Reading @Kyle_Rankin’s recent post, the following question came to mind: since Windows 10 has a linux operating system attached to it. Would it be possible to install OpenSntich on the linux system inside Windows 10 in order to stop Microsoft from snooping on that machine?
The only Linux I’m aware of in windows 10 where this is partially possible is WSL, which sits inside of Windows not the other way around. There is of course hyper-v and running a Linux VM but this would also be inside windows so the network traffic would flow from Linux to windows not the other way around making this kind of thing impractical.
With that said, I’m sure there are similar utilities that could be fun directly in windows; and for the truly paranoid you could set up a network proxy, and snitch there with an intentional mitm of all your own ssl connections via one of the methods that allow ssl decrypt.
Sygate Personal Firewall had a free version that I used to use reflexively on Windows XP. Then Symantec bought it, integrated/buried it in Symantec Endpoint Protection and never released a version that would run newer Windoze.
I’ve heard of Open Snitch, but it has only recently become ready for prime time on Linux. Looking forward to trying it soon.
But why are you asking it here and not in the discussion of that article? New Post: Snitching on Phones That Snitch on You
Because I missed that thread. Sorry I take it there. Thanks.
I was thinking of WSL, but I didn’t know the relationship between Windows and Linux. If fact another way of rephrasing my question would have been ‘What is the relationship between Windows 10 and WSL?’
I would imagine that it would also be possible then for vm’s running inside QEMU on, say, PureOS.
Off the thread, but the reason for putting linux inside windows led me to wonder if MS is trying to gut windows and replace it with linux. It would certainly make financial sense to do that.
Just imagine all the ticked-off customers if all their Windows-based software stopped working, though…especially gaming applications!
Still, I’m sure Microsoft didn’t incorporate Linux into Windows just out of the goodness of their heart. There must be some nefarious motive.
My belief is it was because MS was getting their butts kicked in the cloud space, and were afraid developers would start using Linux to develop for that platform. By incorporating WSL, the developers don’t have to leave Windows eco-system.
That’s my guess anyway. I really don’t know, though.
I use Tinywall on Windows. WSL2 exposes all process to the host machine. I know this because I see things like http, curl, and various Linux apps that I’m running show up in the connection list there.
Honestly if you are using Windows and are worried about things like this, use Tinywall and WPD. I have verified outbound traffic on my network and those things work. Nothing gets out that you don’t explicitly let out.
i for one would be very interested in HOW you verified …
There are many ways to capture network traffic. Are you looking for how it was done in that specific case or just guidance on packet capturing (sometimes referred to as sniffing) in general?
This can be done by putting the sniffer on-line or by using the network equipment to mirror the data to your port for capture. Some network devices will even allow you to do a network capture locally.
The first time I installed a Windows VM inside of Linux was quite refreshing. For the first time, Windows was just another application that runs in the Linux operating system. You control what comes in and what goes out. You can minimize it so you can’t even see it if you want to. You can shut it down and keep going when not needing it. I would work with letting your snitch run under that Linux environment, to snitch on, and limit what Windows is allowed see and do. Put Bill in his box and put the box away when you’re not using it. Use a real operating system most of the time, and exercise full control over Windows when you must use it.
I know this is a little off topic and I’m sorry, but windows was originally an application that ran on DOS.
This does make me wonder if I could run something similar in DOS to snitch on an old version of windows, though the older versions of windows didn’t have much (any?) telemetry to snitch on.
I would guess they had none. The internet was not wide spread back then.
I guess that my main point was, that whether it’s DOS with a Windows environment wrapped around it, or just plain DOS, or Windows 10, the first time you run it inside of a virtual machine, you realize that suddenly you’re in control. Windows (whatever version you’re running) becomes little more than just another program that runs under Linux. You can still run all of your Windows programs and then when you’re done, you put Bill back in his box where he belongs and turn Windows completely off, without losing everything your PC has to offer you.
both could be useful and not ONLY to me i imagine …
let me edit my original sentence and put a stronger emphasis …