<

Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x

Windows 10 uses YOUR computer to help distribute itself

Published on
14,994 Points
2,894 Views
51 Endorsements
Last Modified:
Joe Winograd, EE MVE 2015&2016
50+ yrs in computer industry. Everything from programming to sales. OS kernel dev on mainframes. CIO. Document imaging. EE MVE 2015 & 2016.
In a recent article here at Experts Exchange, I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to running Nuance's PaperPort 14.5. I received a private message from a fellow PaperPort user who read the article asking me if I'm aware that Windows 10 is using my computer to help distribute itself. I was not aware of it!

Perhaps I missed this during my nine-month experimentation with the W10 Technical Preview, or maybe Microsoft added that feature only in the official release (Build 10240), but when I checked it out, it is true. I was very surprised to find that W10 is, in essence, using my PC as a peer-to-peer server in distributing updates and apps, and I figured that other Experts Exchange members may also not be aware of it. So I decided to write this article, which also shows how to disable it.

Sidebar:  During the article review process, an EE Page Editor (MASQ) pointed out that this feature was introduced in March with Build 10036 — I did, indeed, miss it! My thanks to MASQ for this information, and for providing a link to Leaked Windows 10 build hints at peer-to-peer patching, an interesting article about it in The Register.

First, I'll explain how to find the feature (the screenshots in this article are from Version 10.0, Build 10240, created via an automatic update from the Technical Preview version of the Windows Insider Program):

Start menu
Settings
Update & security
Windows Update
Advanced options
Choose how updates are delivered


After those steps, you will get this dialog:

Choose-how-updates-are-delivered.jpg
As you can see, the default is On for downloading Windows updates and apps from other computers, and for using your computer to send Windows updates and apps to other computers — and there's an option for those other computers to be only on your local network or, believe it or not, on the Internet!

Note the Learn More link in the screenshot above. It takes you to a page with the clever title of Windows Update Delivery Optimization: FAQ. So Microsoft is telling us that

Windows Update Delivery Optimization lets you get Windows updates and Windows Store apps from sources in addition to Microsoft. This can help you get updates and apps more quickly if you have a limited or unreliable Internet connection. And if you own more than one PC, it can reduce the amount of Internet bandwidth needed to keep all of your PCs up-to-date. Delivery Optimization also sends updates and apps from your PC to other PCs on your local network or PCs on the Internet.
This also confirms what I observed above, namely, that the so-called Delivery Optimization setting defaults to On — and for all editions of W10! There is, however, one important difference in the various W10 editions, i.e., Enterprise and Education have only the local network option on by default, while all other W10 editions have your local network and PCs on the Internet on by default.

Disabling it is a simple matter of clicking the blue On button, which toggles it to Off:

Delivery-Optimization-OFF.jpg
Or you may leave it on, but tick the PCs on my local network radio button rather than the PCs on my local network, and PCs on the Internet radio button.

I'm not going to weigh in on the merits of this feature. Since learning about it, I've read many opinions on the web, and perhaps this article will spur a lively discussion here at EE. Some folks are worried about getting malware on their PCs from this feature, other folks say that it is not possible to do so. Some folks like the idea that they are not totally dependent on the (possibly slow and bogged down) Microsoft servers for updates and apps, while others say that it is not worth the hit to their own network bandwidth. Interesting food for thought.

If you find this article to be helpful, please click the thumbs-up icon below. This lets me know what is valuable for EE members and provides direction for future articles. Thanks very much! Regards, Joe
51
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 55

Author Comment

by:Joe Winograd, EE MVE 2015&2016
I recently received the following private message (trimmed):
Whoa! I just upgraded to Win10 and had no idea that it is doing this. Thank you very much for the article. You briefly mentioned getting malware on the PC from this, due to unknown sources on the Internet. Can you tell me more about that? How big is the risk?
The reader did not want to post the question himself, but he gave me permission to post it on his behalf (as long as I didn't mention his name). This was my reply to him (also trimmed):
I am not an expert in the technology being used for what is now going by the acronym WUDO (Windows Update Delivery Optimization). I do know that it is a torrent-like, peer-to-peer capability that uses a manifest, which is a cryptographically-signed list (hence, supposedly secure) of all the files being delivered. The conventional wisdom (which I obtained, of course, on the web) seems to be that the manifest is secure, unable to be compromised by the bad folks. But others are skeptical, pointing out that some bad folks are extremely smart!

Thanks for your permission to post this at Experts Exchange (I will not use your name). There are certainly experts at EE who know a lot about security/malware issues. Let's hope they jump in to share their knowledge.
So, any experts out there willing to provide your thoughts on this? Thanks, Joe
0
 
LVL 30

Expert Comment

by:Thomas Zucker-Scharff
This is just my opinion, so please take it as such.  Although I am not a "Security Expert" it is what I do a lot of.  Windows 10 has some particular problems when it comes to security.  Some of which Joe has addressed.  II highly recommend editing the privacy settings and registry to lock Windows 10 down.  by far the easiest way to do this is to use a program like DoNotSpy10, but beware, it carries a payload of adware.  Read my article before trying to download or install (do not try to download with the edge browser).

I generally do not trust torrents, nor any peer to peer clients.  I would disable this feature and, as Joe said, only trust the computers on your local network at best (even that may be chancy).  There is a trend towards building in more "spy" features on all internet capable devices (many of the new Samsung SmartHub TVs have a hidden camera that can be turned on remotely and the 40+ page EULA for SmartHub says explicity that Samsung may collect audio and visual feeds from your television).

So lock everything down and then some.
0
 

Expert Comment

by:Pat Clancy
As far as I'm concerned as soon as you tell someone (particularly the bad someone) that they can't do something such as finding a hole in a system you know they're going to try. Remember when Microsoft said that Windows 7 was the most secure ever? Then of course windows 8 was even more secure.

I think that if someone or something created the manifest then no doubt someone or something will be able to figure out how to break into it.

Thank you for the article I would recommend to all my clients to turn that little feature off.

I agree lock everything down.
0
Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

 
LVL 55

Author Comment

by:Joe Winograd, EE MVE 2015&2016
Tom and Pat,
Thanks to both of you for those comments — good stuff! Regards, Joe
0
 

Expert Comment

by:MtHolly
So, does turning off WUDO "Updates From More Than One Place" stop my system from distributing Windows 10 and updates?  Or, just stop it from getting updates from unknown sources?
0
 
LVL 55

Author Comment

by:Joe Winograd, EE MVE 2015&2016
Hi MtHolly,
Turning it off does both — (1) stops your system from getting updates and apps from other PCs (meaning it gets them just from Microsoft) and (2) stops your system from distributing/sending updates and apps to other PCs. Regards, Joe
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Join & Write a Comment

Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month