Windows is in constant communication with the Internet – in fact, dozens of Windows features send data to and from the Internet. So if you need or want more control over what’s flowing through your data pipes, this blog post will help.
This is not your typical “Microsoft is spying on you” blog post. Instead, we’re here to inform you about what kind of data Windows Vista, Windows 7 and Windows 8 Consumer Preview is sending to the Internet and how to shut it off, if you prefer. In many cases, the communication is actually needed for a proper Windows experience, but in other instances, it may not be totally irrelevant.
Group Policy Editor is Your Friend (OR the Registry)
You’ll find up to 22 communication features in Windows own Group Policy Editor. To open that, hold down the “WIN”-key and press “R”. Then, type in “gpedit.msc” and hit Enter. You’ll find all of the settings under “Computer Configuration\Administrative Templates\System\Internet Communication Management\Internet Communication Settings”.
On the right hand side, you’ll find all of the Windows features that automatically communicate with Microsoft’s web servers or do so upon a specific action. To change the settings of any of these, simply double-click on an item, such as:
Then, select the “Enabled” radio button – in this case, “Enabled” means “Yes, turn off!”
After a restart, the new policy is in effect!
Note to Windows Vista/7 Starter, Home Basic and Home Premium Users
Group Policy Editor is not included in the more consumer-oriented editions of Windows. Don’t fret; there is another route. Microsoft put out a massive Excel-spreadsheet which includes all Group Policies and their accompanying registry values – with this information, you can easily set the settings yourself.
Let’s stick to the example given above. Say, you want to turn off downloading printer drivers over HTTP. In that case, open Excel and all of the settings mentioned can be found below between rows 450 and 477.
Once you scroll all the way to the right, there will be a registry key and value that is responsible for the restriction, like the below example.
Note: If you want to control this setting for all users, go to the “machine” entry. Otherwise, select the “user” entry.
Open up “regedit” (WINKEY+R) and go to the path given above. In this example, I can only get as far as HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT. However, since the path above clearly wants me to set a value in the subkey “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers”, I need to recreate it. To do this, right-click on the last entry in the registry hierarchy (“Windows NT” here), select “New\Key” and type in “Printers”. Next, right-click in the right-hand window, select “New\DWORD key” and name it “DisableWebPnPDownload”. Of course, if both the key and value are already there, you don’t need to do anything. Double-click on the value and type in “1″ to apply the setting!
List of Windows Features that Communicate with the Web (or Over Network)
• Turn off access to all Windows Update features: As the name suggests, this will completely turn off Windows Update – I would never recommend this under any circumstance.
• Turn off Automatic Root Certificates Update: Windows automatically updates the list of root certificates on your computer to the list that is accepted by Microsoft as part of the Microsoft Root Certificate Program. This enhances security for local files and online.
• Turn off downloading of print drivers over HTTP: This allows Windows to look for printer drivers over HTTP connections – usually, this only applies to corporate networks.
• Turn off Event Viewer “Events.asp” Links: Event viewer is capable of connecting to the web, which helps you look up a certain Windows event (error, warning…). If you don’t want this, you can disable it.
• Turn off Help and Support Center “Did you know?” content and Turn off Help and Support Center Microsoft Knowledge Base search: This allows Help and Support to connect to the web and give you more content.
• Turn off Internet download for Web publishing and online ordering wizards: This disables all integrated online printing services in Windows.
• Turn off Internet File Association service: This allows you to look up an unknown file location and find the accompanying program.
• Turn off printing over HTTP: This turns off corporate printing via HTTP connections.
• Turn off Registration if URL connection: This is referring to Microsoft.com. It allows Windows to use the Internet Connection Wizard to get a list of possible Internet Service Providers.
• Turn off handwriting recognition error reporting: If you’re using a tablet, Windows can be set up to send handwriting statistics back to Microsoft.
• Turn off access to the Store: This disables the Windows Store in Windows 8.
• Turn off the “Order Prints” picture task: This disables the online photo services in Windows.
• Turn off the “Publish to Web” task for files and folders: This prevents users from transferring files to any of the supported web services in Windows.
• Turn off the Windows Messenger Customer Experience Improvement Program: This disables any sort of error reports to Microsoft regarding Windows Messenger.
• Turn off Windows Customer Experience Improvement Program: This disables the sharing of Windows usage statistics with Microsoft (which should be disabled by default).
• Turn off Windows Error Reporting: In case Windows crashes, Microsoft receives an error report (if you choose to send it). By turning on this setting, the dialog box will never appear.
• Turn off Windows Network Connectivity Status Indicator active tests: Once a connection to a router has been established, Windows tests the internet connection by pinging a Microsoft server. If you don’t want this, disable it.
• Turn off Windows Update device driver searching: This prevents Windows from looking up drivers when finding Windows Updates.
Again, none of these features have been known to spy on users. However, if you want to have full control over all in- and outgoing connections, this guide is the way to go.