That would work for anything MS considers diagnostic data, but that is not a com... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		nehal3m on Feb 9, 2023 \| parent \| context \| favorite \| on: Windows 11: a spyware machine out of users' contro... That would work for anything MS considers diagnostic data, but that is not a complete picture of what it's sending and why.

smileybarry on Feb 9, 2023 [–]

Couple that with monitoring the vast amount of ETW logging providers Windows gives you, and you'll see why. E.g.: the WinHTTP provider of who (PID) contacted where including URL, DNS ETW for lookups and who (PID), etc.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact