Microsoft has responded to criticisms over the amount of data many users fear Windows 10 exfiltrates by publishing all the various endpoints the operating system connects with.
The website is part of Microsoft's General Data Protection Regulation (GDPR) compliance and forms part of a 438-page document (PDF).
The document "lists different endpoints that are available on a clean installation of Windows 10, version 1709 and later" and offers ways in which users can manage or block the various connections that Windows 10 routinely makes in the background.
However, Dani Halfin, one of the developers at Microsoft behind the work admitted that "the list isn't exhaustive", but added that "it does give a good overview for services being reached on an idle device".
Nevertheless, the output show that, for example, Explorer connects to a Microsoft weather service for the OneNote Live Tile. The remedy, for people who don't want this is either to uninstall OneNote or to disable the Microsoft Store.
Intriguingly, perhaps, Explorer also connects to various Facebook domains, out of the box, for different Facebook updates, although the Facebook app can be uninstalled to prevent this. Candy Crush, which is also bundled with Windows 10 as standard, is also quite chatty. Again, this can be uninstalled or users can disable the Microsoft Store.
Some connections, though, can't be blocked, or switched off with uninstalls, such as the Automatic Root Certificates Update component that checks on the list of trusted authorities on Windows Update to see whether an update is available. Likewise, Device Authentication.
Contrary to Windows 10 settings, though, which only restricts the sending of Feedback and Diagnostic data to ‘basic', the article suggests that it is possible to switch this feature off entirely.
Windows Update, meanwhile, is probably the most data hungry of the Windows 10 components, with multiple different endpoint connections to deliver updates.
For users wishing to test the results themselves, Microsoft also published its methodology:
Set up the latest version of Windows 10 on a test virtual machine using the default settings;
Leave the devices running idle for a week (user is not interacting with the system/device);
Use globally accepted network protocol analyser/capturing tools and log all background egress traffic;
Compile reports on traffic going to public IP addresses.
The test virtual machine, according to Microsoft, was logged-in using a local account and was not joined to a domain or Azure Active Directory.
Latest Tesla news: Tesla stock price tanks amid reports of 'widening probe' by SEC and claims the base Model 3 loses money
SEC 'probe' takes its toll on Tesla as new research suggests that Tesla loses $6,000 on every $35,000 Model 3
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC
'Notorious' Australian child hacker thought he had executed 'flawless' hack
The former employee says that Tesla fired him for bringing the accusations to management internally