I see it repeated a lot on the internet that Windows is spying on you, but has there been some analysis on what kinds of packets it sends? I can understand with Home edition, with there being ads included.
I trust Windows Education with group policy settings because I assume that Microsoft wants to respect the wishes of Enterprise and Education customers. I run this setup, and I tried to figure this out myself because I’m curious. I ran Wireshark and at first I tried setting SSLLOGKEYFILE environment variable for my session. I got some routine packets sent to update, component servers. There was still some packets that didn’t decrypt, so I tried to set up mitmproxy and install it’s cert to my Trusted Root CAs. I’m not sure this changed a lot, I didn’t see much different.
I think that some apps verify the cert so it might be impossible to run this kind of analysis on just the packets. But I’m wondering if there’s anything I’m missing! SSLLOGKEYFILE needs the app to respect it, so maybe some things go under the radar.
Maybe this is a little off topic, and I could make another topic.