Lockdown makes us try a few things. In my case, it was my long last dream of wanting to setup a Pi-hole at home. I had a Raspberry Pi 2 lying at home so quickly installed 32 bit Ubuntu on it and setup the Pi-hole. It was rather painless install and everything worked so seamlessly. Definitely one of the well written pieces of software.
Now comes the intresting part, my home has a couple of Macs, a couple of NAS and Amazon prime stick and Google Chromecasts. There are no Windows PCs in my home ( We will come to why this is significant later). So after installation one thing I noticed that other Pcs and phones in the home had far fewer ads. When I checked the Pi-hole console after 24, the numbers were pretty impressive (or scary)
20% of all my traffic was worth blocking and nobody in my household complained of a bad website. Prefect so far! So now what are the top offenders? ie. the domains that had the maximum amount of hits and they were blocked by Pi-hole?
3 out of top 5 blocked sites were Microsoft.com domain. Now what could be causing this ? I Didnt have a Windows PC in my home so a quick search for the mobile.pipe.aria domain on the internet gave me a nice page of Network requests in Office where all these details were nicely documented. Now interestingly mobile.pipe.aria.microsoft.com is telemetry data for OneNote. I dont use OneNote and I us microsoft office my Mac where I use Word, Excel and Powerpoint. So this OneNote telemetry is a mystery and should never happen. Let us hope Microsoft will update their site sometime soon.
The next in line was Dropbox. There is really no information out on the web on what is Dropbox telemetry and why is it tracking us as well.
I think this traffic analysis will get more interesting as time goes by. Will keep posting what I find. In the meanwhile let me leave you with this thought. If Just office can generate so much telemetry, imagine the combination of Windows + Office? I wonder who is paying for all that bandwidth and wasted CPU cycles.