Telemetry is defined as system data that is uploaded by the Connected User Experience and Telemetry component on Windows 10. The telemetry data includes information about the device, including the hardware CPU, installed memory, storage, and how it’s configured.
The data is fully encrypted and it allows Microsoft to identify security and reliability issues to analyze and fix software problems when found on your device.
While Microsoft doesn’t allow you to completely disable telemetry collection, you can always delete the diagnostic data Windows has collected about you.
Telemetry is necessary for Windows 10’s development and other companies also rely on telemetry to improve their software. However, some Windows 10 critics see it as a form of “spying” on the part of Microsoft.
Microsoft recently made a change to Windows 10’s built-in antivirus software ‘Windows Defender’ or ‘Microsoft Defender’ that will warn you when you manually try to block telemetry data by editing HOSTS file.
According to Wikipedia, HOSTS file is used to aide the network name resolution i.e map hostnames to IP addresses. After a recent update to Windows 10, Microsoft Defender will specifically check to see if your HOSTS file has been updated to block Microsoft’s telemetry servers.
If you try to edit your hosts file and block telemetry servers, it will trigger a security warning from Windows Defender that will prevent you from making changes.
You’ll notice that your hosts file refused to save and it will get flagged with “SettingsModifier:Win32/HostsFileHijack” in Windows Defender. HostsFileHijack is an important feature that has been around for a while now and it has been designed to block suspicious modifications to the Windows hosts file.
In our testing, when we edited the hosts file to block the common telemetry servers, Windows Defender claimed that our hosts file is infected with “HostsFileHijack”.
This is a severe security risk and you cannot save the updated file unless you click on the allow button.
It’s important to note that hosts are used to infect computers with malware and Microsoft wants you to be sure that the data hasn’t changed. This security feature was introduced to prevent network redirects and other malicious hacking attempts by editing your hosts file.
Microsoft is now using Windows Defender feature to prevent users from blocking telemetry collection by editing their hosts file, which could be due to security or other reasons.
In the past few weeks, Microsoft also made other improvements to Windows Defender, including the introduction of a new feature that will prevent users from editing Registry to disable Windows Defender protection.