Folgen

Text entered into Windows' Run dialogue gets sent to Microsoft's telemetry - twitter.com/netresec/status/14

· · feed2toot · 6 · 30 · 14

@hackernews I feel some someone can make a bot to exploit this for the lols.

@hackernews How nice of them to send it in cleartext. I'm sure ISPs appreciate that.

@saramg @hackernews It's really weird though, how are they using HTTP2 on port 80 in clear text? Why is it HTTP2 then?

@penny @hackernews @saramg from the comments it seems that it also does not actually apply to WinR and only applies to the text entered in the start menu... and the request on this screenshot looks like a search request rather than telemetry (it literally mentions "AppName=SmartSearch").

So my guess is that there is some mess-up in the original tweet, the data is actually encrypted, and it is just start menu performing a web search (as it is supposed to do), not Windows telemetry sending text entered into WinR

@hackernews 204.79.197.200 seems to belong to Bing and ‘Smart Search’ is the codename/whatever of Windows's integrated web search

Given “IsQuery=false” I'd say that looks a lot like it's fetching search suggestions for the search box (so not Win-R and not telemetry)

Do wonder why this is in plaintext though

@hackernews The only thing I ever type into the "run dialog" is "cmd", where I run my actual command.

I've been doing this since the Windows 95 days, because the run box there used to save whatever you type in a history that was hard to get rid of, and I've been setting up computers for public use for a very long time.

Melde dich an, um an der Konversation teilzuhaben
Die PARTEI Mastodon

Mastodon ist ein soziales Netzwerk. Es basiert auf offenen Web-Protokollen und freier, quelloffener Software. Es ist dezentral (so wie E-Mail!).