Subj : windows 10 tracking/updates
To   : all
From : dingo
Date : Fri Sep 08 2017 16:07:00

So I was responsible for setting up a sattalite (hughes) internet link in the
middle of nowhere at a military base, and at 600ms pingtime and 0.5Mbps
upload, bandwidth was hard to come by.

The internet was completely unusable, I could disconnect certain segments of
our network and it would become usable, even in the middle of the night when
nobody was doing anything. I could use tcpdump and analyze the dns queries and
these god damned windows workstations were noisy as hell, so I theorized,
maybe, hey, its updates and telemetry?

Well, to get some hard data, I installed
http://www.ntop.org/products/traffic-analysis/ntop/ onto the egress router (a
pfSense machine), and sure enough, Windows traffic accounted for 80% of our
bandwidth.

So, did you know, that your windows computers share updates with other windows
computers on the internet? Windows Updates work like p2p traffic, torrents or
others, they make dozens of simultanous HTTP gets and upload as well --
completely saturating low-bandwidth links. See article,
http://www.iolo.com/resources/articles/the-bandwidth-hogging-windows-feature-y
ou-need-to-disable/

So for days all employees were sitting at their windows laptops bitching and
moaning that the internet doesn't work, they can't load websites, etc. -- the
final solution was to disable this update setting and set all telemetry to
'basic' across the 20+ machines on-site. And just like that, the internet was
fixed, and everything worked fine.

I also implemented some basic traffic shaping which helps, if any of you folks
are sharing internet across many devices, I would highly recommend the most
basic 'ACK' packet prioritization, http://lartc.org/wondershaper/ -- this
linux project is the first I was aware of it, but the basic theory is simple
and can be implemented on any os (except windows). Anyway, nobody uses windows
as a router anyway.

Anyway, fuck windows, fuck microsoft, really ruined my week, I was supposed to
be writing code, and got tricked into fucking with windows settings all week
to get a working internet. Fuck windows.

--- Enthral BBS 0.700.1 (4.9.35-1-ARCH armv7l GNU/Linux)
 * Origin: haunting The chapel >>--> htc.zapto.org <--<< (46:1/140)

.