . better to make it automatic
I remember Tucker saying that
I have to trawl around all windows settings periodically, because microsoft likes to alter them. This includes smartscreen.
Fiddler has been around for a long time and I've used it for maybe 15 years or more, but ...
Your demo is good but it could make a novice feel safe but totally missing that not all data communication is using HTTP.
Appliances in your home, tv,vacuum or whatever, do the same but fiddler will not show you that.
An excellent tool I had no idea about ! Thanks !
love to learn more :)
No I can't, I'm sorry.
If I ran stuff like this, I'd become extremely paranoid.
I wonder what kind of Telemetry it would pic up from my MacBook?
Apple does this as well, David Bombal has a recent video about this where they talk about the iPhone, they are the opposite of private
I would like to see some videos around Linux security. No one should be surprised that Microsoft grabs as much data as they can but what about Linux distros?
As a Linux user, I'm quite interested in this. I know that Eric Parker checked Ubuntu and found nothing bad was going on there, but it would be good to have multiple sources (maybe he missed something or wasn't as rigorous as he could have been, idk, I have never done this kind of analysis, so it's hard for me to say).
@@the-answer-is-42 I'm also a Linux user and Portmaster lets you see all the connections of each application made. Its free and open source. Might be a good place to start.
@@SniperOwland their windows version is excellent!
I wanted to see what internet traffic the Clock app was pulling AFTER it was updated.
Ah yes, let's download Fiddler Classic. But wait! In order to download this anti-spyware tool, we have to give up our email address AND our Country of origin. Amazing!
No one stoping you to use throwaway email and pick the country randomly
That's really not that unreasonable information to need, your email so you can recover your account, and country for potential legal and jurisdictional things. This isn't the hill to die on with privacy. Also just use a burner email, I have 5 email addresses, 3 of them I use for junk like this.
Fake email used "Go (at) To (dot) Hell"
Do you have a solution to stop client side scanning? It’s becoming a little more common with iPhones, Microsoft etc. This is going to be a major problem, defeats need to end encryption etc.
Thank You.
What about brave browser its safe?
please make a longer tutorial on how to use it please please please
I use Linux and so I dont think I have this problem, I do have a windows laptop in my workshop though, just for my CNC and 3D printing hobby, I will see whats going down with it, I am pretty security conscious though and If I remember correctly I ran some sort of debloating and security settings tool when I bought it.
Would you please make a videro with fiddler everywhere and fiddlercap?
Dude can you create a latest 2024 video about various ways to setup crowdsec.
If you're paid to work fully remotely using your PC, blocking Smartlook on your machine probably isn't the worst idea.
"were raising some concerns about workplace transparency"
If I pay for my own device and they don’t supply you a computer to do your work they can jog on 😂😂.
Why be concerned with a hash as it's one way, non reversible?
Discord brought me
It is so frustrating that everything just uses the internet now, even if it's not needed at all.
Everything is slower and uses more energy than necessary.
And it takes a lot of work to turne of everything, and sometime I might want it, for some things I might want auto update or maybe they are doing a study that I think is cool.
But it is impossible to know what information they are collecting. At least give me the option to make a readable text file with the information you are asking for before I decided if I would like to send the data.
My consent means nothing when I don't have a chance of understanding what and why you are collecting data. 🤷♂
I hate that my pc is doing a lot of work in the background that I would not have installed had I know what it was.
I tried this tool with ' brave ' browser but didn't find any captured requests like chrome for example 😕
where's chrome in the picture ?
so umm.. isn't wireshark just better for this?
In so early there is no download links
why are his views so low
Now I have been hit by a RAT from China, it stole my sneaky photos when I dressed up as a hot girl. Asia: It sent a message through my computer screen saying, hey, your friend is a really beautiful guy, love. This is the first time I've been admired by a strange edge. 😢
Windows for gaming only, Linux and MacOS for everything else
why are views so low
Maybe nerds/geeks like it more than common people
Any Linux app alternatives?
give information to download an app?
Fiddler does break several of my connections. weird.
You do great videos. But honestly as someone who's worked in IT for most of his life and part hobby. I genuinely don't understand. Can you not break it down further and he slower? Like what is telemetry, what am i meant to be looking for what am i not looking for. You seem to know what your talking about but i don't think a lot of people do.
Windows already sends out data so is windows a virus/trogen?
nice vid bro
How can we easily block the telemetry connections?
Portmaster is what most of us use.
Is fiddler still free?
Are gsmes spying on me with their DRM and anti-cheat?
What's spying on my Linux machine? Nothing. :) NoScript + Firefox + uBlock Origin + Pi-Hole + Linux + 250+ email aliases so I won't get phished + stay vigilant online = pure awesomeness. :)
With recent events regarding the election, can you create a video on how to best protect your internet from people you don't want to see it?
Are pirated games safe?(State your Opinion)
Pirated games itself are safe. But sometimes the cracker, repacker or the distributor include malware on it. and malware is not safe
The fact that you have to turn it off to begin with is criminal. I paid for it. It is my PC. What I do with it is none of your concern unless I harm someone with it. Plain and simple.
I have a question. We can block outbound calls using windows firewall, right? So if are able to identify all apps that are sending data from our laptop without our knowledge, we should be able to block them, right? Ofcourse unless the working of the application depends on no restriction applied via windows firewall.
no
Use Portmaster! I've been using on my PC and laptop for a while now. Windows 10 & 11. I have Portmaster to block internet access to every App, utility etc, that I decide shouldn't. Including much of Windows itself. I have it blocking all of that telemetry from Windows, Dell, RGB Lighting ect. I LOVE it.
i thought fiddler was just browser traffic 😂
Use Linux
My PC is infected with a Bot Net. It's called Windows 10 Pro.
{:o:O:}
the first thing I check in any software is the settings panel to see what telemetry is available. I update using winget so I don't want auto-updating apps, etc. it always helps to check, as well as looking towards the community to find ways to disable/block the telemetry if you can.
"microsoft security feature" - is that an oxymoron? I wouldn't trust Microsoft whatsoever.
if you are not into gaming just use Linux, is too much headache on windows.
Because most of it is normal behaviour I have nothing against tutorials but you do not want to know how often people start digging and on the discord we have to calm the panic. Not that I agree with everything that is collected but in many cases it is for your benefit
bruh, are you hired by trump and biden?
@ No I am not even American and I just told a fact here
@@joepjoep9531 so you must work as overseas in CIA got it
Privacy or not, but...
Is Microsoft PAYING for your connection to the internet? No? You are, right? Why do they get to use it willy nilly?
Did Microsoft buy you a computer? No? Then why do they get to use your resources willy nilly?
Does Microsoft use your hardware? Or is your hardware for you to use?
I own my computer. It belongs to me. Microsoft's windows is just a damned computer program. It should make my computer usable, and then get out of the way. Nothing more. Nothing without my express permission. It shouldn't use my internet connection. It shouldn't decide to run services in the background that are unnecessary for me. It should NOT manage and tell me what I want and tell me what I need.
An operating system should only be there to let you choose your programs to run, and then get out of the way of your purposes. It shouldn't be making you computer whine and run slow just because there was an update or just because Microsoft wanted more money and decided to make your hardware obsolete so you buy a new computer and choose their operating system again.
I use Arch, by the way. It is beautiful, it works, and it doesn't make my fans spin up just idling because Windows is busy trying to figure out how to get me to spend more money and using my computer as a platform for advertisers and commercial interests to use my machine as thier personal billboard display.
Stuff like this is why I left Windows... Thanks Leo!
This is why I quit windows 5 years ago in favour of archlinux
Why does it have to be called Fiddler ffs 😂
FBI open up
LOL Firefix
Ditch windows and Just install linux
Why i use linux 💪
grep
Microsoft server spyware
Was you anecdote about the influential person Tucker Carlson on Lex Fridman podcast by chance?
so umm.. isn't wireshark just better for this?