Hlavní navigace

Windows 10: analýza probíhající komunikace

7. 9. 2015
Doba čtení: 67 minut

Sdílet

Několik dní se setkávám, jak na webu tak osobně, s velmi emotivními posuzováním systému MS Windows 10 ve vztahu k důvěrnosti dat. S ohledem na diskuzi, která se zaměřuje spíše na domněnky než argumenty, jsem se rozhodl vytvořit tento článek, jehož cílem je detailnější analýza chování systému.

Testovací prostředí

Konfigurace serveru (Debian Jessie 8.1.0)

  • IPtables (routing a log)
  • Burb proxy 1.6.01 (http a https proxy s důvěryhodným certifikátem pro MiTM)
  • Wireshark 2.99.8 (odchycení veškeré komunikace – pro případ komunikace na jiných portech a v rámci jiných protokolů)

Systém Windows 10 je čerstvě nainstalován na MS Surface Pro 2. jedná se o Microsoft Windows 10 Pro verze 10.0 a sestavení 10240. Analýza je zaměřena na přenášená data a je tedy aktivní MS účet spolu s nastaveným OneDrive.

Surface Pro 2 je připojen ethernetovým kabelem, připojen k serveru s Debianem (2 NIC – jedna pro LAN, kde je jen Surface, a druhá do internetu), který funguje jako router a http/https proxy a sniffer. Tím jsme s to odchytit veškerou komunikaci odcházející z LAN – sniffer a proxy běžely po celou dobu testování (tedy zachycena i komunikace před prvním spuštěním apod.)

Jak je vidět, neuvádím všechny kategorie nastavení. Důvod je ten, že pro určité kategorie nejsou nainstalovány žádné aplikace vyžadující tato data – Informace o účtu; Zprávy; Radiostanice – tyto kategorie jsem ale nechal v režimu „Zapnuto“.

Testování probíhalo 4 dny. Pro ověření, zda, a případně jak, nám samotný systém W10 neposkytuje všechny informace o zasílaných datech, jsem pro poslední testovací den ještě nainstaloval na W10 OWASP Zed Attack Proxy – zde si dovolím drobnou poznámku: windows blokuje komunikaci takzvaných „Immersive“ aplikací (tedy aplikace typy „Metro“) s lokálním rozhraním – tyto aplikace, spolu s IE11 (pro plochu) běží v rámci izolovaných procesů „AppContainers“ a je tedy, chcete-li si systém otestovat sami na lokále a nakonfigurovat proxy správně, nutné nastavit NetIsolation.

S ohledem na šířící se informace o rozdílném chování W10 ve virtualizovaném prostředí jsou všechny prvky infrastruktury nainstalovány přímo na hardware.

Pozn.: Vzhledem k délce a rozsahu testování, spolu s množstvím získaných dat, jsou některé záznamy zkráceny (nepodstatné odpovědi serverů, v zásadě redundantní komunikace, velmi dlouhé autentizační tokeny) a některé anonymizovány (díky připojení MS účtu – předkládám pro úplnost veškerou zachycenou komunikaci).

Start systému

Při prvním startu systému (chová se tak jak při úplně prvním startu tak i kdykoli následně) nejprve systém Windows 10 ověří, zda má konektivitu do Internetu. Systém Windows 10 toto ověření provádí skrze službu „Network Awareness“, která kontaktuje pomocí čistého HTTP server www.msftncsi.com:

GET www.msftncsi.com/ncsi.txt HTTP/1.1
Connection: Close
User-Agent: Microsoft NCSI
Host: www.msftncsi.com 

Jestliže je odpovědí „200 OK“ (tedy stáhneme soubor ncsi.txt – Network Connection Status Indicator), považuje systém připojení k Internetu funkční:

HTTP/1.1 200 OK
Content-Length: 14
Date: Mon, 24 Aug 2015 15:57:39 GMT
Connection: close
Content-Type: text/plain
Cache-Control: max-age=30, must-revalidate

Microsoft NCSI 

Pozn. toto ověření probíhá i pro ipv6.msftncsi.com/ncsi.txt.

Dále dochází k připojení k PKI repozitářům Microsoftu:

GET http://mscrl.microsoft.com/pki/mscorp/crl/mswww(6).crl HTTP/1.1
Cache-Control: max-age = 6508
Accept: */*
If-Modified-Since: Fri, 29 May 2015 20:35:36 GMT
If-None-Match: "05c5c44f9ad01:0"
User-Agent: Microsoft-CryptoAPI/10.0
Connection: Keep-Alive
Host: mscrl.microsoft.com 

Odpověď:

HTTP/1.1 304 Not Modified
Accept-Ranges: bytes
Cache-Control: max-age=6482
Date: Mon, 24 Aug 2015 13:14:58 GMT
Etag: "05c5c44f9ad01:0"
Last-Modified: Fri, 29 May 2015 20:35:36 GMT
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Server: ECAcc (ory/42E4)
VTag: 791155727900000000
X-Cache: HIT
X-Powered-By: ASP.NET 

a následuje případné automatickému stažení aktualizací revokovaných certifikátů (to se děje následně pomocí stažených archivů disallowedcertstl.cab, authrootstl.cab, resp. pinrulesstl.cab):

GET http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?9df934ef5e391194 HTTP/1.1
Accept: */*
If-Modified-Since: Tue, 24 Mar 2015 16:17:41 GMT
If-None-Match: "804047d4e66d01:0"
User-Agent: Microsoft-CryptoAPI/10.0
Connection: Keep-Alive
Host: ctldl.windowsupdate.com 

V případě, že nedošlo ke změně, server vrací „Not Modified“:

HTTP/1.1 304 Not Modified
Content-Type: application/octet-stream
Last-Modified: Tue, 24 Mar 2015 16:17:41 GMT
ETag: "804047d4e66d01:0"
Cache-Control: max-age=86400
Date: Mon, 24 Aug 2015 13:14:58 GMT
Connection: keep-alive 

Je-li změna registrována, dochází ke stažení archivu:

GET http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/pinrulesstl.cab?06e8f85b10f9be61 HTTP/1.1
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Connection: Keep-Alive
Host: ctldl.windowsupdate.com 

Odpověď:

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Last-Modified: Tue, 21 Jul 2015 19:45:53 GMT
Accept-Ranges: bytes
ETag: "806e3fdaedc3d01:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 7451
Date: Mon, 24 Aug 2015 13:14:58 GMT
Connection: keep-alive

MSCF__,____I__]BFI\ pinrules.stl
G_]BCK[wX_YO^V0a*XA_"
C2@$dBQ\ *_+DPAW"_PQVQu3    %qqe}{?p{9w&{_]>/_Y'5ɐ_A9R)4_(Op_]'_kZ_j5;_
`hK__IR_$__v$_Ck_kH$_E\}#_S__tw 7_rݺ)݂J}C__p._09,#a|_-
P *L_ _z
oȹ,_r=(7Q&2__j,8<ŗ_
.
.
.
.
h(#__k@_KD__|}_4P__ 

Pozn. Ona „změť“ znaků poté odpovídá archivu pinrulestl.cab, který obsahuje certifikát pinrules.stl (ověřeno).

Poté dochází, tedy ještě před přihlášením, překvapivě k aktualizaci dat aplikacích livetile („Metro“ aplikace). Aktualizace aplikace „Sport“:

GET /singletile/summary/alias/experiencebyname/today?market=cs-CZ&tenant=amp&vertical=sports HTTP/1.1
Connection: Keep-Alive
User-Agent: Microsoft-WNS/10.0
Host: cdn.content.prod.cms.msn.com 

Odpovědí je poté:

<?xml version="1.0" encoding="utf-8"?><tile><visual addImageQuery="true" baseUri="http://img-s-msn-com.akamaized.net/tenant/amp/entityid/"><binding template="TileMedium" branding="nameAndLogo" hint-overlay="50"><image placement="background" src="BBm323R.img?w=100&h=100&m=6&tilesize=medium&x=944&y=332" /><text hint-wrap="true">Berahino will hand in transfer request to secure Spurs move</text></binding><binding template="TileWide" branding="nameAndLogo" hint-overlay="50"><image placement="background" src="BBm323R.img?w=204&h=100&m=6&tilesize=wide&x=944&y=332" /><text hint-style="body" hint-wrap="true">Berahino will hand in transfer request to secure Spurs move</text></binding><binding template="TileLarge" branding="nameAndLogo" hint-overlay="50"><image placement="background" src="BBm323R.img?w=204&h=204&m=6&tilesize=large&x=944&y=332" /><text hint-style="subtitle" hint-wrap="true">Berahino will hand in transfer request to secure Spurs move</text></binding></visual></tile> 

Jak je možné pozorovat, LiveTiles aktualizace neprosakují v hlavičce v podstatě žádná relevantní data. Jsme li u LiveTiles a mnohokrát všude zmiňovaných telemetrických údajů, krásným příkladem je aplikace MSN Počasí, která sice pro pouhé poskytování informací o počasí data v zásadě nevyžaduje:

GET http://service.weather.microsoft.com/cs/weather/forecast/daily/49.95,17.87?units=C®ion=CZ&nl=true&appId=3CDAA343-A116-43BF-93EF-7B13D232AE7C&formcode=WTHRST&Client-AppVersion=4.4.200.0 HTTP/1.1
Accept-encoding: gzip
User-Agent: X-Client/AppexWin8Microsoft.BingWeather X-Client-AppVersion/4.4.200.0
Host: service.weather.microsoft.com
Connection: Keep-Alive 

Odpověď (zkráceno):

{"responses":[{"weather":[{"days":[{"daily":{"day":{"cap":"Polojasno","pvdrCap":"Polojasno","pvdrWindDir":"","pvdrWindSpd":"","icon":3,"pvdrIcon":"3","precip":70.0,"wx":"","sky":"SCT","windDir":210,"windSpd":22.0,"summary":"Očekáváme polojasno. Bude teplo, denní maximum 22. Odpoledne očekáváme déšť."},"night":{"cap":"Skoro jasno","pvdrCap":"Skoro jasno","pvdrWindDir":"","pvdrWindSpd":"","icon":29,"pvdrIcon":"29","precip":0.0,"wx":"","sky":"FEW","windDir":238,"windSpd":10.0,"summary":"Bude skoro jasno. Venku bude poměrně chladno, nejnižší teplota 11."},"pvdrCap":"Polojasno","pvdrWindDir":"","pvdrWindSpd":"","valid":"2015-08-25T00:00:00+02:00","icon":3,"pvdrIcon":"3","precip":0.0,"windMax":24.0,"windMaxDir":199,"rhHi":85.0,"rhLo":47.0,"tempHi":22.0,"tempLo":11.0,"uv":3.0,"uvDesc":"Střední","created":"2015-08-25T18:44:44.9455159+02:00"},"almanac":{"valid":"2015-08-25T00:00:00+02:00","sunrise":"2015-08-25T05:52:19+02:00","sunset":"2015-08-25T19:47:52+02:00","sunState":"","moonrise":"2015-08-25T16:30:28+02:00","moonset":"2015-08-25T00:50:49+02:00","moonState":"1","moonPhase":"Dorůstající měsíc","moonPhaseCode":"WxGi"}},{"daily":{"day":{"cap":"Jasno","pvdrCap":"Jasno","pvdrWindDir":"","pvdrWindSpd":"","icon":1,"pvdrIcon":"1","precip":0.0,"wx":"","sky":"CLR","windDir":213,"windSpd":7.0,"summary":"Očekává se jasná obloha. Bude teplo, denní maximum 24."},"night":{"cap":"Polojasno","pvdrCap":"Polojasno","pvdrWindDir":"","pvdrWindSpd":"","icon":30,"pvdrIcon":"30","precip":0.0,"wx":"","sky":"SCT","windDir":200,"windSpd":12.0,"summary":"Bude částečně oblačno. Venku bude poměrně chladno, nejnižší teplota 12."}
.
.
CZ/ct49.9384575,17.9038467?ctsrc=WTHRST"}}],"units":{"system":"Metric","pressure":"mb","temperature":"°C","speed":"km/h","height":"cm","distance":"km","time":"s"},"copyright":"Copyright © 2015 Microsoft and its suppliers. All rights reserved. This API cannot be accessed and the content and any results may not be used, reproduced or transmitted in any manner without express written permission from Microsoft Corporation."} 

Ale pro personalizaci ji některá data posíláte, spolu s ostatními podobnými aplikacemi do kolektoru dat:

POST https://pipe.skype.com/Collector/3.0/ HTTP/1.1
Accept: */*
User-Agent: XHR HttpStack/15
Client-Id: NO_AUTH
Connection: Keep-Alive
Content-Type: application/bond-compact-binary
Expect: 100-continue
x-apikey: 1b3a1d1c39134972b576ab82ba5ded27-45a5dc1a-ea56-489a-aa13-af431f7aaba2-6602
Accept-Encoding: gzip, deflate
Host: pipe.skype.com
Content-Length: 4999
Cache-Control: no-cache

+
_)_ClientI MSNAppsi
local.0.0.0.0       _
service_id_1 #a49669b4-3d49fc7f-14b38d17-58039329 _̤   S  _ _
_)#dbe0076b-80c27649-9f5b73a8-dc1b05a5q     S       _
AppInfo.Id$a80d56d5-b2c1-4aef-83d2-aa42852f78f7_AppInfo.Version 4.4.200.0_Custom.AppLanguage_cs_Custom.AppPublisherPCN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US Custom.DisplayCurrentOrientation   Landscape_Custom.DisplayNativeOrientation   Landscape_Custom.Domain.MsnContent.IsProd_True_Custom.Domain.MsnContent.Market_CS-CZ!Custom.Domain.MsnContent.Vertical
WeatherApp_Custom.UserRegion_Česká republika_Custom.cv.Product    Threshold
Custom.cvs_App
DeviceInfo.Id&{b3f9f322-6e27-4bb1-816e-372ecab6a7a0}_DeviceInfo.NetworkCost_1_DeviceInfo.NetworkType_1_DeviceInfo.OsBuild_10.0.10240.16405_DeviceInfo.OsName Windows_DeviceInfo.OsVersion_10.0_HardwareInventory.HasDigitizer_1_HardwareInventory.HasKeyboard_1_HardwareInventory.HasMouse_1_HardwareInventory.HasTouch_1$HardwareInventory.OsArchitectureType_2!HardwareInventory.ScreenHeightDPI_207 HardwareInventory.ScreenWidthDPI_207
UserInfo.Id 2CF0EDC0DC624FAA88F29E80D74E4C4B_UserInfo.Language_cs_UserInfo.TimeZone_+02:00_WindowSizeChange.Height_600_WindowSizeChange.Width_600 _PageView __MSNApps_PageView_impr
        _#Custom.Domain.MsnContent.Department_LabelForecastTab&Custom.Domain.MsnContent.SubDepartment_LabelForecastTab
Custom.evt_impr
Custom.isCPV_True_Custom.scrollable_True_EventInfo.InitId#88978bd7-e834e42b-8217e046-b8c8b224_EventInfo.Name_impr_EventInfo.Sequence_1_PageView.Category
VerticalHP
PageView.Id$a1c54954-a6f2-4cde-9e36-d45378c8ed9a
PageView.Name_LabelForecastTab_sct_sent_count_0 sct_sent_failure_and_retry_count_0_sct_session_id#1113f7d6-1504d578-cc3367eb-60acca2b _     _ node_id_11576423446165810817 _
_i
1000/1.8.0.1 _
_
_   _
_  _
_  )#eaae5176-689921a5-18d6cc6a-e39e3d76q     S         _
AppInfo.Id$a80d56d5-b2c1-4aef-83d2-aa42852f78f7_AppInfo.Version 4.4.200.0_Custom.AppLanguage_cs_Custom.AppPublisherPCN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US Custom.DisplayCurrentOrientation   Landscape_Custom.DisplayNativeOrientation   Landscape_Custom.Domain.MsnContent.IsProd_True_Custom.Domain.MsnContent.Market_CS-CZ!Custom.Domain.MsnContent.Vertical
WeatherApp_Custom.UserRegion_Česká republika_Custom.cv.Product    Threshold
Custom.cvs_App
DeviceInfo.Id&{b3f9f322-6e27-4bb1-816e-372ecab6a7a0}_DeviceInfo.NetworkCost_1_DeviceInfo.NetworkType_1_DeviceInfo.OsBuild_10.0.10240.16405_DeviceInfo.OsName Windows_DeviceInfo.OsVersion_10.0_HardwareInventory.HasDigitizer_1_HardwareInventory.HasKeyboard_1_HardwareInventory.HasMouse_1_HardwareInventory.HasTouch_1$HardwareInventory.OsArchitectureType_2!HardwareInventory.ScreenHeightDPI_207 HardwareInventory.ScreenWidthDPI_207
UserInfo.Id 2CF0EDC0DC624FAA88F29E80D74E4C4B_UserInfo.Language_cs_UserInfo.TimeZone_+02:00_WindowSizeChange.Height_600_WindowSizeChange.Width_600
CustomEvent __MSNApps_CustomEvent_client_perf
    _#Custom.Domain.MsnContent.Department_LabelForecastTab&Custom.Domain.MsnContent.SubDepartment_LabelForecastTab
Custom.evt
client_perf_Custom.perfctrname  AppLaunch_Custom.perfctrvalue_2795  Custom.pn_LabelForecastTab  Custom.pt
VerticalHP
Custom.rid$a1c54954-a6f2-4cde-9e36-d45378c8ed9a_EventInfo.InitId#88978bd7-e834e42b-8217e046-b8c8b224_EventInfo.Name
client_perf_EventInfo.Sequence_2_sct_sent_count_0 sct_sent_failure_and_retry_count_0_sct_session_id#1113f7d6-1504d578-cc3367eb-60acca2b _       _ node_id_11576423446165810817 _
_i
1000/1.8.0.1 _
AppInfo.Id$a80d56d5-b2c1-4aef-83d2-aa42852f78f7_AppInfo.Version 4.4.200.0_Custom.AppLanguage_cs_Custom.AppPublisherPCN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US Custom.DisplayCurrentOrientation   Landscape_Custom.DisplayNativeOrientation   Landscape_Custom.Domain.MsnContent.IsProd_True_Custom.Domain.MsnContent.Market_CS-CZ!Custom.Domain.MsnContent.Vertical
WeatherApp_Custom.UserRegion_Česká republika_Custom.cv.Product    Threshold
Custom.cvs_App
DeviceInfo.Id&{b3f9f322-6e27-4bb1-816e-372ecab6a7a0}_DeviceInfo.NetworkCost_1_DeviceInfo.NetworkType_1_DeviceInfo.OsBuild_10.0.10240.16405_DeviceInfo.OsName Windows_DeviceInfo.OsVersion_10.0_HardwareInventory.HasDigitizer_1_HardwareInventory.HasKeyboard_1_HardwareInventory.HasMouse_1_HardwareInventory.HasTouch_1$HardwareInventory.OsArchitectureType_2!HardwareInventory.ScreenHeightDPI_207 HardwareInventory.ScreenWidthDPI_207
UserInfo.Id 2CF0EDC0DC624FAA88F29E80D74E4C4B_UserInfo.Language_cs_UserInfo.TimeZone_+02:00_WindowSizeChange.Height_600_WindowSizeChange.Width_600
AppLifeCycle __MSNApps_AppLifeCycle
            _AppLifeCycle.State_1
Custom.evt_launch_Custom.launchSource_Normal_EventInfo.InitId#88978bd7-e834e42b-8217e046-b8c8b224_EventInfo.Name
AppLifeCycle_EventInfo.Sequence_3_sct_sent_count_0 sct_sent_failure_and_retry_count_0_sct_session_id#1113f7d6-1504d578-cc3367eb-60acca2b _      _ node_id_11576423446165810817 _
_i
1000/1.8.0.1 _ 

Zároveň všechny aplikace tohoto typu získávají určitý sumář ve formátu “SQLite format 3“ dotazem:

GET https://ampconfigprod.blob.core.windows.net/configcontainer/full/WeatherApp/4.4/200.0/configuration.sqlite?Client-AppVersion=4.4.200.0 HTTP/1.1
Accept-encoding: gzip
User-Agent: X-Client/AppexWin8Microsoft.BingWeather X-Client-AppVersion/4.4.200.0
Host: ampconfigprod.blob.core.windows.net
Connection: Keep-Alive 

Zde je alespoň jeho část:

HTTP/1.1 200 OK
Content-Length: 109568
Content-Type: binary/octet-stream
Content-MD5: wkDhBrWmOT7Mg4mDhQbmcw==
Last-Modified: Thu, 13 Aug 2015 23:25:54 GMT
ETag: 0x8D2A43688B7DAF3
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a3922ed7-0001-006f-2a5d-df2170000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 25 Aug 2015 17:41:44 GMT

SQLite format 3 _ __ @     _   k           _   _           _                                   _ -
   __  _ _n_                                                                                                                                                                                                                                                                                                                               <_ !Y%_ }i n d e x i d x _ p a r e n t A n d M a r k e t C o n f i g ]C R E A T E   I N D E X   i d x _ p a r e n t A n d M a r k e t   O N   C o n f i g ( p a r e n t I d ,   m a r k e t )  __ !5%_ 1i n d e x i d x _ m a r k e t C o n f i g QC R E A T E   I N D E X   i d x _ m a r k e t   O N   C o n f i g ( m a r k e t )  __ !%%_ It a b l e C o n f i g C o n f i g _C R E A T E   T A B L E   C o n f i g   ( i d   I N T E G E R   P R I M A R Y   K E Y ,   n a m e   T E X T ,   p a r e n t I d   I N T E G E R ,   m a r k e t   T E X T ,   i t e m T y p e   I N T E G E R ,   v a l u e ) _   M_C    P_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _{_u_o_i_c_]_W_Q_K_E_?_9_3_-_'_!_______   ___ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ __y_s_m_g_a_[_U_O_I_C                                                                                                                                                             _
  __ __T y p e  _G E T Z
_  !_ __I g n o r a b l e E r r o r C o d e s F o r I n s t r u m e n t a t i o n   _4 0 4 %
  A_ __D e f a u l t E x p i r y    ___I
  =_ _]C a c h e C o n t r o l  _P e r m a n e n t H e a d e r s O n l y .    Y_     C o n f i g u r    O V   N K   M @   L 5   K *   J _   I _   H        G ~   F s   E h   D ^   C S   B G   A ;   @ *   ? _   > _   = t   < b   ; P   : >   9 ,   8 _   7 _   6 v   5 b   4 P   3 <   2 )   1 _   0     /    . U   -     , _   + _   * _   ) _   ( _   ' _   & _   %     $ t   # j   " V   ! L     B   _ 3   _ (   _ _   _
   _ }   _ v   _ h   _ Q   _ 7   _ _   _       _ _   _y   _t   _k   _c   _Z   _U
P
J
D
@       =   _6    .   _)   _$   __   _
_C _ _ _ _ _o_H_ _Z_*_ _ _\_C
  __ __T y p e  _G E T Z
_  !_ __I g n o r a b l e E r r o r C o d e s F o r I n s t r u m e n t a t i o n   _4 0 4 %
  A_ __D e f a u l t E x p i r y    ___I
  =_ _]C a c h e C o n t r o l  _P e r m a n e n t H e a d e r s O n l y .    Y_     C o n f i g u r a t i o n U p d a t e _'_  I_ _
P a y l o a d T e m p l a t e __ B _ 9_ _ QU R L T e m p l a t e __h t t p : / / { M a r k e t } . a p p e x - r f . m s n . c o m / a r t i c l e / v 4 / { M a r k e t } / n e w s / { P a g e I d } / { C o n t e n t I d } . j s %_  A_ __D e f a u l t E x p i r y ___,__  __ __T y p e __G E T 4_  e_      M a r k e t B e d r o c k A r t i c l e s 2 ___  9_     D a t a S o u r c e s ___  -        M a n i f e s t  _
 & _ _v_]_2_ _ _u_P_7 ` &        8_  m_      S t r i n g R e s o u r c e D a t a S o u r c e _ T__ 9_ _ uU R L T e m p l a t e __h t t p s : / / a p p e x { A p p I D } { E n v i r o n m e n t } . b l o b . c o r e . w i n d o w s . n e t / d e f a u l t / F a i l S a f e C o n f i g u r a t i o n . j s o n __  __ __T y p e __G E T #_  A_ _  D e f a u l t E x p i r y __+_  Q_ __H o n o r S e r v e r E x p i r y __Z__  !_ __I g n o r a b l e E r r o r C o d e s F o r I n s t r u m e n t a t i o n __4 0 4 2_  a_      F a i l S a f e C o n f i g u r a t i o n _)_  9_ _!U R L T e m p l a t e __{ u r l } __  __ __T y p e __G E T U__  %_      F e a t u r e s C o n f i g u r a t i o n F u l l U r l D a t a S o u r c e _ 0__ 9_ _ -U R L T e m p l a t e  _h t t p s : / / { T a r g e t E n v i r o n m e n t } . b l o b . c o r e . w i n d o w s . n e t / c o n f i g c o n t a i n e r / f u l l / { A p p I D } / { A p p M a j o r M i n o r V e r s i o n } / { B u i l d N u m b e r } / c o n f i g u r a t i o n . s q l i t e
.
.
.
.                                                                                                                                                                                           , B  5_ _)A u t h P o l i c y _?_M B I _ S S L @ A  9_ _MA u t h S e r v i c e _?_s e r v i c e s . m s n . c o m 0 @  Y_ _ E n a b l e A N I D R e t r i e v a l _?_! ?  =_     A N I D S e t t i n g s   6 >  I_ _)C M S P r e v i e w P a r a m   _p r e v i e w X =_  !_ __S t r i n g R e s o u r c e D o w n l o a d I n t e r v a l S e c o n d s   __Q ( <  I_ __I s T i m e o u t R a n d o m _:__ ;  -_ __I s R a n d o m _:_# :  A_     R a n d o m N e t w o r k   " 9
_ _=_7_b i n g - i n t . c o m * 8
_ _M_7_s e r v i c e s . m s n . c o m * 7  M_ _ B a d I d H e a d e r H o s t s   _Z 6  a_ _YW i n d o w s F e e d b a c k A p p U R L _4_w i n d o w s - f e e d b a c k : / / 6 5  e_ _  W i n d o w s F e e d b a c k E n a b l e d _4_= 4  u_   W i n d o w s F e e d b a c k A p p S e t t i n g s 

Teprve nyní proběhne přihlášení a následně první opravdu zajímavá komunikace. Jedná se o stažení souboru threshold.appcache (CACHE MANIFEST), který obsahuje data pro vyhledávací engine a je svázán s ID zařízení (hlavičky poskytují server celkem dost informací – budeme se tomu věnovat v dalších částech).

GET https://www.bing.com/manifest/threshold.appcache HTTP/1.1
Accept: */*
Referer: https://www.bing.com/
X-Search-SafeSearch: Moderate
X-Device-SKU: Surface_Pro_2
X-Device-MachineId: {A8977D22-16F7-412B-B707-6332375D1E29}
X-BM-Market: CZ
X-BM-DateFormat: dd.MM.yyyy
X-Device-OSSKU: 48
X-Device-NetworkType: wifi
X-BM-DTZ: 120
X-DeviceID: 0100B0D30900803A
X-BM-DeviceScale: 150
X-Device-Manufacturer: Microsoft Corporation
X-BM-Theme: ffffff;005a9e
X-BM-DeviceDimensionsLogical: 1232x720
X-BM-DeviceDimensions: 1848x1080
X-Search-RPSToken: t%3DEwAgAgAL………………OvSfAQ%3D%3D%26p%3D
X-Device-Product: Surface Pro 2
X-BM-CBT: 1440423520
X-Device-isOptin: false
Accept-Language: cs-CZ, cs, en-US, en
X-Device-Touch: true
X-Device-ClientSession: 3838CC66FB024231A6518ECF152A81C8
X-BM-ClientFeatures: OemEnabled
X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; Touch; rv:11.0; Cortana 1.4.8.176; 10.0.0.0.10240.21) like Gecko
Origin: https://www.bing.com
Accept-Encoding: gzip, deflate
Host: www.bing.com
Connection: Keep-Alive
Cookie: ANON=A=A538FB174748055FE290C22BFFFFFFFF; SRCHD=AF=NOFORM; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20150801; MUID=4D64463CDFDD425C8564C309A6FCC5A3; _SS=SID=B410E7CB9B614AFCA655A456919677A2&CPID=1440423522237&CPH=dae7a69e&HV=1440423658; _EDGE_S=mkt=cs-CZ&ui=cs-CZ&SID=3BA940BA92E169E732301236593866822; _FS=mkt=cs-CZ&ui=cs-CZ; SRCHUID=V=2&GUID=9151C55E70524E5469819D45F339D025; 4D64463CDFDD425C8564C309A6FCC5A3 

Odpovědí je poté informace používaná vyhledávacím enginem „Cortana“:

CACHE MANIFEST
# Version:dae7a69e
CACHE:
/AS/API/WindowsCortanaPane/V2/Init
/devicecontent
/rms/Ajax.Bundle/jc/e2d6f5b9/afad0936.js?bu=rms+answers+AjaxSerp+Core%24ajax.shared%2cThreshold%24ajax.history.threshold%2cCore%24ajax.render%2cCore%24ajax.providers%2cCore%24ajax.lifeCycle%2cCore%24Providers%24ajax.provider.threshold
/rms/BingCore.Bundle/jc/5d0f804a/f6a90630.js?bu=rms+answers+Shared+BingCore%24shared%2cBingCore%24env.override%2cBingCore%24event.custom.fix%2cBingCore%24event.native%2cBingCore%24dom%2cBingCore%24cookies_parser%2cBingCore%24XHRPrefetch%24rmsajax_xhrprefetch%2cBingCore%24ClientInstV2%24InstrumentationConfigThrvis%2cBingCore%24ClientInstV2%24LogUploadCapFeatureDisabled%2cBingCore%24ClientInstV2%24ClientInstConfigSeparateQFQueue%2cBingCore%24ClientInstV2%24clientinst_xls%2cEmpty%2cBingCore%24ClientInstV2%24LogHelper%2cBingCore%24ClientInstV2%24VisibilityChangeEventHelper%2cBingCore%24Animation%2cBingCore%24fadeAnimation%2cBingCore%24framework%2cBingCore%24ShowWebView%2cBingCore%24CoreUtilities
/rms/BlueBrand/ortl,cc/cfd824f0/ed765317.css?bu=rms+answers+BrandBundle_Mobile+thbrand%24CombinedAsset_Windows_th_b%2cthbrand%24Colors_th_b%2cthbrand%24Type_th_b%2cthbrand%24Grid_th_b%2cempty%2cEmpty
/rms/BlueHeader/cir,ortl,cc/e3c56965/692701b1.css?bu=rms+answers+BrandBundle_Mobile+thbrand%24Header_CombinedAsset%2cthbrand%24Header_Colors_th_b%2cthbrand%24Header_Type%2cthbrand%24Header_Grid_th_b%2cempty
/rms/BundledViews/jc/187f607b/1d11af53.js?bu=rms+views+Threshold+DenseTileLayout%2cErrorMessage%2cInlineError%2cItemList%2cLocalStrings%2cMyStuffHeader%2cMyStuffPhotoItem%2cPageCanvas%2cPagination%2cPlaceHolderImage%2cRecourse%2cRegion%2cResultItem%2cResultItemCentered%2cResultItemPosition%2cResultItemPositionItem%2cResultItemPrimaryPosition%2cResultItemSecondaryPosition%2cResultItemWideColumnPosition%2cSection%2cSectionContents%2cSpellCorrection%2cSpellerSuggestion%2cSubsectionHeader%2cInstLink
/rms/BundledViews/jc/b6c526e1/7de5f28c.js?bu=rms+views+Shared+CenteredImagePair%2cAlertWrapper%2cFootnoteWrapper%2cGroupLabel%2cHorizontalList%2cHorizontalListItem%2cImagePair%2cImagePairWrapper%2cLargeSubtitle%2cLegacyImagePair%2cRichCaptionControl%2cSelectItem%2cTitleWrapper%2cVerticalList%2cVerticalListItem%2cVerticalStackPanel%2cVerticalStackPanelItem
/rms/Framework/jc/98a1080c/8f35ad43.js?bu=rms+answers+BoxModel+config.threshold%2crules%24rulesThresholdv2%2ccore%2cmodules%24scroll%2cmodules%24resize%2cmodules%24state%2cmodules%24mutation%2cmodules%24error%2cmodules%24network%2cmodules%24cursor%2cmodules%24keyboard%2cmodules%24bot
/rms/rms%20answers%20AutoSuggest%20Modules$Aggregators$FastRankModel/jc/a129a4d8/019ae10c.js
/rms/rms%20answers%20AutoSuggest%20Modules$Aggregators$TopHitConfidenceModel/jc/8b3b3f0d/a2d42288.js
/rms/rms%20answers%20AutoSuggest%20Partners$BingMDL2/ortl,cc/beb7ff27/cfa7c403.css
/rms/rms%20answers%20AutoSuggest%20Partners$CortanaMDL2/ortl,cc/f7ab76d7/53ee1b5a.css
/rms/rms%20localizationstrings%20AutoSuggest%20CortanaQF/jc/977f644e/09e2fa3e.js
/rms/rms%20localizationstrings%20Feedback%20LocStrings/jc/c495b727/7095ed03.js
/rms/rms%20localizationstrings%20Threshold%20LocStrings/jc/7417ae58/35c6ce5b.js
/rms/rms%20views%20AutoSuggest%20CortanaIcon/jc/f04fd526/1644b227.js
/rms/rms%20views%20AutoSuggest%20HighlightedText/jc/854a78c8/60686199.js
/rms/rms%20views%20AutoSuggest%20Icon/jc/72693c4f/bc7f42b1.js
/rms/rms%20views%20AutoSuggest%20WindowsGroup/jc/323c46fa/94bf666b.js
/rms/rms%20views%20AutoSuggest%20WindowsGroups/jc/17ec858f/72a23109.js
/rms/rms%20views%20AutoSuggest%20WindowsIndexingMessage/jc/d3e56e77/03bb9a65.js
/rms/rms%20views%20AutoSuggest%20WindowsPermanentDisambig/jc/f9180d52/fa224461.js
/rms/rms%20views%20AutoSuggest%20WindowsSuggestionSingleLine/jc/1c93c961/73f310f9.js
/rms/rms%20views%20AutoSuggest%20WindowsSuggestionThreeLines/jc/129e6935/bdc0b609.js
/rms/rms%20views%20AutoSuggest%20WindowsTopResults/jc/26e3f5ea/ca3768be.js
/rms/SparkleFramework/jc/e686a245/7a9dd3eb.js?bu=rms+serp+snr%24react-with-addons.min.source%2csnr%24Sparkle%2csnr%24Sparkle.React%2csnr%24ResourceManagement.source%2csnr%24Array_c.source%2csnr%24string_c.source
NETWORK:
* 

Tento dotaz (stažení threshold.appcache) spolu s posíláním aktualizace threshold (dále). Oba se opakují s železnou pravidelností i za situace, že vaše nastavení zakazuje posílání dat.

OneDrive a synchronizace

Při takovémto nastavení se take potkáte s dalším dotazem, který pro mne byl určitou záhadou:

POST http://ssw.live.com/UploadData.aspx HTTP/1.1
User-Agent: MSDW
Connection: Keep-Alive
Content-Length: 890
Host: ssw.live.com

MSQMx       ZW/ _   __  M   _ _ _        h  H  _            H  _ _  H  _"}7  _+A  c27]_)-_b4s} D    c ;s    _               l   _           _
     _   _       _    (      _               0       _   _
    _   _        _      _   _   __  _           8 A 4 9 1 1 2 2 5 C D D 4 5 D 1 8 3 E 6 C 2 0 7 B 0 D C 6 4 9 4     _       _   ( N / A )              _   1 7 . 3 . 5 9 3 0 . 0 8 1 4
       _   ( N / A )
       _   ( N / A )
       _   c s - C Z
       _   ( N / A )     _       _   ( N / A )     _       _   ( N / A )     _       _   ( N / A )     _       _   ( N / A )     _       _   0     !       _   p r o d     &       $   5 d 2 6 3 9 0 5 - a c 9 e - d d 4 7 - 1 5 a 7 - 9 8 6 c 0 c 1 5 9 9 5 a      __     _   #      __     _   ( n u l l )     _   h   :   _   _   _   _   _      _`h_
_ _ _ _ _ _ _ _ d
_A_> Y_ z   M _ M _    _   _   _   ( n u l l ) 

Což je zpráva posílaná pomocí MSQM (Microsoft Message Queuing). Nakenec se mi povedlo původce a důvod odhalit – jedná se o OneDrive, který informuje o své běžící verzi a stavu synchronizace.

Čímž se dostáváme k Onedrive. Jeho komunikace probíhá primárně na act-3-blue.mesh.com, dm2301.storage.live.com a samozřejmě skyapi.live.com a ssw.live.com. Uploadu dat na OneDrive jsem se zde věnovat opravdu nechtěl, vzhledem k tomu, že každý, kdo ukládá svá data do jakéhokoli cloudového úložiště, musí vědět, že jeho data se do tohoto úložiště uploadují. I přes svou nechuť jsem se rozhodl ukázat vám alespoň část (tu zajímavou) komunikace s OneDrive (speciálně pak kvůli různým divokým zvěstem o uploadu „všeho“ k serverům Microsoftu). Tedy, nejprve proběhne požadavek na synchronizaci:

PUT https://dm2301.storage.live.com/MyData/LiveFolders/?NotificationSubscriptions(WLS_SubscriptionId_7EF14555-2AA6-474E-A6AE-F62A8E7EB0D0) HTTP/1.1
Connection: Keep-Alive
Content-Type: application/web3s+xml
Authorization: WLID1.1 t=EgCfAQMAAAAEgBBBC4AABNWgJrEiwbJwyqhr78wW8bjAyySGffnEwdsW9hsy3eqqxth/olAjFbAT1TJRohxRsKctIMPEYRkCLJvYyqblXroY3ytVoP1XTtpz66X66Sd7bN/cib8uqTrraZ5xLEinKlzVBUi5jY7fmpffE4bjEI+QYUac8QrNVuseaZa0fW4OAWcADgEBQAMAy7wWs4+G3FVzSdtV3UkEERoTIAAgGABqaXJpLmJhcnRvc0BvdXRsb29rLmNvbQBgAAAkamlyaS5iYXJ0b3Mlb3V0bG9vay5jb21AcGFzc3BvcnQuY29tAAAAHENaAAU5NDFwMQAAAAAEBQIAAHhZbUAQBkMABkppxZnDrQAHQmFydG/FoQUMAAAAAAAAAAAAAAAADsQxc3D6JN0AAI+G3FVBNAFWAAAAAAAAAAAAAAAADgA5MC4xNzYuNDMuMTcwAAUBAAAAAAAAAAAAAAAAAQQAAAAAAAAAAAAAAAAAAACd67Ww07/hkQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDoB0gAAA==
User-Agent: Microsoft SkyDriveSync 17.3.5930.0814 ship; Windows NT 10.0 (10240)
Application: SkyDriveSync
X-RequestStats: did=5d263905-ac9e-dd47-15a7-986c0c15995a
Content-Length: 494
Host: dm2301.storage.live.com

<NotificationSubscription><SubscriptionId>WLS_SubscriptionId_7EF14555-2AA6-474E-A6AE-F62A8E7EB0D0</SubscriptionId><Url>https://db3.notify.windows.com/?token=AwYAAABm3jdR6ThEJHSioZ6Qg4rRKoMiTqZ8ICaTOwFcqkjlqIy2Y%2b7VK8qz%2f56IZbNPkADGvLlma1i1HfEe5jK8Oy8ZFWJt%2fJryQEEW3UmzOJlkQTl9zGTgqdoWHe7pCa%2fF0wZH03AEbB1ljoIpeR%2f74bQW</Url><SecondsToExpiry>82800</SecondsToExpiry><Scenarios><Scenario>SkyDriveFileSync</Scenario></Scenarios><DestinationType>Wns</DestinationType></NotificationSubscription> 

Server vrátí parametry scénáře (FileSync):

<?xml version="1.0" encoding="utf-8"?>
<NotificationSubscription>
  <SubscriptionId>WLS_SubscriptionId_7EF14555-2AA6-474E-A6AE-F62A8E7EB0D0</SubscriptionId>
  <Url>https://db3.notify.windows.com/?token=AwYAAABm3jdR6ThEJHSioZ6Qg4rRKoMiTqZ8ICaTOwFcqkjlqIy2Y%2b7VK8qz%2f56IZbNPkADGvLlma1i1HfEe5jK8Oy8ZFWJt%2fJryQEEW3UmzOJlkQTl9zGTgqdoWHe7pCa%2fF0wZH03AEbB1ljoIpeR%2f74bQW</Url>
  <SecondsToExpiry>82800</SecondsToExpiry>
  <Scenarios>
    <String>SkyDriveFileSync</String>
  </Scenarios>
  <DestinationType>Wns</DestinationType>
  <SubmissionDateTime>2015-08-25T15:15:34.607Z</SubmissionDateTime>
  <ExpirationDateTime>2015-08-26T14:15:34.607Z</ExpirationDateTime>
</NotificationSubscription> 

A ohlásíme, že dochází ke změně:

PUT https://dm2301.storage.live.com/MyData/LiveFolders/?NotificationSubscriptions(WLS_SubscriptionId_3F34DB87-8BEF-4245-805E-548D20B3BE13) HTTP/1.1
Connection: Keep-Alive
Content-Type: application/web3s+xml
Authorization: WLID1.1 t=EgCfAQMAAAAEgBBBC4AABNWgJrEiwbJwyqhr78wW8bjAyySGffnEwdsW9hsy3eqqxth/olAjFbAT1TJRohxRsKctIMPEYRkCLJvYyqblXroY3ytVoP1XTtpz66X66Sd7bN/cib8uqTrraZ5xLEinKlzVBUi5jY7fmpffE4bjEI+QYUac8QrNVuseaZa0fW4OAWcADgEBQAMAy7wWs4+G3FVzSdtV3UkEERoTIAAgGABqaXJpLmJhcnRvc0BvdXRsb29rLmNvbQBgAAAkamlyaS5iYXJ0b3Mlb3V0bG9vay5jb21AcGFzc3BvcnQuY29tAAAAHENaAAU5NDFwMQAAAAAEBQIAAHhZbUAQBkMABkppxZnDrQAHQmFydG/FoQUMAAAAAAAAAAAAAAAADsQxc3D6JN0AAI+G3FVBNAFWAAAAAAAAAAAAAAAADgA5MC4xNzYuNDMuMTcwAAUBAAAAAAAAAAAAAAAAAQQAAAAAAAAAAAAAAAAAAACd67Ww07/hkQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDoB0gAAA==
User-Agent: Microsoft SkyDriveSync 17.3.5930.0814 ship; Windows NT 10.0 (10240)
Application: SkyDriveSync
X-RequestStats: did=5d263905-ac9e-dd47-15a7-986c0c15995a
Content-Length: 494
Host: dm2301.storage.live.com

<NotificationSubscription><SubscriptionId>WLS_SubscriptionId_3F34DB87-8BEF-4245-805E-548D20B3BE13</SubscriptionId><Url>https://db3.notify.windows.com/?token=AwYAAAD%2bwI9vpE4rKtTo39BxbvuUDBHhCADvUP4TdLxZ%2fx%2bBBSU%2bcFgje4BNcsKLAJPrGj2husCoW3KeKm2C%2bfSQpJVMe9Pxw3ivooMs3d6PUS5mBKlX9TnkuEIhWd9U42sZJdaSHDsDVmrM5lJ05PryxfGp</Url><SecondsToExpiry>82800</SecondsToExpiry><Scenarios><Scenario>QuotaStateChange</Scenario></Scenarios><DestinationType>Wns</DestinationType></NotificationSubscription> 

Vrací se nám parametry nového scénáře:

<?xml version="1.0" encoding="utf-8"?>
<NotificationSubscription>
  <SubscriptionId>WLS_SubscriptionId_3F34DB87-8BEF-4245-805E-548D20B3BE13</SubscriptionId>
  <Url>https://db3.notify.windows.com/?token=AwYAAAD%2bwI9vpE4rKtTo39BxbvuUDBHhCADvUP4TdLxZ%2fx%2bBBSU%2bcFgje4BNcsKLAJPrGj2husCoW3KeKm2C%2bfSQpJVMe9Pxw3ivooMs3d6PUS5mBKlX9TnkuEIhWd9U42sZJdaSHDsDVmrM5lJ05PryxfGp</Url>
  <SecondsToExpiry>82800</SecondsToExpiry>
  <Scenarios>
    <String>QuotaStateChange</String>
  </Scenarios>
  <DestinationType>Wns</DestinationType>
  <SubmissionDateTime>2015-08-25T15:15:34.85Z</SubmissionDateTime>
  <ExpirationDateTime>2015-08-26T14:15:34.85Z</ExpirationDateTime>
</NotificationSubscription> 

A probíhá samotný download:

GET https://act-3-blu.mesh.com/u/XVKZKC536CT5EIY5SEH6OVJW7Q/c/DH6O3Q3IYS54N4D6YBFHLKZ5FI/a/ HTTP/1.1
Connection: Keep-Alive
Content-Type: application/octet-stream
Authorization: WLID1.1 t=EgCfAQMAAAAEgBBBC4AABNWgJrEiwbJwyqhr78wW8bjAyySGffnEwdsW9hsy3eqqxth/olAjFbAT1TJRohxRsKctIMPEYRkCLJvYyqblXroY3ytVoP1XTtpz66X66Sd7bN/cib8uqTrraZ5xLEinKlzVBUi5jY7fmpffE4bjEI+QYUac8QrNVuseaZa0fW4OAWcADgEBQAMAy7wWs4+G3FVzSdtV3UkEERoTIAAgGABqaXJpLmJhcnRvc0BvdXRsb29rLmNvbQBgAAAkamlyaS5iYXJ0b3Mlb3V0bG9vay5jb21AcGFzc3BvcnQuY29tAAAAHENaAAU5NDFwMQAAAAAEBQIAAHhZbUAQBkMABkppxZnDrQAHQmFydG/FoQUMAAAAAAAAAAAAAAAADsQxc3D6JN0AAI+G3FVBNAFWAAAAAAAAAAAAAAAADgA5MC4xNzYuNDMuMTcwAAUBAAAAAAAAAAAAAAAAAQQAAAAAAAAAAAAAAAAAAACd67Ww07/hkQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDoB0gAAA==
User-Agent: Microsoft SkyDriveSync 17.3.5930.0814 ship; Windows NT 10.0 (10240)
X-TransactionId: Plat.17.3.5930.0814.6a1cc361-c764-406d-9736-110611d9ed22
X-RequestStats: did=5d263905-ac9e-dd47-15a7-986c0c15995a
Wlc-Version: 23
Host: act-3-blu.mesh.com 

Odpovědí jsou naše soubory a jejich metadata (zkráceno):

HTTP/1.1 200 OK
Cache-Control: no-store,no-cache
Pragma: no-cache
Content-Type: application/octet-stream;v0
Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
ETag: 0
Date: Tue, 25 Aug 2015 15:15:34 GMT
Content-Length: 832

 _    _    _   act-3-blu.mesh.comd_   XVKZKC536CT5EIY5SEH6OVJW7Qe_   D2EAKS2OVF7TL7XQIRRCSMDWUAf_   BI6M5ECOHSIWJNR57W7I5QNLLQg_   VYNIS4R7BUBVS2JFEW6LC6N3CAh8 _  __
d
_K_  __   -urn:uuid:90ce3c0a-3c4e-6491-b63d-fdbe8ec1ab5c _6__
d
 _ _
    E_UA  _    _o   _    _         _edit_
e_f_g_    _         _self_
e_f_g+    _         _Account/Endpoints_
e_f_g_

    E_UA  _     _ "s __.khD  Z1 O _ U
   #_ _ U6  __
RemoteAccess%_     version _
     %_   -urn:uuid:72891aae-0d3f-5903-6925-25bcb179bb10 _7__
d
 _ _
     _UA  _    _o   _    _         _edit_
e_f_h_    _         _self_
e_f_h+    _         _Account/Endpoints_
e_f_h_

     _UA  _     _ "s __.khD  Z1 O _ U
   #_ _ U6  __ _P2PDataProvider%_     version _
    _16.4_@   _    _         _edit_
e_f_
_    _         _self_
e_f_ 

Při uploadu odchází požadavek na změnu:

BITS_POST https://dm2301.storage.live.com/Items/70FA24DD0EC43173!104/WIN_20150825_17_14_14_Pro.jpg HTTP/1.1
Connection: Keep-Alive
Accept-Language: cs-CZ
Authorization: WLID1.1 t=EgCfAQMAAAAEgBBBC4AABNWgJrEiwbJwyqhr78wW8bjAyySGffnEwdsW9hsy3eqqxth/olAjFbAT1TJRohxRsKctIMPEYRkCLJvYyqblXroY3ytVoP1XTtpz66X66Sd7bN/cib8uqTrraZ5xLEinKlzVBUi5jY7fmpffE4bjEI+QYUac8QrNVuseaZa0fW4OAWcADgEBQAMAy7wWs4+G3FVzSdtV3UkEERoTIAAgGABqaXJpLmJhcnRvc0BvdXRsb29rLmNvbQBgAAAkamlyaS5iYXJ0b3Mlb3V0bG9vay5jb21AcGFzc3BvcnQuY29tAAAAHENaAAU5NDFwMQAAAAAEBQIAAHhZbUAQBkMABkppxZnDrQAHQmFydG/FoQUMAAAAAAAAAAAAAAAADsQxc3D6JN0AAI+G3FVBNAFWAAAAAAAAAAAAAAAADgA5MC4xNzYuNDMuMTcwAAUBAAAAAAAAAAAAAAAAAQQAAAAAAAAAAAAAAAAAAACd67Ww07/hkQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDoB0gAAA==
User-Agent: Microsoft SkyDriveSync 17.3.5930.0814 ship; Windows NT 10.0 (10240)
Application: SkyDriveSync
BITS-Packet-Type: Create-Session
BITS-Supported-Protocols: {7df0354d-249b-430f-820d-3d2a9bef4931}
X-RequestStats: btuc=0;did=5d263905-ac9e-dd47-15a7-986c0c15995a;ftuc=0;
X-TransactionId: JQCUxAAABQQAAOdgaqss1sVMpZmksLj4Xa0wMDAwMDAwMDAwMDupka2BgXhJn1Gk+BX7X4ZNAAEAKgABAA==
Content-Length: 0
Host: dm2301.storage.live.com 

Odpovědí je „created“ (jedná se o nový soubor):

HTTP/1.1 201 Created
Content-Length: 0
Server: Microsoft-IIS/8.5
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-MSNSERVER: DM2301____PAP205
Strict-Transport-Security: max-age=31536000; includeSubDomains
BITS-Packet-Type: Ack
BITS-Protocol: {7df0354d-249b-430f-820d-3d2a9bef4931}
BITS-Session-Id: 3my7Djy1M40-q-LbONNt5Ggla__M9hQSpZackqN0_GU5GYXxWqGD48776Hv1QxyK6s
Accept-Encoding: Identity
X-AsmVersion: UNKNOWN; 19.23.0.0
X-MSEdge-Ref: Ref A: 6ABB381121B84A44BD061E7A330C93DD Ref B: 20E684983F5BD776866E9EF5FC0BB098 Ref C: Tue Aug 25 08:15:35 2015 PST
Date: Tue, 25 Aug 2015 15:15:35 GMT 

Samotný upload poté probíhá v režimu synchronizace (posílá se celýá 4MB obrázek, takže zkráceno):

BITS_POST https://dm2301.storage.live.com/Items/70FA24DD0EC43173!104/WIN_20150825_17_14_14_Pro.jpg HTTP/1.1
Connection: Keep-Alive
Content-Range: bytes 0-127117/127118
Accept-Language: cs-CZ
Authorization: WLID1.1 t=EgCfAQMAAAAEgBBBC4AABNWgJrEiwbJwyqhr78wW8bjAyySGffnEwdsW9hsy3eqqxth/olAjFbAT1TJRohxRsKctIMPEYRkCLJvYyqblXroY3ytVoP1XTtpz66X66Sd7bN/cib8uqTrraZ5xLEinKlzVBUi5jY7fmpffE4bjEI+QYUac8QrNVuseaZa0fW4OAWcADgEBQAMAy7wWs4+G3FVzSdtV3UkEERoTIAAgGABqaXJpLmJhcnRvc0BvdXRsb29rLmNvbQBgAAAkamlyaS5iYXJ0b3Mlb3V0bG9vay5jb21AcGFzc3BvcnQuY29tAAAAHENaAAU5NDFwMQAAAAAEBQIAAHhZbUAQBkMABkppxZnDrQAHQmFydG/FoQUMAAAAAAAAAAAAAAAADsQxc3D6JN0AAI+G3FVBNAFWAAAAAAAAAAAAAAAADgA5MC4xNzYuNDMuMTcwAAUBAAAAAAAAAAAAAAAAAQQAAAAAAAAAAAAAAAAAAACd67Ww07/hkQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDoB0gAAA==
User-Agent: Microsoft SkyDriveSync 17.3.5930.0814 ship; Windows NT 10.0 (10240)
Application: SkyDriveSync
BITS-Packet-Type: Fragment
BITS-Session-Id: 3my7Djy1M40-q-LbONNt5Ggla__M9hQSpZackqN0_GU5GYXxWqGD48776Hv1QxyK6s
X-RequestStats: btuc=0;did=5d263905-ac9e-dd47-15a7-986c0c15995a;ftuc=0;
X-TransactionId: JQCUxAAABQQAAOdgaqss1sVMpZmksLj4Xa0wMDAwMDAwMDAwMDupka2BgXhJn1Gk+BX7X4ZNAAEAKgACAA==
Content-Length: 127118
Host: dm2301.storage.live.com

     _JFIF ___ ` `      Exif  MM *   _ ___ _   _ _   i _   _   &     _ _ _   _   \ _ _   _   p   _   _90     _   _90      2015:08:25 17:14:14 2015:08:25 17:14:14     _ http://ns.adobe.com/xap/1.0/ <?xpacket begin='' id='W5M0MpCehiHzreSzNTczkc9d'?>
<x:xmpmeta xmlns:x="adobe:ns:meta/"><rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"><rdf:Description rdf:about="uuid:faf5bdd5-ba3d-11da-ad31-d33d75182f1b" xmlns:xmp="http://ns.adobe.com/xap/1.0/"><xmp:CreateDate>2015-08-25T17:14:14.902</xmp:CreateDate></rdf:Description></rdf:RDF></x:xmpmeta>
<?xpacket end='w'?>   C _____________________


    _ ___________  _}___ ____!1A__Qa "q_2   _#B  _R  $3br
_____%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz                                                                            __ __________      ______ _

    _ _______ ___ __w ______!1__AQ aq_"2 __B        #3R _br
_$4 % ____&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz
__ ____ ?  ݙ    ^ r    4 ,?z      u`  M${ JN B | 59de   ʻw| H 8  _գ_7_9=Q6   t  x   W  Zk7 U    )ƣ _ i۾Zb   T p ,] *  ݶ       _Z i a/u _3o_ N] y % ~]  3   .   lc cN^ bm     5_  _ I        G z ? iem     _u5   V   k     _  $i o      m f  ( _ h [VE 4K 4  =S    U !]~ f   !I x  ,   :;     %Y>n   %  $    u0  nȕ 괗   n  Ҧ  _R~e     ]6  U    mK ' ]
_j sQ}  D p1M  A+ &i) i?y 6     _,otZ VL _  hg _樾n   h z_ ޢ _  . NJ& Aٍ jż
. 5] r_ gj    -JR/́MfU_  U   l j cw E D
Eqцc 

Odpovědí je prosté „OK“:

HTTP/1.1 200 OK 

Další komunikace provádí ověření úspěšnosti:

POST https://dm2301.storage.live.com/MyData/LiveFolders?View=SkyDriveSync HTTP/1.1
Connection: Keep-Alive
Content-Type: application/web3s+xml
Accept-Language: cs-CZ
Authorization: WLID1.1 t=EgCfAQMAAAAEgBBBC4AABNWgJrEiwbJwyqhr78wW8bjAyySGffnEwdsW9hsy3eqqxth/olAjFbAT1TJRohxRsKctIMPEYRkCLJvYyqblXroY3ytVoP1XTtpz66X66Sd7bN/cib8uqTrraZ5xLEinKlzVBUi5jY7fmpffE4bjEI+QYUac8QrNVuseaZa0fW4OAWcADgEBQAMAy7wWs4+G3FVzSdtV3UkEERoTIAAgGABqaXJpLmJhcnRvc0BvdXRsb29rLmNvbQBgAAAkamlyaS5iYXJ0b3Mlb3V0bG9vay5jb21AcGFzc3BvcnQuY29tAAAAHENaAAU5NDFwMQAAAAAEBQIAAHhZbUAQBkMABkppxZnDrQAHQmFydG/FoQUMAAAAAAAAAAAAAAAADsQxc3D6JN0AAI+G3FVBNAFWAAAAAAAAAAAAAAAADgA5MC4xNzYuNDMuMTcwAAUBAAAAAAAAAAAAAAAAAQQAAAAAAAAAAAAAAAAAAACd67Ww07/hkQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDoB0gAAA==
User-Agent: Microsoft SkyDriveSync 17.3.5930.0814 ship; Windows NT 10.0 (10240)
Application: SkyDriveSync
X-CustomIdentity: SkyDriveSync=8cb498f3-51aa-40d1-8a57-2cebe552c0ab
X-RequestStats: btuc=127118;did=5d263905-ac9e-dd47-15a7-986c0c15995a;ftuc=1;
X-SubscriptionIdToNotNotify: WLS_SubscriptionId_7EF14555-2AA6-474E-A6AE-F62A8E7EB0D0
X-SynchronousMetadata: false
X-TransactionId: JQCVxAAABQQAAOdgaqss1sVMpZmksLj4Xa0wMDAwMDAwMDAwMKssMde2UdVPvmEIMoJXU6NNAAEAKgABAA==
Content-Length: 808
Host: dm2301.storage.live.com

<?xml version="1.0" encoding="utf-8"?><Items><Document><ParentResourceID>70FA24DD0EC43173!104</ParentResourceID><WriteMode>Create</WriteMode><RelationshipName>WIN_20150825_17_14_14_Pro.jpg</RelationshipName><DateCreatedOnClient>2015-08-25T15:15:01.0000000Z</DateCreatedOnClient><DateModifiedOnClient>2015-08-25T15:14:14.0000000Z</DateModifiedOnClient><skydrivesync.xschema.wlx.live.com><CreationScopeId>70FA24DD0EC43173!103</CreationScopeId></skydrivesync.xschema.wlx.live.com><DocumentStreams><DocumentStream><DocumentStreamName>Default</DocumentStreamName><MimeType>application/octet-stream</MimeType><DocumentStreamType>Named</DocumentStreamType><FragmentSessionId>3my7Djy1M40-q-LbONNt5Ggla__M9hQSpZackqN0_GU5GYXxWqGD48776Hv1QxyK6s</FragmentSessionId></DocumentStream></DocumentStreams></Document></Items> 

S odpovědí „úspěch“:

<?xml version="1.0" encoding="utf-8"?>
<Items>
  <Document>
    <ResourceID>70FA24DD0EC43173!29647</ResourceID>
    <ETag>70FA24DD0EC43173!29647.0</ETag>
    <DateModified>2015-08-25T15:15:40.027Z</DateModified>
    <RelationshipName>WIN_20150825_17_14_14_Pro.jpg</RelationshipName>
    <ParentResourceID>70FA24DD0EC43173!104</ParentResourceID>
    <WriteStatus>Success</WriteStatus>
    <DocumentStreams>
      <DocumentStream>
        <DocumentStreamName>Binary</DocumentStreamName>
        <MimeType>image/jpeg</MimeType>
        <DataSize>127118</DataSize>
        <SHA1Hash>tpHH76vDZMZOK4kuS1ucyKW05gg=</SHA1Hash>
        <CRCHash>SMBR/Q==</CRCHash>
        <Hash>AhQAAAAEAAAAGAC2kcfvq8Nkxk4riS5LW5zIpbTmCEjAUf0=</Hash>
        <StreamDataStatus>None</StreamDataStatus>
        <StreamStatus>None</StreamStatus>
        <Genie>False</Genie>
        <StreamVersion>257</StreamVersion>
        <DocumentStreamType>Binary</DocumentStreamType>
        <IsAliasForDefault>True</IsAliasForDefault>
        <ExpirationDateTime>0001-01-01T00:00:00Z</ExpirationDateTime>
      </DocumentStream>
    </DocumentStreams>
  </Document>
</Items> 

Vše je uzavřeno informací o stavu OneDrive složek – v našem případě jsou to dva dotazy na http://ssw.live.com/UploadData.aspx – prováděli jsme upload i download a stažení informací o stavu front:

GET https://dm2301.storage.live.com/MyData/LiveFolders?web3s.expand=QuotaState HTTP/1.1
Connection: Keep-Alive
Accept-Language: cs-CZ
Authorization: WLID1.1 t=EgCfAQMAAAAEgAAAC4AABNWgJrEiwbJwyqhr78wW8bjAyySGffnEwdsW9hsy3eqqxth/olAjFbAT1TJRohxRsKctIMPEYRkCLJvYyqblXroY3ytVoP1XTtpz66X66Sd7bN/cib8uqTrraZ5xLEinKlzVBUi5jY7fmpffE4bjEI+QYUac8QrNVuseaZa0fW4OAWcADgEBQAMAy7wWs4+G3FVzSdtV3UkEAAoTIAAgGABqaXJpLmJhcnRvc0BvdXRsb29rLmNvbQBgAAAkamlyaS5iYXJ0b3Mlb3V0bG9vay5jb21AcGFzc3BvcnQuY29tAAAAHENaAAU3NDYwMQAAAAAEBQIAAHhZbUAQBkMABkppxZnDrQAHQmFydG/FoQUMAAAAAAAAAAAAAAAADsQxc3D6JN0AAI+G3FVBNAFWAAAAAAAAAAAAAAAADgA5MC4xNzYuNDMuMTcwAAUBAAAAAAAAAAAAAAAAAQQAAAAAAAAAAAAAAAAAAACd67Ww07/hkQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMUoB0gAAA==
User-Agent: Microsoft SkyDriveSync 17.3.5930.0814 ship; Windows NT 10.0 (10240)
Application: SkyDriveSync
X-RequestStats: btuc=0;did=5d263905-ac9e-dd47-15a7-986c0c15995a;ftuc=0;
X-TransactionId: JQCWxAAABQQAAOdgaqss1sVMpZmksLj4Xa0wMDAwMDAwMDAwMEfbBIgu2MFIlrf1a4PzHuhNAAEAKgABAA==
Host: dm2301.storage.live.com 

Odpověď obsahuje jednotlivé složky/soubory na OneDrive (zkráceno):

<?xml version="1.0" encoding="utf-8"?>
<Folder>
  <ItemType>Folder</ItemType>
  <ResourceID>70FA24DD0EC43173!103</ResourceID>
  <OwnerCID>8140859808279703923</OwnerCID>
  <Creator>
    <Puid>0</Puid>
    <CID>8140859808279703923</CID>
  </Creator>
  <Size>0</Size>
  <Version>6</Version>
  <ETag>70FA24DD0EC43173!103.6</ETag>
  <DateCreated>2013-02-22T16:50:27.847Z</DateCreated>
  <DateModified>2015-08-25T15:01:30.353Z</DateModified>
  <DateCreatedOnClient>2013-02-22T16:50:27.847Z</DateCreatedOnClient>
  <DateModifiedOnClient>2013-07-09T09:31:33.827Z</DateModifiedOnClient>
  <Name>LiveFolders</Name>
  <RoleDefinitionName>FolderPublic</RoleDefinitionName>
  <PolicyName>LiveFolders</PolicyName>
  <Flags>0</Flags>
  <ExplicitlyShared>False</ExplicitlyShared>
  <Items>
    <Folder>
    <Photo>
      <ItemType>Photo</ItemType>
      <ResourceID>70FA24DD0EC43173!23873</ResourceID>
      <RelationshipName> WIN_20150825_17_14_14_Pro.jpg</RelationshipName>
    </Photo>
    <Document>
      <ItemType>Document</ItemType>
      <ResourceID>70FA24DD0EC43173!29083</ResourceID>
      <RelationshipName>B05 - Abramovich-IPv6 Security Challenges and Solutionsv2.pdf</RelationshipName>
    </Document>
.
.
.

    <Document>
      <ItemType>Document</ItemType>
      <ResourceID>70FA24DD0EC43173!8324</ResourceID>
      <RelationshipName>CP_R77_Gaia_AdminGuide.pdf</RelationshipName>
    </Document>
    <Document>
      <ItemType>Document</ItemType>
      <ResourceID>70FA24DD0EC43173!8505</ResourceID>
      <RelationshipName>CP_R77_SmartEvent_AdminGuide.pdf</RelationshipName>
    </Document>
.
.
.
    <Document>
      <ItemType>Document</ItemType>
      <ResourceID>70FA24DD0EC43173!10186</ResourceID>
      <RelationshipName>CP_GaiaCLI_Sysconfig_ReferenceGuide.pdf</RelationshipName>
    </Document>
    <Folder>
      <ItemType>Folder</ItemType>
      <ResourceID>70FA24DD0EC43173!10337</ResourceID>
      <RelationshipName>DCH</RelationshipName>
    </Folder>
    <Folder>
      <ItemType>Folder</ItemType>
      <ResourceID>70FA24DD0EC43173!12003</ResourceID>
      <RelationshipName>cisco-visio</RelationshipName>
    </Folder>
    <Document>
      <ItemType>Document</ItemType>
      <ResourceID>70FA24DD0EC43173!13288</ResourceID>
.
.
.
.
.
  <QuotaState>Normal</QuotaState>
</Folder> 

Windows Store a Xbox

S používáním Windows 10 nám poté úzce souvisí Windows Store. Prvním krokem při jeho spuštění je stažení nastavení z https://settings-ssl.xboxlive.com. Opět je vidět, že „Metro“ aplikace v hlavičkách opravdu v podstatě žádná data neprosakují:

GET https://settings-ssl.xboxlive.com/XBLWinClient/v3.6_store/configuration.xml HTTP/1.1
Accept: */*
User-Agent: XBLWIN1.6
Accept-Language: cs-CZ
UA-CPU: AMD64
Accept-Encoding: gzip, deflate
Host: settings-ssl.xboxlive.com
Connection: Keep-Alive 

Odpověď serveru se věnuje jednotlivým funkcím a vlastnostem, které nám budou dostupné a v jaké podobě – v zásadě zde se nám láme, co nám WindowsStore nabídne vzhledem k lokalitě (zemi), ve které se nacházíme (zkráceno):

<?xml version="1.0" encoding="utf-8"?>
<clientConfiguration xmlns="http://schemas.microsoft.com/XblWinClient/2012/03" version="1">
    <targetedClient>XblWinClient</targetedClient >
    <rights>Copyright (c) Microsoft Corporation. All rights reserved.</rights>

    <configuration name="Service" >
        <property name="MarketplaceLicensingRelyingPartyEndpoint" type="string" value="www.microsoft.com" />
        <property name="MarketplaceCollectionsRelyingPartyEndpoint" type="string" value="www.microsoft.com" />
    </configuration>

    <configuration name="Store" minBuild="1061" >
        <property name="IsMusicEnabled" type="boolean" value="true" />
    </configuration>

    <configuration name="Features" minBuild="1061" maxBuild="1075" >
        <property name="MusicMarketplace" type="string" value="AU,CA,GB,IE,NZ,US" />
    </configuration>

    <configuration name="Features" minBuild="1076" >
        <property name="MusicMarketplace" type="string" value="AR,AT,AU,BE,BR,CA,CH,DE,DK,ES,FI,FR,GB,IE,IT,JP,MX,NL,NO,NZ,PT,SE,US" />
        <property name="MoviesMarketplace" type="string" value="AU,AT,BE,BR,CA,CH,DE,DK,ES,FI,FR,GB,IE,IT,JP,MX,NL,NZ,NO,SE,US" />
    </configuration>

    <configuration name="Features" minBuild="1181" >
        <property name="TvMarketplace" type="string" value="AT,AU,BR,CA,CH,DE,DK,ES,FI,FR,GB,IE,IT,JP,MX,NL,NO,NZ,SE,US" />
    </configuration>

    <configuration name="Features" minBuild="1181" maxBuild="1205" >
        <property name="MusicSubscription" type="string" value="" />
    </configuration>

    <configuration name="Features" minBuild="1206"  >
        <property name="MusicSubscription" type="clearOverride" />
    </configuration>

    <configuration name="Store" targetCountry="ar" >
        <property name="MusicPassTrialLegacyAvailabilityId" type="string" value="53645494-a222-44eb-a43c-6d5bd44ee729" />
        <property name="MusicPassTrialBigCatAvailabilityId" type="string" value="9DPS8K70V45C" />
        <property name="MusicPassMonthlyBigCatAvailabilityId" type="string" value="9DPS8K70V467" />
        <property name="MusicPassYearlyBigCatAvailabilityId" type="string" value="9DPS8K70V44Z" />
    </configuration>

.
.
.
.
    <configuration name="Store" targetCountry="us" >
        <property name="MusicPassTrialLegacyAvailabilityId" type="string" value="b0a74ad5-a05f-4fb2-b25a-fb01e461c260" />
        <property name="MusicPassTrialBigCatAvailabilityId" type="string" value="9DPS8K70V45D" />
        <property name="MusicPassMonthlyBigCatAvailabilityId" type="string" value="9DPS8K70V468" />
        <property name="MusicPassYearlyBigCatAvailabilityId" type="string" value="9DPS8K70V450" />
    </configuration>

</clientConfiguration> 

Poté dojde ke stažení dat pro aplikaci jako takovou (úvodní obrazovka a aplikace), a to ze dvou zdrojů:

GET https://storeedgefd.dsx.mp.microsoft.com/channels/entitlements?&modifiedAfter=2015-08-25T11:46:51.2383903Z&pageSize=100 HTTP/1.1 

a

GET https://storeedgefd.dsx.mp.microsoft.com/pages/chrome?appversion=2015.8.12.1&market=CZ&locale=cs&deviceType=&deviceFamily=windows.desktop&catalogLocales=cs,en-GB&musicMarket=&screenSize=L&hardware=cmr,dcb,dx9,dxa,dxb,kbd,m30,m75,mA0,mse,mT0,tch&packageHardware=dcb,dx9,dxa,dxb,m30,m75,mA0,mT0&deviceFamilyVersion=2814750438211605&architecture=x64&oemId=MICROSOFT_CORPORATION&scmId=&moId= HTTP/1.1 

Zasílané hlavičky jsou totožné:

Accept-Encoding: gzip, deflate
Accept: */*
MS-Contract-Version: 3
User-Agent: WindowsStore/2015.8.12.1
MS-CV: rhx77n6O/E2pEk7d.2 (resp. 3)
Accept-Language: cs
Authorization: Bearer WLID1.0=t=EwCgAl8iAQAUwBD19kUhypl/78mkmOo8YMibAYQAAaOJq+ZRXrJIErL21uGuuua9wMEUiZqArvIddH4eIN5Oxtg9USxDAlA+vh6yzs0z2off4542nPGV7zCili6V57k/N53wi0CRQDG6sXmKFEZlaaAAKr75WTjBV2GIeoIjVi7scjWP6t5Y+wMP9maS02LxYehMZ3OJuS89wFdGdRdvQhwce4VEaHT8Q3VtRHvmMN9oW2dxWQkkbgxn2/T6b6VQXA9cetQrd/b+u8JlSYWXY4/Z96SVlj2U0bjsf2tGOlk8gIcw6SBfDrSjd1c78Y5kOXDhvD0L4mJkjuiZJhCz97orGpp3udFNXFIAQShuiz8lCKapJwqqpnhkeQY+BiwDZgAACN014pBvIhYzcAG8ieLfqLNx4hn0Dm0v+sIDAvxIMSueh4KHJv3qA81gBYAoniRN7plH+yC+4tESpQjp6ctV1eXYtT0Xsf1sTS/RO2ux3moq59kJK/KCBzdRyx7H+vW6n8RUP25YE7Ml91wcgY1IaBOv7KU6/TMBM4HibdXZBG9otQ+/ahEGO6Oh/YMHAB0JiAeTeQhp0AAHmguc3PemcXGbvl8pJKq6tVw2FuqY0D92arYedulmDF/NJDXN0JsenSDX2v125vDyhYp4qbnuRlYYJnEdLkdpN2vfsdl2RWtSDLP5/ni5Zf0aZa5ObCxSaD5R+kqlVD4EmzMinQr3XcYHum5xNzH/5nWL8wmUIrGC9Wkm2ses4cUl9up7hygSvjXpHNcvZ+OvS+N7drFBkKacCQgQr9VpvhoR2r7CnFRifU02QmczKbdyio5SjLjRxDimO91zQWT872W1BA/g2D4MfhdCaQOEUQZYobslhmz64eRGhgC6npXkDZ8A&p=
Host: storeedgefd.dsx.mp.microsoft.com
Connection: Keep-Alive 

Po spuštění aplikace teprve přichází na řadu přihlášení – zde je situace mírně složitější, protože Windows Store, aplikace Xbox a Hudba nejsou právě homogenní celek. Provotní autentizace (požadavek):

POST https://user.auth.xboxlive.com/user/authenticate HTTP/1.1
User-Agent: XBLWIN1.6
Accept: application/json
Accept-Charset: utf-8
Content-Type: application/json; charset=utf-8
X-XBL-build-version: current
X-Xbl-Contract-Version: 1
Accept-Language: cs-CZ
UA-CPU: AMD64
Accept-Encoding: gzip, deflate
Host: user.auth.xboxlive.com
Content-Length: 1047
Connection: Keep-Alive
Cache-Control: no-cache

{"RelyingParty":"http://auth.xboxlive.com","TokenType":"JWT","Properties":{"AuthMethod":"RPS","SiteName":"user.auth.xboxlive.com","RpsTicket":"t=EwCgAupvBAAUKods63Ys1fGlwiccIFJ+qE1hANsAAY0IPnm8c7UYju4eWWa0JRo0S37espJrCtC66tRulRiCCkvzSj70LW+yWYhgAuZfHYJ3HQnNF7HZCTJHRKg888DCXoCkYbIYM0iZ9D7eb3BVZUmUo/RSAaLSnu+P5rr/vNigdN7evzawHxBsi2IpNajA8m8gtuyT0E4TtpTG3S2/Phq8HOmmzH3oI3uYHcnTWE13teC2FnOtmQwkTyUhbN95GQlkLWgjfFboWzk05k7YcGMpIPtzogV0SXyCb40gWQZ9CckOZFTOAY3fNAMIA+lGCJ04uMwh/1325nJ6vgaOxRkJrS2A0IEr4O/hOxvSgdwKsgd+/XyXb9MgaoaPD5YDZgAACEtTKcBz4KpzcAE4LX5Q5y8d85WmRXBVyJIY1WDFmxQd23youra81s8S8+Q+3HkwPHQaMZrmd3bY//3jczvrALOgpvD5ijQjoYU4HR5hs2vxFwHYMpItJ1VgRA2NmVF/eyQ+gEtASv1l/4eqESdsfUiLRqifeygXG8ZkD2oyiVg2o1NAd5tW9irqelpHm+rveVIoe+NRTv1s2LbsYLCu/0hR5F6m98u3PXQ7+mrHktNhehFeRnbDB+CaqbkkoG3dB8cVFqhnwRdFNQ91gRD303Aj7piHiT71ayLtu/eW22D9mySTWv9d49fsH1tkckiF8XdJkvm+MTP2/95dhfMAOFf38aaTfQVdadThHmeuJHXUVmxLoP6thDx1506sC/sfFIYyWQ+vU3NIhjT/x14MoRxt3NbMmmrHuDyOv1xIFxgvm75QkLNoERF2KMEOvR6VkYDcYmKyBySIOmxvbC5Zi18JnwlxJlW1Y1JQTr65QDlKdFaSNS8D+ROPUp8B&p="}} 

S odpovědí:

{"IssueInstant":"2015-08-25T15:07:09.253826Z","NotAfter":"2015-09-08T15:07:09.253826Z","Token":"eyJlbmMiOiJBMTI4Q0JDK0hTMjU2IiwiYWxnIjoiUlNBLU9BRVAiLCJjdHkiOiJKV1QiLCJ6aXAiOiJERUYiLCJ4NXQiOiJxcEQtU2ZoOUg3NFFHOXlMN1hSZXJ5RmZvbk0ifQ.DllDx5gabb2W1f7IK9qRFLGltMdtTgoa2BzUZOD4_zGxn0EAYMx0Gw07uhEAa-ZfTt-ZDqU8erihhEgyqKh-z6zZxYCXfFFbBKAlwW4nJPhbGzqWOGEJqjG1CVwiisPXSzZTUHzptDtZ40WVcc6dNN4RbiWqbqmxBEylApLJB0v2YL4lAnJKRd_89-whFS-MiwxIusAwMTelShVYqn4_QK9atZARwpNzCVrkzFQNH21z-JaHXXYSS4LSnltpHxi-P-0u2MyVE9_Ix9_t8ZZ-46hSSwhS5Uiun9ZeEDrvqW9X3IZkg9t9P0PMF_YapGLoMurxmmwkO7dBMn1ezCIVDw.Xj5xVBO6UDH4lsghSJX2WQ.d_oupZvhK4B1jNtQwpxzHAc1urg1RhwF2PION0YCaiU2dsOImGVO4PFXl2UT3YCRBU75hqAAz3nIZhTp15Om3xDaFwhZzeNPH-hj6O0TdmRrxFjdJM6mEeKWoi6u2VGasxHeRxFUh3_CUW48m4JLE9pt2M7drblrlBBEQ35uTwiyjXdJGw12Rh41RNE3PBxxLnNXB73ZAmksgV4JRTZy-ZhwRe13EdAaUsCm3Qd0YqFQP-8X5FRMgcCQieWaQLWgiB-IPJyhXcR6m47z5jGwazyMcz3jNk6NtGFFMEIdol4rChnWRS1GNfsvTGV7SlqIzhrEd3nq9whQfeWf7xqAh-Y24U2QoMlFmOzxYk9Y6PrUULE1pyt5gYbhBWvcZOlFpdUZUlVVhznHaC_m4cwwThCFz_PUFFPz0O8qCjvE5sbmB3x1xM4kJEkD1R6viWMfI4JdeISaob3e6gvcw32b1FlNfX5urTdKG2hY-mmDxL3vyERDKp45oUKS6-jcalMV0CaNeM8q-HiRlCjOA2B-NE79MbG347mRjybjPnFXIxTZtZCdTkDcTauTGIlgAD4dzeGeCqdMKVY6SX3z6JhErEZ4JqlRWAEUyqm0t-WgtBMLQ63LT20sCN-DY7Ees-hUsNOBY7oObWMgzOVv-zPhbec9h_xh8izxT0AHG-OqFMkuuQUuxp2TGV9QSQ4ScvzoWaafOjfg7xEgNIziMgc-GX2nls_FQ1q40NLqOf9TrZbOHQgTJC2013CCQNhaRjy66FVCw1i6FnHqHlHCn2GDgg.LWUnxlVdx4qqcI_RKk9lGMhxOL8cc9fj-IdAs9EvcSg","DisplayClaims":{"xui":[{"uhs":"17342827387730684717"}]}} 

A relay:

POST https://xsts.auth.xboxlive.com/xsts/authorize HTTP/1.1
User-Agent: XBLWIN1.6
Accept: application/json
Accept-Charset: utf-8
Content-Type: application/json; charset=utf-8
X-XBL-build-version: current
X-Xbl-Contract-Version: 1
Accept-Language: cs-CZ
UA-CPU: AMD64
Accept-Encoding: gzip, deflate
Host: xsts.auth.xboxlive.com
Content-Length: 1445
Connection: Keep-Alive
Cache-Control: no-cache

{"RelyingParty":"http://xboxlive.com","TokenType":"JWT","Properties":{"UserTokens":["eyJlbmMiOiJASDI4Q1koů0hTMjU2IiwiYWxnIjoiUlNBLU9BRVAiLCJjdHkiOiJKV1QiLCJ6aXAiOiJERUYiLCJ4NXQiOiJxcEQtU2ZoOUg3NFFHOXlMN1hSZXJ5RmZvbk0ifQ.DllDx5gabb2W1f7IK9qRFLGltMdtTgoa2BzUZOD4_zGxn0EAYMx0Gw07uhEAa-ZfTt-ZDqU8erihhEgyqKh-z6zZxYCXfFFbBKAlwW4nJPhbGzqWOGEJqjG1CVwiisPXSzZTUHzptDtZ40WVcc6dNN4RbiWqbqmxBEylApLJB0v2YL4lAnJKRd_89-whFS-MiwxIusAwMTelShVYqn4_QK9atZARwpNzCVrkzFQNH21z-JaHXXYSS4LSnltpHxi-P-0u2MyVE9_Ix9_t8ZZ-46hSSwhS5Uiun9ZeEDrvqW9X3IZkg9t9P0PMF_YapGLoMurxmmwkO7dBMn1ezCIVDw.Xj5xVBO6UDH4lsghSJX2WQ.d_oupZvhK4B1jNtQwpxzHAc1urg1RhwF2PION0YCaiU2dsOImGVO4PFXl2UT3YCRBU75hqAAz3nIZhTp15Om3xDaFwhZzeNPH-hj6O0TdmRrxFjdJM6mEeKWoi6u2VGasxHeRxFUh3_CUW48m4JLE9pt2M7drblrlBBEQ35uTwiyjXdJGw12Rh41RNE3PBxxLnNXB73ZAmksgV4JRTZy-ZhwRe13EdAaUsCm3Qd0YqFQP-8X5FRMgcCQieWaQLWgiB-IPJyhXcR6m47z5jGwazyMcz3jNk6NtGFFMEIdol4rChnWRS1GNfsvTGV7SlqIzhrEd3nq9whQfeWf7xqAh-Y24U2QoMlFmOzxYk9Y6PrUULE1pyt5gYbhBWvcZOlFpdUZUlVVhznHaC_m4cwwThCFz_PUFFPz0O8qCjvE5sbmB3x1xM4kJEkD1R6viWMfI4JdeISaob3e6gvcw32b1FlNfX5urTdKG2hY-mmDxL3vyERDKp45oUKS6-jcalMV0CaNeM8q-HiRlCjOA2B-NE79MbG347mRjybjPnFXIxTZtZCdTkDcTauTGIlgAD4dzeGeCqdMKVY6SX3z6JhErEZ4JqlRWAEUyqm0t-WgtBMLQ63LT20sCN-DY7Ees-hUsNOBY7oObWMgzOVv-zPhbec9h_xh8izxT0AHG-OqFMkuuQUuxp2TGV9QSQ4ScvzoWaafOjfg7xEgNIziMgc-GX2nls_FQ1q40NLqOf9TrZbOHQgTJC2013CCQNhaRjy66FVCw1i6FnHqHlHCn2GDgg.LWUnxlVdx4qqcI_RKk9lGMhxOL8cc9fj-IdAs9EvcSg"],"SandboxId":"RETAIL"}} 

S odpovědí, která nám již vrací přezdívku v rámci Xbox a parciální nastavení profilu:

{"IssueInstant":"2015-08-25T15:07:10.5746909Z","NotAfter":"2015-08-25T23:07:10.5746909Z","Token":"eyJlbmMiOiJBMTI4Q0JDK0hTMjU2IiwiYWxnIjoiUlNBLU9BRVAiLCJjdHkiOiJKV1QiLCJ6aXAiOiJERUYiLCJ4NXQiOiIxZlVBejExYmtpWklFaE5KSVZnSDFTdTVzX2cifQ.DAUOoVir-tkhZ0LRLlr3Rs1CL8RiuDZbr_zefQEmRUIMtcfGn_rcFWFu_N33CWFHQ42Q-FS2HGH51O-3F0h2v3YgrV7DZJgOHpS__NowSKN7L7GQBkQ5gMvbmPVRx5m9Ai4dyNPqwTgJsR2hPast2oZDr89elmPmdd2nBwRiluc.WvTDVPYTL78vH3ssEPcQBg.sNd0eaW0RjE1ZgXzJbyFvDngCBsSBVc1cmut2val3cNqNdtFixuXxoB1TleFVKDIGGKifzRSoMTtHscxmxUWTRCeE1cUuLX-vQwDiPvdNJqiREl7Fkh8t4AfBhPqTvju3XNGYiLgrypoB-5mQDnyMKrbCHAlHaWGy5UOueHQ3MLaGyH-CX92X7T-4stD-66lec-bNmsFyf76cYNd20jSBzFG2o_q_LS0nOD5AYHCRgWH6XYYhX4ufj5fQPMbhw1YgMqKYbaWTegVNGR9KofDaDLyK7sC8px1cfinex15B8GAwP2_Jqw0jvtRgnPnN8CM2YwV9hdIzihZ6VOyFE5InEH0IV41Ca4xkGfn0U1bbBC4mlAB1teZ4jcXGTg4bgBt6GgHeWayEfmi2WnDIhq5nhkeiJXu2saVk4KsLamz2PdKa-wLoNsX_N54J4Wqr1qWmlmzjc4hWmgnNz6QLijDv4swTj-Cx3gtaA0NwxUTggNpFniLzETWI_g907hWAzW5faCd_iTQeC7-oewd4Xn67jFn5gMTI2vsI0jDq0jPOXsWIyuj0c7DLDhXgum9WhX-01Isvs9kMjyu5uTCJ7h_mcy3i9z-Yd5CqK2tPEtxdEBZleKfspMN87GZ143tncj5MKBwbC-StiQIdvlhTEAoxDk7bE3ZbfbEMSybZvKSkzpuQBHB6lfWwSXgEbYJYNUM-M5f0grGzrO60KP3D1Rc1mS8DxCO9GGL2Rsw08W9rbQGDXDCnF6BLem-dsEa1lNu8NfZ12hRqQ61T0T2X1XD9v-tj-tLyHs94k0maCB7WzbP2cc9_mOVd_BHbjy7kQg2xehmg6ekhKQeUh0pDpmfjhwvCARV53JJOxyIsvz_4DIfng1xUVoqrj_OxrJTV4M-N2fhwJWa9m-QV3YmBRooxXWAipWlHzAATy0x3kXNCQwmbgzoex8eC4qdGePtkZP3MvPqe3WW3NxEuQ5Ee52GbEYw-hlfwEIKH4j96XuXapS72nHf6lHVtGd1grw16H57KHIoaBFu46c7NohHAe9JSsQaeMPdFZ2RHanTKcE9U4IzzCZxaIOAgS_i5MLSEAoyMzRx4xcIgdYk19b5pPqAjBVqnfh09rYk0N5Aiz6lqm9aynrxXHpwXhTXA60OtLllwPmcbhe66ot0DMOqPIuvYjJ8llQZhfC6YqcGwZcJVnnJHiDYQQ-P687FLUCiFK310KhRphBvGVhWINrU-S4Z6Q.awJvuNo9nbX4MjCf31hQ21qyMIr5Mji9DGLHS84Lfpk","DisplayClaims":{"xui":[{"agg":"Adult","gtg":"Player123456789","prv":"191 193 196 199 200 201 204 205 206 208 211 217 220 224 227 228 235 238 245 247 249 252 254 255","xid":"2533274988001510","uhs":"17342827387730684717"}]}} 

Nyní se dostáváme k načtení profilu:

GET https://accounts.xboxlive.com/users/current/profile HTTP/1.1
User-Agent: XBLWIN1.6
Accept: application/json
Accept-Charset: utf-8
Authorization: t=EwCgAl8iAQAUwB546r34efg6re54l/78mkmOo8YMibAYQAAbdr01z2sEGupoVVY+NsyJyTrM7p/o39ZddvnIrKp6IM07tzNRaR2exPMCYf3AtGuEG1W/Zkuq3VQ1tomfru9yueSSXK++37fbQGVde6MJ2BGw9wAyWHO13gjscKt59zOrACD5UCwM+yIrdALEwSnhoj82uRzkuOquo6OAkAVnwPYkBmskwYDoyD4CekHCzMK+PfWwj3XgKlkzB9On1QaahAildd1H83wF8MvgMaq4gw6gIQXbUN1+aGHP6HDhi76WPyDUGwegBsWf1kfBwgfzYWbHqBigkfdrQQ4l2IG0F+c1AAwyUGgTWiwnX6zfr49KqvJY0R8k/LWyfDNvOjHKUDZgAACMVcw1B3XkPmcAEPoJIASbjnuoqSE71lzBBIz2dU0G0/LrLeSufv2/TLPyQp/idricwvj1tKksT5D5d3w/4cnTfCa2QTMT3jJ4czwUSyaECmdnI3sDgsIjSdkCnN2wnf5Cn7CObapiQjdUHNKk3iNbqhwoKLt9dGSqUz1qXjV8RfP3x9Ir/x4Ez7cRg31y7zIzdUejDUTu5nJpuCiLQ/0G9OpPObeWEtWbsQ+OuCeyWjOwl6mG9HV92mIuQTlHhnPtrlgReqHqA+7FQI+iRRam5Twf6IiFX/SWNFLDSTNj2D8X3TpNm8XPx/nyZ+2tdn0nF8nR2FLIgqzJwlaI/s/2GqlZU1twCBXSLsmDQqPpwDIaa8uU2UG4olHF8GkVVH9reiAhvreveNamCjKLUXyj3/vpca179Fon0NuuC+wkzbAcmB9iB0G95oWRJX3gPHalmjV/bgPfGtF0BTdisM14+jG00CaUhA5TCAMWmf+bIh+M5eznbvYj9q1p8B&p=
X-XBL-Correlation-Id: 39E0856E-73C3-467E-86C0-26A66F5C4D33
X-Xbl-Contract-Version: 1
Accept-Language: cs-CZ
UA-CPU: AMD64
Accept-Encoding: gzip, deflate
Host: accounts.xboxlive.com
Connection: Keep-Alive 

Odpověď serveru nám již vrací nastavení profilu MS účtu a jeho vazby:

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Length: 469
Content-Type: application/json
X-Content-Type-Options: nosniff
X-XblCorrelationId: 9c87870b-da84-4540-a6e2-eedb4ebfe63c
Access-Control-Max-Age: 604800
Access-Control-Allow-Origin:
Access-Control-Allow-Headers: X-Xbl-Contract-Version,X-Xbl-Correlation-Id,X-XblCorrelationId,Transaction-Guid,Authorization,Xbl-Authz-Actor-10,Accept,Content-Type,X-XBL-ClientType
Access-Control-Allow-Methods: GET,POST,PUT
Date: Tue, 25 Aug 2015 15:07:11 GMT

{"dateOfBirth":"1984-05-07T00:00:00","email":"jiri.bartos@test.tst","firstName":"Jiří","gamerTag":"Player1234567989","homeAddressInfo":{"street1":null,"street2":null,"city":null,"state":null,"postalCode":null,"country":"CZ"},"isAdult":true,"lastName":"Bartoš","locale":"cs-CZ","msftOptin":false,"ownerPuid":914697373898715,"partnerOptin":false,"puid":914800973888715,"touAcceptanceDate":"2015-08-24T13:38:36.65","xuid":2533274854901510,"gamerTagChangeReason":null} 

Ihned poté proběhne stažení informací o předplatném:

POST https://musicdelivery-ssl.xboxlive.com/v1.0/cs-CZ/user/signin HTTP/1.1
User-Agent: XBLWIN1.6
Accept: application/xml
Accept-Charset: utf-8
Authorization: t=EwCgAl8iAQAUwB546r34efg6re54l/78mkmOo8YMibAYQAAbdr01z2sEGupoVVY+NsyJyTrM7p/o39ZddvnIrKp6IM07tzNRaR2exPMCYf3AtGuEG1W/Zkuq3VQ1tomfru9yueSSXK++37fbQGVde6MJ2BGw9wAyWHO13gjscKt59zOrACD5UCwM+yIrdALEwSnhoj82uRzkuOquo6OAkAVnwPYkBmskwYDoyD4CekHCzMK+PfWwj3XgKlkzB9On1QaahAildd1H83wF8MvgMaq4gw6gIQXbUN1+aGHP6HDhi76WPyDUGwegBsWf1kfBwgfzYWbHqBigkfdrQQ4l2IG0F+c1AAwyUGgTWiwnX6zfr49KqvJY0R8k/LWyfDNvOjHKUDZgAACMVcw1B3XkPmcAEPoJIASbjnuoqSE71lzBBIz2dU0G0/LrLeSufv2/TLPyQp/idricwvj1tKksT5D5d3w/4cnTfCa2QTMT3jJ4czwUSyaECmdnI3sDgsIjSdkCnN2wnf5Cn7CObapiQjdUHNKk3iNbqhwoKLt9dGSqUz1qXjV8RfP3x9Ir/x4Ez7cRg31y7zIzdUejDUTu5nJpuCiLQ/0G9OpPObeWEtWbsQ+OuCeyWjOwl6mG9HV92mIuQTlHhnPtrlgReqHqA+7FQI+iRRam5Twf6IiFX/SWNFLDSTNj2D8X3TpNm8XPx/nyZ+2tdn0nF8nR2FLIgqzJwlaI/s/2GqlZU1twCBXSLsmDQqPpwDIaa8uU2UG4olHF8GkVVH9reiAhvreveNamCjKLUXyj3/vpca179Fon0NuuC+wkzbAcmB9iB0G95oWRJX3gPHalmjV/bgPfGtF0BTdisM14+jG00CaUhA5TCAMWmf+bIh+M5eznbvYj9q1p8B&p=
Content-Type: application/xml; charset=utf-8
Accept-Language: cs-CZ
UA-CPU: AMD64
Accept-Encoding: gzip, deflate
Host: musicdelivery-ssl.xboxlive.com
Content-Length: 356
Connection: Keep-Alive
Cache-Control: no-cache

<SignInRequest xmlns:i='http://www.w3.org/2001/XMLSchema-instance' xmlns='http://schemas.zune.net/commerce/2009/01'>
  <TunerDrmType>PlayReady</TunerDrmType>
  <TunerInfo>
    <ID>S-1-5-21-1913819417-4240262745-0355323815</ID>
    <Name>TheSurface</Name>
    <Type>XBLWINClient</Type>
    <Version>1.6.1206</Version>
  </TunerInfo>
</SignInRequest> 

Odpověď je v našem případě poněkud prázdná (předplatné nemáme):

<SignInResponse xmlns="http://schemas.zune.net/commerce/2009/01" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><AccountInfo><GamerTag>Player344868749</GamerTag><Xuid>2533274988001510</Xuid><Language>cs</Language><Country>CZ</Country></AccountInfo><SubscriptionInfo><SubscriptionEnabled>false</SubscriptionEnabled></SubscriptionInfo></SignInResponse> 

Aplikace si následně vyžádá informace o kolekcích v kategoriích „Movie“, „TVEpisode“, „TVShow“, „TVSeason“, „TVSeries“:

POST https://collections.md.mp.microsoft.com/v6.0/collections/query HTTP/1.1
User-Agent: XBLWIN1.6
Accept: application/json
Accept-Charset: utf-8
Content-Type: application/json; charset=utf-8
MS-CV: rhx77n6O/E2pEk7d.1.1
Accept-Language: cs-CZ
UA-CPU: AMD64
Accept-Encoding: gzip, deflate
Host: collections.md.mp.microsoft.com
Content-Length: 1157
Connection: Keep-Alive
Cache-Control: no-cache

{"beneficiaries":[{"identityType":"Msa","identityValue":"t=EwCgAl8iAQAUwBD19kUhypl\/78mkmOo8YMibAYQAATvvjyHRys9NiRqNs7GkNFYEFmEBUvS9PmTHj\/QRkzNlzVXSNtDZODdwm2yMEygETKPYmmCBN7w\/FtR5O7d8ydDb2SjyH6VBdMuM4FISq1FVliU\/YjzFUKQDmnRxlK+CFPO8UmmLFMDHURmMPi+klbA2\/Sq3gbYUOaegEVCZ9RG7P+lMtmlKvhR6ntQAOF4ClqfZgiL+9S1Xq\/YuzEQI+C1aU52rBxgL4f0Fng6CnCaf6JwyCY1FN4saNmKM\/UM5vPWfkffEPinYszqC3a3uDRpMA6AV77RqICq+ChelawECDKP3B1OYowS\/CXBwxBBQx\/e57q3xEzb3AaWf3x8yaJMDZgAACDI6WKInTaEvcAFpzQ6e8IWEKrUFDHmcvJwDmEuwvusX8PabE34uIpdoFbwqmQZIhgzeCYgxrwGuIr\/gsH5zI8xjcLfmnZhjxjyAiO0q7BJf\/MO0kQ81n3BBGItO3kNDRgxrUUNmt7lKvaNAk399oH7zMQVjRfTpDFphhtWbHlTyeFOu5Al3UnvsJgbSrY0tbkzTJuY29WC\/9DLsLWtvnRqdXnYjqCz3zrCBGlqZXl2uvFaK4ZbkhpPIxBGHOoBfEC3dLwiC7+EKRNVTNn4ysmM7eUmZCJ0NbCR8OlKbT65AEyBRpMWqdv12p44gsI8f3ADZY8wQA902EjhusHUUCN3FVFHvj\/17kVNlhYXFsbSlcHPMWI+BaTkZlR+2YNJZwx3KcHU0IcdivqCI53EeuOBsdOjqvjcPkybEfteGzsHakO+3NJk4FMb7SgrCzaEu4c5FS3sq4lRKKpPe7bjbQd9sKr9o1j+D8iLMDVm9OLIwLjFDyO8XbCq8Wp8B&p=","localTicketReference":"user1"}],"expandSatisfyingItems":true,"market":"CZ","validityType":"Valid","maxPageSize":50,"productTypes":["Movie","TVEpisode","TVShow","TVSeason","TVSeries"]} 

Odpověď je podobná našemu předplatnému – žádné kolekce nemáme:

{"items":[]} 

Zde je vhodné se zastavit. V různých diskuzích se objevovala informace, že jsou odesílány i informace o čistě lokálně uložených date nebo dokonce tato data. I přesto, že jsem do aplikace Hudba a Video vložil několik videí a mp3 souborů a vytvořil několik kolekcí právě z těchto lokálních souborů, žádná komunikace, která by je obsahovala, se za celé 4 dny testování neobjevila. Dokonce i tato odpověď {"items":[]} zůstává nadále stejná.

Alikace Windows Store poté vyžaduje informace o historii nákupů (v našem případě je to opět prázdná množina – aplikace zdarma se do seznamu nezapočítávají na rozdíl od jiných platforem):

POST https://musicdelivery-ssl.xboxlive.com/v3/cs-CZ/music/user/purchasehistory HTTP/1.1
User-Agent: XBLWIN1.6
Accept: application/json
Accept-Charset: utf-8
Authorization: t=EwCgAl8iAQAUwB546r34efg6re54l/78mkmOo8YMibAYQAAbdr01z2sEGupoVVY+NsyJyTrM7p/o39ZddvnIrKp6IM07tzNRaR2exPMCYf3AtGuEG1W/Zkuq3VQ1tomfru9yueSSXK++37fbQGVde6MJ2BGw9wAyWHO13gjscKt59zOrACD5UCwM+yIrdALEwSnhoj82uRzkuOquo6OAkAVnwPYkBmskwYDoyD4CekHCzMK+PfWwj3XgKlkzB9On1QaahAildd1H83wF8MvgMaq4gw6gIQXbUN1+aGHP6HDhi76WPyDUGwegBsWf1kfBwgfzYWbHqBigkfdrQQ4l2IG0F+c1AAwyUGgTWiwnX6zfr49KqvJY0R8k/LWyfDNvOjHKUDZgAACMVcw1B3XkPmcAEPoJIASbjnuoqSE71lzBBIz2dU0G0/LrLeSufv2/TLPyQp/idricwvj1tKksT5D5d3w/4cnTfCa2QTMT3jJ4czwUSyaECmdnI3sDgsIjSdkCnN2wnf5Cn7CObapiQjdUHNKk3iNbqhwoKLt9dGSqUz1qXjV8RfP3x9Ir/x4Ez7cRg31y7zIzdUejDUTu5nJpuCiLQ/0G9OpPObeWEtWbsQ+OuCeyWjOwl6mG9HV92mIuQTlHhnPtrlgReqHqA+7FQI+iRRam5Twf6IiFX/SWNFLDSTNj2D8X3TpNm8XPx/nyZ+2tdn0nF8nR2FLIgqzJwlaI/s/2GqlZU1twCBXSLsmDQqPpwDIaa8uU2UG4olHF8GkVVH9reiAhvreveNamCjKLUXyj3/vpca179Fon0NuuC+wkzbAcmB9iB0G95oWRJX3gPHalmjV/bgPfGtF0BTdisM14+jG00CaUhA5TCAMWmf+bIh+M5eznbvYj9q1p8B&p=
Content-Type: application/json; charset=utf-8
Accept-Language: cs-CZ
UA-CPU: AMD64
Accept-Encoding: gzip, deflate
Host: musicdelivery-ssl.xboxlive.com
Content-Length: 192
Connection: Keep-Alive
Cache-Control: no-cache

{"AlbumCollapsingPolicy":"GetAlbumAndTracks","ContentType":"track","TunerInfo":{"ID":"S-1-5-21-1913819417-4240262745-0355323815","Name":"TheSurface","Type":"Windows10PC","Version":"1.6.1206"}}

Odpověď:
{"NextHistoryToken":"MTswOzEwMDs=","PurchaseHistoryItems":null,"ResultsRemaining":false} 

Jak jsem uvedl, Windows Store a Xbox není právě homogenní prostředí. Při spuštění aplikace Xbox tedy dochází k další komunikaci, kterou jinak neuvidíme. Nejprve se provede stažení seznamu her, které nabízí (jedná se v zásadě o úvodní obrazovku z Windows Store):

GET https://pcshellapptile.xboxlive.com/kgsl/KnownGameList.bin HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240
Host: pcshellapptile.xboxlive.com
Connection: Keep-Alive 

Na rozdíl od úvodní obrazovky Windows Store nedostaneme obrázky a texty, ale binární „blob“. I tak je je z něho jasné, co obsahuje. Výsek souboru:

0hX0EB8BD08.BigBusinessDeluxe_erk4rrwmt7jyt!app____0\N0EB8BD08.CloudRaiders_erk4rrwmt7jyt!app___0dT0EB8BD08.MirrorsofAlbion_erk4rrwmt7jyt!app____0XH0EB8BD08.TheTribez_erk4rrwmt7jyt!app____0l^13392DLightGames.DelightGames_6va8w15ysny46!app___0|n13392DLightGames.WizardsChoiceVolume1_6va8w15ysny46!app___0�r13462RainbowGames.RushforGoldAlaskafull_dkfa1tbzap3m4!app___0td15227CandySolitaireGameFu.Sudoku_0cnqhgfjqzqv6!app____0tf170978Bits.MahjongSolitaireDeluxe_pwbzhfqcfezqy!app___0dT1ED5AEA5.AngryBirdsBlack_p2gbknwb5d8r2!app____0dT1ED5AEA5.AngryBirdsSpace_p2gbknwb5d8r2!app 

Stejně jako v případě Windows Store provede aplikace načtení profilu:

GET https://profile.xboxlive.com/users/me/profile/settings?settings=GameDisplayPicRaw,Gamerscore,Gamertag,AccountTier,XboxOneRep,PreferredColor,RealName,Bio,TenureLevel,Watermarks,Location,ShowUserAsAvatar HTTP/1.1
x-xbl-contract-version: 3
Accept-Encoding: gzip; q=1.0, deflate; q=0.5, identity; q=0.1
X-ClientCorrelationId: -3438118090927973291
x-xbl-contentrestrictions: eyJ2ZXJzaW9uIjoyLCJkYXRhIjp7Imdlb2dyYXBoaWNSZWdpb24iOiJDWiIsIm1heEFnZVJhdGluZyI6MCwicHJlZmVycmVkQWdlUmF0aW5nIjowLCJyZXN0cmljdFByb21vdGlvbmFsQ29udGVudCI6ZmFsc2V9fQ==
Signature: AAAAAQHQ30fVtrfjNJU9iWBe5xmKPXWTJWfQ1bmtMzGBw1dOb+Y7AZU7ppQ2nFwntx5mPC0AFY72xgWOxVcjKqgmVFxze0RjFhei/w==
Cache-Control: no-store, must-revalidate, no-cache
Accept: application/json
PRAGMA: no-cache
Accept-Language: cs, en-GB, en
Authorization: XBL3.0 x=16976761495610091802;eyJlbmMiOiJBMTI4Q0JDK0hTMjU2IiwiYWxnIjoiUlNBLU9BRVAiLCJjdHkiOiJKV1QiLCJ6aXAiOiJERUYiLCJ4NXQiOiIxZlVBejExYmtpWklFaE5KSVZnSDFTdTVzX2cifQ.K9OLw_EQdSAyCMnFjDwSJSz_VwodRvhJr6L5SAb4u_o8Yq-GGua_kT6jfgiCYMnrAL0Rctj40gb9328PvAFZY4rUNWf5MALE6PGnJCAu7-ggSpGPDanDdpxWl70_Oa4Z3KHzkPsKFQoAVTaR-r-uFbAmAquw9US4CtK8p5Y8VUc.8li5DrRtjsfrW10qdG8XGA……………………………………………………WIcRSGnl8FZrahGGjPGbGZr2iO9BLpCe8wcLzlPZsALRW2OdcEQum41llG5kST6oKtHiR4tDJd5a8.9mRLqnX2Wx0ogpJoXtQ0VRvcwmbBxvpET2pc73lGpOk
Host: profile.xboxlive.com
Connection: Keep-Alive 

V odpovědi získáme informace o uživatelském profilu v rámci služby Xbox (tedy přezdívku, ranking, obrázek profilu apod.):

{"profileUsers":[{"id":"2533274999781510","hostId":null,"settings":[{"id":"GameDisplayPicRaw","value":"http://images-eds.xboxlive.com/image?url=z951ykn43p4FqWbbFvR2Ec.8vbDhj8G2Xe7JngaTToBrrCmIEEXHC9UNrdJ6P7KI6TRSO7kB1LAmJSmUVW5wJqn2n6xd9r5UHGMgD0o0KoOwHN61vlgC862huSRkTjhm&background=0xababab&mode=Padding&format=png"},{"id":"Gamerscore","value":"170"},{"id":"Gamertag","value":"Player123456789"},{"id":"AccountTier","value":"Silver"},{"id":"XboxOneRep","value":"GoodPlayer"},{"id":"PreferredColor","value":"http://dlassets.xboxlive.com/public/content/ppl/colors/00000.json "},{"id":"RealName","value":""},{"id":"Bio","value":""},{"id":"TenureLevel","value":"0"},{"id":"Watermarks","value":""},{"id":"Location","value":""},{"id":"ShowUserAsAvatar","value":"1"}],"isSponsoredUser":false}]} 

Vzhledem k možnostem, které existují, provádí aplikace Xbox synchronizace profilu a kontrolu změn zbytečně komplikovaně (zvláštně, vezme-li v potaz jak toho dosahují jiné služby MS):

GET http://dlassets.xboxlive.com/public/content/ppl/colors/00000.json HTTP/1.1
x-xbl-contract-version: 3
Accept-Encoding: gzip; q=1.0, deflate; q=0.5, identity; q=0.1
X-ClientCorrelationId: 2552067468927994991
x-xbl-contentrestrictions: eyJ2ZXJzaW9uIjoyLCJkYXRhIjp7Imdlb2dyYXBoaWNSZWdpb24iOiJDWiIsIm1heEFnZVJhdGluZyI6MCwicHJlZmVycmVkQWdlUmF0aW5nIjowLCJyZXN0cmljdFByb21vdGlvbmFsQ29udGVudCI6ZmFsc2V9fQ==
Cache-Control: no-store, must-revalidate, no-cache
Accept: application/json
PRAGMA: no-cache
Accept-Language: cs, en-GB, en
Host: dlassets.xboxlive.com
If-Modified-Since: Fri, 04 Oct 2013 04:52:13 GMT
If-None-Match: "a343e82d089ea101afdd6e36360c31c0:1380864347"
Connection: Keep-Alive 

Odpověď je v našem případě jednoduchá, „beze změn“:

Vzhledem k případné rodičovské kontrole nebo limitacím účtu si aplikace vyžádá stažení a kontrolu oprávnění:
GET https://accounts.xboxlive.com/family/memberXuid(2533274988001510) HTTP/1.1
x-xbl-contract-version: 3
Accept-Encoding: gzip; q=1.0, deflate; q=0.5, identity; q=0.1
X-ClientCorrelationId: -7395213633702652353
x-xbl-contentrestrictions: eyJ2ZXJzaW9uIjoyLCJkYXRhIjp7Imdlb2dyYXBoaWNSZWdpb24iOiJDWiIsIm1heEFnZVJhdGluZyI6MCwicHJlZmVycmVkQWdlUmF0aW5nIjowLCJyZXN0cmljdFByb21vdGlvbmFsQ29udGVudCI6ZmFsc2V9fQ==
Signature: AAAAAQHQ30fW7KpVA8wyZW6FAwcfWiEj07GYQguce7IWNCtf/0IaDxFUcbIaCULZniR3iD/GUx2pcTSjdbpqzwBkv5otSnUSq/rmLQ==
Cache-Control: no-store, must-revalidate, no-cache
Accept: application/json
PRAGMA: no-cache
Accept-Language: cs, en-GB, en
Authorization: XBL3.0 x=16976761495610091802;eyJlbmMiOiJBMTI4Q0JDK0hTMjU2IiwiYWxnIjoiUlNBLU9BRVAiLCJjdHkiOiJKV1QiLCJ6aXAiOiJERUYiLCJ4NXQiOiIxZlVBejExYmtpWklFaE5KSVZnSDFTdTVzX2cifQ.K9OLw_EQdSAyCMnFjDwSJSz_VwodRvhJr6L5SAb4u_o8Yq-GGua_kT6jfgiCYMnrAL0Rctj40gb9328PvAFZY4rUNWf5MALE6PGnJCAu7-ggSpGPDanDdpxWl70_Oa4Z3KHzkPsKFQoAVTaR-r-uFbAmAquw9US4CtK8p5Y8VUc.8li5DrRtjsfrW10qdG8XGA.MCuxR04KtabuxWGnnOggsdkM9LTC8D3gsMuyJqvmSXNQMVYOy53bXhoQEjnAbKo5ec2i5-4OK0BQc07zzPM6318XRFbIdDuAEV8-v3V40sd3bFefcYXy6kXz6QNy7OJXpp_3uQsiPw01lam7uhZ_RbxFkCm-……………………………………………………………………WIcRSGnl8FZrahGGjPGbGZr2iO9BLpCe8wcLzlPZsALRW2OdcEQum41llG5kST6oKtHiR4tDJd5a8.9mRLqnX2Wx0ogpJoXtQ0VRvcwmbBxvpET2pc73lGpOk
Host: accounts.xboxlive.com
Connection: Keep-Alive 

Odpovědí je informace o opravdovém uživateli (nikoli herním avataru jako v předchozím případě):

{"familyId":"aa2ca962-b7c7-46bc-8131-557a39abd0ee","familyUsers":[{"userId":"4a6c400d-b9f3-4e4c-9104-d1320c9f3ad0","email":"jiri.bartos@test.tst","firstName":"Jiří","lastName":"Bartoš","imageUrl":"https://cid-70fa24dd0ec43173.users.storage.live.com/users/0x70fa24dd0ec43173/myprofile/expressionprofile/profilephoto:Win8Static/UserTile?ck=1&ex=24","gamerTag":"Player123456789","xuid":"2533274988001599","role":"Admin","canViewRestrictedContent":true,"canViewTVAdultContent":false,"activityReporting":false,"contentExceptions":[],"maturityLevel":255,"webFilteringLevel":"Off","webFilteringExceptions":[],"allowPurchaseAndDownloads":"FreeAndPaid"}]} 

Jak je asi všem jasné, účet jsem sice anonymizoval (pro všechny případy), ale i tak vznikl v zásadě jen pro testování – sám jsem překvapen, že musím explicitně povolit ViewTVAdultContent a není ve výchozím stavu nastaveno logování aktivity.

Následuje stahování dat k různým podpůrným službám Xbox, jako je stažení propojených kontaktů a informací ze sociální sítě. Příklad:

GET https://peoplehub.xboxlive.com/users/me/people/social/decoration/multiplayersummary,preferredcolor HTTP/1.1
x-xbl-client-type: UWA
x-xbl-contract-version: 1
Accept-Encoding: gzip; q=1.0, deflate; q=0.5, identity; q=0.1
X-ClientCorrelationId: 6943924978508256051
x-xbl-contentrestrictions: eyJ2ZXJzaW9uIjoyLCJkYXRhIjp7Imdlb2dyYXBoaWNSZWdpb24iOiJDWiIsIm1heEFnZVJhdGluZyI6MjU1LCJwcmVmZXJyZWRBZ2VSYXRpbmciOjI1NSwicmVzdHJpY3RQcm9tb3Rpb25hbENvbnRlbnQiOmZhbHNlfX0=
Signature: AAAAAQHQ30fbN8oLvyvkE814jMsbuTGcauZ1Buc/w/BMQWPTSeduMqJ5pgcrPSAdSnuKTnaB76PdgtojmudRxn2ndbj+Ojz7UptPSA==
Cache-Control: no-store, must-revalidate, no-cache
Accept: application/json
x-xbl-client-name: XboxApp
PRAGMA: no-cache
Accept-Language: cs, en-GB, en
Authorization: XBL3.0 x=16976761495610091802;eyJlbmMiOiJBMTI4Q0JDK0hTMjU2IiwiYWxnIjoiUlNBLU9BRVAiLCJjdHkiOiJKV1QiLCJ6aXAiOiJERUYiLCJ4NXQiOiIxZlVBejExYmtpWklFaE5KSVZnSDFTdTVzX2cifQ.K9OLw_EQdSAyCMnFjDwSJSz_VwodRvhJr6L5SAb4u_o8Yq-GGua_kT6jfgiCYMnrAL0Rctj40gb9328PvAFZY4rUNWf5MALE6PGnJCAu7-ggSpGPDanDdpxWl70_Oa4Z3KHzkPsKFQoAVTaR-r-uFbAmAquw9US4CtK8p5Y8VUc.8li5DrRtjsfrW10qdG8XGA.MCuxR04KtabuxWGnnOggsdkM9LTC8D3gsMuyJqvmSXNQMVYOy53bXhoQEjnAbKo5ec2i5-4OK0BQc07zzPM6318XRFbIdDuAEV8-v3V40sd3bFefcYXy6kXz6QNy7OJXpp_3uQsiPw01lam7uhZ_RbxFkCm-GaMpQ86hfW8mhIn9RsWNzUkoIKwN73DABY6f6ityVzDsMrxDfAA1M3rJGYgkbqk2GAq-………………………………………………… 3_d56RRJhfpcRwh5wktd459hV8ZXrL-kS0A-kHlgXyZEwpnR_c60ZtanIhrcBuTRhvPx9SCwtwhjgmzkmcVi8OM7to-WIcRSGnl8FZrahGGjPGbGZr2iO9BLpCe8wcLzlPZsALRW2OdcEQum41llG5kST6oKtHiR4tDJd5a8.9mRLqnX2Wx0ogpJoXtQ0VRvcwmbBxvpET2pc73lGpOk
Host: peoplehub.xboxlive.com
Connection: Keep-Alive 

Odpověď je podobná ostatním – neznám žádné lidi (mám poruchu osobnosti?):

{"people":[]} 

Samozřejmostí je vyžádání seznamu vlastněných aplikací a jejich ratingů, apod:

GET https://titlehub.xboxlive.com/users/xuid(2533274988001510)/titles/titlehistory/decoration/achievement,friendswhoplayed HTTP/1.1
x-xbl-client-type: UWA
x-xbl-contract-version: 2
Accept-Encoding: gzip; q=1.0, deflate; q=0.5, identity; q=0.1
X-ClientCorrelationId: -3789914159588974287
x-xbl-contentrestrictions: eyJ2ZXJzaW9uIjoyLCJkYXRhIjp7Imdlb2dyYXBoaWNSZWdpb24iOiJDWiIsIm1heEFnZVJhdGluZyI6MjU1LCJwcmVmZXJyZWRBZ2VSYXRpbmciOjI1NSwicmVzdHJpY3RQcm9tb3Rpb25hbENvbnRlbnQiOmZhbHNlfX0=
Signature: AAAAAQHQ30fb1gcRH9mTlkMHKOileRCl2J7du+wO50pdwbQGLnAMmcmyPHLqqOcJjDbVL0SStONzG+7j47tIdlx3n/5LlQPPq0wbBw==
Cache-Control: no-store, must-revalidate, no-cache
Accept: application/json
x-xbl-client-name: XboxApp
PRAGMA: no-cache
Accept-Language: cs, en-GB, en
Authorization: XBL3.0 x=16976761495610091802;eyJlbmMiOiJBMTI4Q0JDK0hTMjU2IiwiYWxnIjoiUlNBLU9BRVAiLCJjdHkiOiJKV1QiLCJ6aXAiOiJERUYiLCJ4NXQiOiIxZlVBejExYmtpWklFaE5KSVZnSDFTdTVzX2cifQ.K9OLw_EQdSAyCMnFjDwSJSz_VwodRvhJr6L5SAb4u_o8Yq-GGua_kT6jfgiCYMnrAL0Rctj40gb9328PvAFZY4rUNWf5MALE6PGnJCAu7-ggSpGPDanDdpxWl70_Oa4Z3KHzkPsKFQoAVTaR-r-uFbAmAquw9US4CtK8p5Y8VUc.8li5DrRtjsfrW10qdG8XGA.MCuxR04KtabuxWGnnOggsdkM9LTC8D3gsMuyJqvmSXNQMVYOy53bXhoQEjnAbKo5ec2i5-4OK0BQc07zzPM6318XRFbIdDuAEV8-v3V40sd3bFefcYXy6kXz6QNy7OJXpp_3uQsiPw01lam7uhZ_RbxFkCm-GaMpQ86hfW8mhIn9RsWNzUkoIKwN73DABY6f6ityVzDsMrxDfAA1M3rJGYgkbqk2GAq-………………………………………………… 3_d56RRJhfpcRwh5wktd459hV8ZXrL-kS0A-kHlgXyZEwpnR_c60ZtanIhrcBuTRhvPx9SCwtwhjgmzkmcVi8OM7to-WIcRSGnl8FZrahGGjPGbGZr2iO9BLpCe8wcLzlPZsALRW2OdcEQum41llG5kST6oKtHiR4tDJd5a8.9mRLqnX2Wx0ogpJoXtQ0VRvcwmbBxvpET2pc73lGpOk
Host: titlehub.xboxlive.com
Connection: Keep-Alive 

Odpověď je již poněkud ucelenější – Xbox bere v potaz i neplacené hry:

{"xuid":"2533274977001599","titles":[{"titleId":"1196757907","pfn":null,"bingId":null,"name":"Gun Bros","type":"Game","devices":["Mobile"],"displayImage":"https://live.xbox.com/consoleAssets/47551393/cs-CZ/largeboxart.jpg","mediaItemType":"Game","modernTitleId":null,"achievement":{"currentAchievements":0,"totalAchievements":20,"currentGamerscore":0,"totalGamerscore":200,"progressPercentage":0.0,"sourceVersion":1},"images":null,"titleHistory":{"lastTimePlayed":"2015-05-16T14:43:50.083Z"},"detail":null,"friendsWhoPlayed":{"people":[],"currentlyPlayingCount":0,"havePlayedCount":0},"alternateTitleIds":null,"contentBoards":null},{"titleId":"1297287736","pfn":"Microsoft.Taptiles_8wekyb3d8bbwe","bingId":null,"name":"Taptiles","type":"Game","devices":["PC"],"displayImage":"http://store-images.microsoft.com/image/apps.41137.9007199266251910.27aa9f20-490d-4306-8348-7f9c474a31d7.d6aa3072-8aaa-4d54-9160-951e754cfc45","mediaItemType":"Application","modernTitleId":null,"achievement":{"currentAchievements":8,"totalAchievements":23,"currentGamerscore":80,"totalGamerscore":215,"progressPercentage":37.0,"sourceVersion":1},"images":null,"titleHistory":{"lastTimePlayed":"2015-05-11T14:28:28.663Z"},"detail":null,"friendsWhoPlayed":{"people":[],"currentlyPlayingCount":0,"havePlayedCount":0},"alternateTitleIds":null,"contentBoards":null},{"titleId":"1297292158","pfn":"Microsoft.AlphaJax_8wekyb3d8bbwe","bingId":null,"name":"AlphaJax","type":"Game","devices":["PC"],"displayImage":"http://store-images.microsoft.com/image/apps.26473.9007199266248323.be6baa9d-0e0d-4ad4-98ea-eb9894ed35f6.2cd42985-e107-436f-83f5-486a18540508","mediaItemType":"Application","modernTitleId":null,"achievement":{"currentAchievements":0,"totalAchievements":20,"currentGamerscore":0,"totalGamerscore":200,"progressPercentage":0.0,"sourceVersion":1},"images":null,"titleHistory":{"lastTimePlayed":"2014-01-31T15:22:13.153Z"},"detail":null,"friendsWhoPlayed":{"people":[],"currentlyPlayingCount":0,"havePlayedCount":0},"alternateTitleIds":null,"contentBoards":null},{"titleId":"827069329","pfn":null,"bingId":null,"name":"Angry Birds Classic","type":"Game","devices":["Mobile"],"displayImage":"https://live.xbox.com/consoleAssets/314C1391/cs-CZ/largeboxart.jpg","mediaItemType":"Game","modernTitleId":null,"achievement":{"currentAchievements":4,"totalAchievements":20,"currentGamerscore":40,"totalGamerscore":200,"progressPercentage":20.0,"sourceVersion":1},"images":null,"titleHistory":{"lastTimePlayed":"2013-05-11T22:09:50Z"},"detail":null,"friendsWhoPlayed":{"people":[],"currentlyPlayingCount":0,"havePlayedCount":0},"alternateTitleIds":null,"contentBoards":null}]} 

V rámci poměrně extenzivního používání systému – běžel nonstop celé čtyři dny, krom přesně 12 restartů pro ověření zjištění a chování při startu – kde pod pojmem používání je myšleno psaní dokumentů v různých formátech, vyřizování elektronické korespondence; prohlížení webu; přehrávání videí a hudby, hraní jedné hry (Taptiles) – v zásadě jsem si z mého Surface Pro 2 udělal na onen necelý týden hlavní stroj, je nutné zmínit poslední komunikací, která probíhá „sama“ jsou telemetrické údaje (v tomto případě související s doručováním aktualizací):

GET https://geo-prod.do.dsp.mp.microsoft.com/geoversion/ HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Accept: */*
User-Agent: Microsoft-Delivery-Optimization/10.0
Content-Length: 0
Host: geo-prod.do.dsp.mp.microsoft.com 

Odpověď:

HTTP/1.1 200 OK
Cache-Control: max-age=300
Content-Length: 78
Content-Type: text/x-json
X-Content-Type-Options: nosniff
X-XblCorrelationId: 08216a66-474b-466d-adb3-970b5540ea73
Date: Mon, 24 Aug 2015 13:23:43 GMT

{"Version":"0D0EB59E5A88052E0E7562D55BDBA9FCFB8B1166581F18E995EEF9D655FF0CAA"} 

Resp. její pokračování:

GET https://geo-prod.do.dsp.mp.microsoft.com/geo/ HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Accept: */*
User-Agent: Microsoft-Delivery-Optimization/10.0
Content-Length: 0
Host: geo-prod.do.dsp.mp.microsoft.com 

Která vrací mou veřejnou adresu:

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Length: 210
Content-Type: text/x-json
X-Content-Type-Options: nosniff
X-XblCorrelationId: c7b29e74-3fd4-4208-b312-e1d9137a78b1
Date: Mon, 24 Aug 2015 13:23:43 GMT

{"ExternalIpAddress":"90.XX.XX.XX","CountryCode":"CZ","KeyValue_EndpointFullUri":"https://kv201-prod.do.dsp.mp.microsoft.com/all/","Version":"0D0EB59E5A88052E0E7562D55BDBA9FCFB8B1166581F18E995EEF9D655FF0CAA"} 

Hledání a Cortana

Jako poslední je nutné zmínit funkci vyhledávání v systému – tedy použití funkce nabídky „Start“. Při zadávání výrazu k hledání dochází k sadě dotazů, které vyhledávají postupně při zadávání znaků (pro poskytnutí případné nápovědy a urychlení hledání). Při zadávání výrazu „hledat“ dochází ke spuštění této řady dotazů:

GET https://www.bing.com/AS/API/WindowsCortanaPane/V2/Suggestions?qry=h&cp=1&cvid=b6e7ea4196be458da4e92d0fd28d9857&ig=7f885d590ac64bc188dd86e9ab6ca539&cc=CZ&setlang=cs HTTP/1.1 
GET https://www.bing.com/AS/API/WindowsCortanaPane/V2/Suggestions?qry=hl&cp=2&cvid=b6e7ea4196be458da4e92d0fd28d9857&ig=7b36c73a22184892b8b304ce7a7b7634&cc=CZ&setlang=cs HTTP/1.1 
GET https://www.bing.com/AS/API/WindowsCortanaPane/V2/Suggestions?qry=hle&cp=3&cvid=b6e7ea4196be458da4e92d0fd28d9857&ig=852c10e4d7134feba5ae4a23aca607ff&cc=CZ&setlang=cs HTTP/1.1 
GET https://www.bing.com/AS/API/WindowsCortanaPane/V2/Suggestions?qry=hled&cp=4&cvid=b6e7ea4196be458da4e92d0fd28d9857&ig=312312f2f2804ba28f00e1cbb51b5379&cc=CZ&setlang=cs HTTP/1.1 
GET https://www.bing.com/AS/API/WindowsCortanaPane/V2/Suggestions?qry=hleda&cp=5&cvid=b6e7ea4196be458da4e92d0fd28d9857&ig=9367e82d08154e2bb1045f855acb424f&cc=CZ&setlang=cs HTTP/1.1 
GET https://www.bing.com/AS/API/WindowsCortanaPane/V2/Suggestions?qry=hledat&cp=6&cvid=b6e7ea4196be458da4e92d0fd28d9857&ig=798bc53aad8047d7832f103b76264ec7&cc=CZ&setlang=cs HTTP/1.1 

Hlavičky takových dotazů, tedy dodatečné informace sloužící primárně k identifikaci, jsou následující:

Accept: */*
Content-type: text/xml
X-Search-SafeSearch: Moderate
X-Device-SKU: Surface_Pro_2
X-Device-MachineId: {A4377D22-16F7-412B-B707-6332375D1E29}
X-BM-Market: CZ
X-BM-DateFormat: dd.MM.yyyy
X-Device-OSSKU: 48
X-Device-NetworkType: wifi
X-BM-DTZ: 120
X-DeviceID: 0100B0D20900803A
X-BM-DeviceScale: 150
X-Device-Manufacturer: Microsoft Corporation
X-BM-Theme: ffffff;005a9e
X-BM-DeviceDimensionsLogical: 344x580
X-Search-RPSToken: t%3DEwAgAgALBAAUWkziSC7RbDJKS1VkhugDegv7L0eAAH1Uy3oqhuqmXFQ4UN14UURapZaaRsr73nz1Bnrflllg9q/n4E4wUxzcyRSWZzDMgdPrhKPl3aU40QaVOO%2BXU69U/jvQ%2BvWrw9Ubx/dXYH7uKbhj1jYjZOUVpysbHLZz8SNE%2B7NTyrZ/DGtgf2nyhyE/i9FoZhTZva9XfRQEl/h2A2YAAAiNw2m0UfuKyXABSC/5bdNq2YIFfl9HhdjquDA/20wbnUTDZimIvCwwZOYjj2qy0KDUHttXZWac0QJOtq3462/jHB%2BUL1GVZVWOu9ODQbI/ThIRJpCMaze8to8HK/EtZxzUd64CGFEdEX8PJGQPiDOf1y1lyyVMIqu1Hk1Ib22XJcQjmPwCDvcElfIOIkT2b1HQ0sxG/IH9Iyl3Tp7zdFxvzcm0wtilymAoL2xV8BwaUZUC3Y4Z0P15hFHzYxOjv9bjBeYDYZdMh66F2cNV552p9ty7qTNHHePIeLhlO%2BBufR2tFbYl4LMgFI4AAGTxJaUsweEmUZrvxo5lUoUibXMid0dhLkwvFI5Xk6d1y/AozCLVGiwLXizbDOk%2BXSiBywpofh%2BG3XaVD32De6BcO8JBLO0Wr3cC2Vv%2Br9/XhIVVcRMp8M3EfJkfol38JJkYaVebDOsdaSrHVK4YS1DylBxV2hTs5lfOocGotmGzrB1A6bSU3%2BRsg4dkOvSfAQ%3D%3D%26p%3D
X-BM-DeviceDimensions: 516x870
X-Device-Product: Surface Pro 2
X-BM-CBT: 1440423695
X-Device-isOptin: false
X-AIS-AuthToken: AISToken ApplicationId=2529e699-fc8e-4b1b-997c-a778e078aa91&ExpiresOn=1440695699&HMACSHA256=3t%2fM1cYnluf52f%2b3eQEmPVH4iXKR4Ts42xE0bwlhn7c%3d
X-Device-Touch: true
X-Device-ClientSession: AE479F41AE9A4D6E8E7363A308353182
X-BM-ClientFeatures: OemEnabled
X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
X-MSEdge-ExternalExpType: JointCoord
X-MSEdge-ExternalExp: d-thshld39,d-thshldspcl40,d-thshld42,d-thshld77,d-thshld78
Referer: https://www.bing.com/
Accept-Language: cs-CZ
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; Touch; rv:11.0; Cortana 1.4.8.176; 10.0.0.0.10240.21) like Gecko
Host: www.bing.com
Content-Length: 76858
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: ANON=A=A538FB174748055FE290C22BFFFFFFFF; SRCHD=AF=NOFORM; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20150801; MUID=4D64463CDFDD425C8564C309A6FCC5A3; _SS=SID=B410E7CB9B614AFCA655A292719677A2&CPID=1440423521137&CPH=dae7a69e&HV=1440423658; _EDGE_S=mkt=cs-CZ&ui=cs-CZ&SID=3BA940BE92E169E7323048B393866822; _FS=mkt=cs-CZ&ui=cs-CZ; SRCHUID=V=2&GUID=9151B55E70524EFB8A819D45F339D025; MUIDB=4D64463CDFDD425C8564C309A6FCC5A3 

Jak je zřejmé, prohlížeč EDGE a všechny aplikace které ho využívají, zasílá relativně velké množství informací pro pouhé vrácení výsledku hledání. Je vhodné si také povšimnout, že některá data jsou chybná – typicky „X-Device-NetworkType“.

Kde ke každému dotazu existuje korespondující odpověď. Pro poslední dotaz tedy celý výraz „hledat“ vypadá takto:

{"Resources":{"Styles":""},"Suggestions":[{"Attributes":{"url":
"/search?q=hledat+seznam","query":"hledat seznam","stype":"AS","k":"5003","appNS":"autosuggest"},"Text":
"hledat seznam","HighConfidenceMetaSuggestionScore":0.129867196083069,"PrefetchConfidenceScore":0},{"Attributes":{"url":"/search?q=hledat+google","query":
"hledat google","stype":"AS","k":"5004","appNS":"autosuggest"},"Text":
"hledat google","HighConfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0},
{"Attributes":{"url":"/search?q=hledat","query":"hledat","stype":"AS","k":"5005","appNS":"autosuggest"},
"Text":"hledat","HighConfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0},{"Attributes":{"url":"/search?q=hledat+seznam+cz","query":
"hledat seznam cz","stype":"AS","k":"5006","appNS":"autosuggest"},"Text":"hledat seznam cz",
"HighConfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0},
{"Attributes":{"url":"/search?q=hledat+tel+cislo","query":"hledat tel cislo",
"stype":"AS","k":"5007","appNS":"autosuggest"},"Text":"hledat tel cislo","HighConfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0},
{"Attributes":{"url":"/search?q=hledat+adresu","query":"hledat adresu",
"stype":"AS","k":"5008","appNS":"autosuggest"},"Text":"hledat adresu",
"HighConfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0},
{"Attributes":{"url":"/search?q=hledat+praci","query":"hledat praci",
"stype":"AS","k":"5009","appNS":"autosuggest"},"Text":"hledat praci","HighConfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0},
{"Attributes":{"url":"/search?q=hledat+hrob","query":"hledat hrob","stype":"AS","k":"5010","appNS":"autosuggest"},
"Text":"hledat hrob","HighConfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0}]} 

Posledním krokem je odeslání informací o vyhledání – tedy informací o tom co bylo vyhledáno, ranking návrhů, ranking rozšíření návrhů, jaké byly návrhy vyhledávání a případně který návrh byl akceptován, úpravy vah návrhů. Samozřejmě jsou data pro Microsoft svázatelné se zařízením/uživatelem – posíláme je při přihlášení k MS účtu (viz hlavičky). Vzhledem k délce dotazu uvádím pouze výsek:

POST https://www.bing.com/threshold/xls.aspx HTTP/1.1
<ClientInstRequest><CID>4D64463CDFDD425C8564C309A6FCC5A3</CID>
<Events><E><T>Event.ClientInst</T><IG>
b6e7ea4196be458da4e92d0fd28d9857</IG><D><!
[CDATA[{"CurUrl":"https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init",
"Pivot":"QF","T":"CI.QFPerfPing","ST":"Init","CVID":"b6e7ea4196be458da4e92d0fd28d9857","OFFSETS":
[{"JS":0,"FBR":-174270,"LBR":-174270,"ABT":1440423695126}],"V":"2","TS":
1440423695129,"RTS":174185,"SEQ":34,"UTS":1440423700145}]]>…………………………
<requestInfo key="IsQuery" value ="false"/><requestInfo key="Form"
value="WNSGPH"/><userInfo key="Make" value="Microsoft Corporation"/>
<userInfo key="Model" value="Surface Pro 2"/><userInfo key="AppName"
value="SmartSearch"/></Ovr></M></Group><Group><M>
<IG>7f885d590ac64bc188dd86e9ab6ca539</IG><DS><!
[CDATA[[{"T":"D.Aggregator","Service":"AutoSuggest","Scenario":"Aggregator",
"AppNS":"SmartSearch","DS":[{"T":"D.TopHit","DS":
[{"T":"D.DSRef","KRef":1001}]}],"rankerModelIds":{"fastRankModelId":"STH_e700e5d9-6913-4114-b49c-140c8e795d0e",
"fastRankClassifierModelId":"MTH_e700e5d9-6913-4114-b49c-140c8e795d0e"}},
{"T":"D.LocalApps","AppNS":"SmartSearch","Service":"AutoSuggest","Scenario":
"LocalApps","SC":4,"DS":[{"T":"D.Url","Tx":"Hudba Groove","K":1001,"Q":
"Hudba Groove","Val":"PP","Ho":2,"Gr":0,"DeviceSignals":{"Rank":995,"PHits":
{"0":"System.ItemNameDisplay"},"Id":"Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic",
"DName":"Hudba Groove","LAD":"2015-08-02T19:51:22.980Z","AppLnch":1,"Args":0,"MDN":1,"Ext":""},
"RankerSignals":{"rankingScore":5.3843781714228225,"featureStore":
{"1":1,"2":1,"7":995,"8":1,"9":21.743202939814814,"10":1,"13":1,"14":11,"15":12,"
16":995,"20":0,"22":5.5,"27":0,"42":1,"43":0,"44":0,"45":5.3843781714228225,"46":0.6533547531447954,"60":0,"65":0,"67":0,"69":1,"70":0,"72":9,"73":10,"74":0,"75":
0,"76":0,"77":16,"78":0,"79":0,"80":3,"81":0,"83":1,"92":0,"93":0},
"topHitConfidenceScore":0.6533547531447954}},{"T":"D.Url","Tx":"Hlasový záznam","K":1002,"Q":"Hlasový záznam……………………………………………………………….DS":
[{"T":"D.Url","Tx":"Změnit poskytovatele hledání v aplikaci Internet Explorer",
"K":1009,"Q":"Změnit poskytovatele hledání v aplikaci Internet Explorer",
"Val":"ST","Ho":2,"Gr":1,"DeviceSignals":{"Rank":600,"PHits":
{"0":"System.Comment","1":"System.ItemNameDisplay","2":"System.Title"},"Id":
"Classic_{A73DCDB5-E233-4FC2-8083-6E431939002A}","DName":
"Změnit poskytovatele hledání v aplikaci Internet Explorer","MDN":0},"RankerSignals":{"rankingScore":-6.601147033517745,"featureStore":
{"7":995,"8":1,"10":3,"13":0,"14":54,"15":57,"16":600,"19":1,"20":0,"22":9,
"27":0,"42":1,"60":0,"64":1,"65":0,"67":0,"68":1,"69":1,"70":0,"72":9,"73":10,
"74":1,"75":1,"76":0,"77":19,"78":0,"79":0,"80":0,"81":0,"93":0}}},
{"T":"D.Url","Tx":"Změnit způsob hledání v systému Windows",
"K":1010,"Q":"Změnit způsob hledání v systému Windows",
"Val":"ST","Ho":2,"Gr":1,"DeviceSignals":{"Rank":600,"PHits":
{"0":"System.Comment","1":"System.ItemNameDisplay","2":"System.MediumKeywords",
"3":"System.Title"},"Id":"Classic_{D4690CFE-6A59-4BAB-BFF7-9ED0D083E798}","DName":
"Změnit způsob hledání v systému Windows","MDN":0},"RankerSignals":
{"rankingScore":-6.601147033517745,"featureStore":
{"7":995,"8":1,"10":3,"13":0,"14":36,"15":39,"16":600,"19":1,"20":0,
"22":6,"27":0,"42":1,"60":0,"64":1,"65":0,"67":0,"68":1,"69":1,"70":0,
"72":9,"73":10,"74":1,"75":1,"76":0,"77":19,"78":0,"79":0,"80":0,"81":0,
"93":0}}},{"T":"D.Url","Tx":"Nastavení Cortany a hledání",
"K":1011,"Q":"Nastavení Cortany a hledání","Val":"ST","Ho":2,"Gr":1,"DeviceSignals":
{"Rank":600,"PHits":{"0":"System.Comment","1":"System.HighKeywords","2":"System.ItemNameDisplay"},
"Id":"CortanaSettings","DName":"Nastavení Cortany a hledání","MDN":1……………………………………………………………..{"T":
"D.MI","Tx":"hledat seznam","K":5003,"Q":"hledat seznam"
,"Val":"AS","Ho":0,"Gr":11,"RankerSignals":{"rankingScore":-8.325247348334386,"featureStore":
{"4":1,"7":895,"8":0,"10":5,"13":0,"14":8,"15":13,"17":0.0399075411260128,
"19":1,"20":0,"22":0.8,"23":0,"25":1,"42":1,"60":0,"65":0,"67":0,"68":1,
"70":0,"71":0,"72":9,"73":4,"74":0,"75":0,"76":0,"77":13,"78":0,"79":0,"80":0,"81":0,"82":1,"93":0}},"Action":"Update","AppNS":
"autosuggest"},{"T":"D.MI","Tx":"hledam co najdu","K":5004,"Q":
"hledam co najdu","Val":"AS","Ho":0,"Gr":11,"RankerSignals":
{"rankingScore":-9.589811606518905,"featureStore":
{"4":1,"7":895,"8":0,"10":5,"13":0,"14":10,"15":15,"17":0,"19":
1,"20":0,"22":1,"23":0,"25":1,"42":1,"60":0,"65":0,"67":0,"68":
1,"70":0,"71":0,"72":9,"73":4,"74":0,"75":0,"76":0,"77":13,"78":0
,"79":0,"80":0,"81":0,"82":1,"93":0}},"Action":"Update","AppNS":
"autosuggest"}……………………………………………………………………………………T":"D.MI","Tx":
"hledat seznam","K":5003,"Q":"hledat seznam","Val":"AS","Ho":0,"Gr":11,"RankerSignals":
{"rankingScore":-5.865988430809351,"featureStore":
{"4":1,"7":600,"8":0,"10":6,"13":0,"14":7,"15":13,"17":
0.129867196083069,"19":1,"20":0,"22":0.5833333333333334,
"23":0,"25":1,"42":1,"60":0,"65":0,"67":0,"68":1,"70":1,
"71":0,"72":9,"73":1,"74":1,"75":1,"76":0,"77":10,"78":0,
"79":0,"80":0,"81":0,"82":1,"93":0}},"Action":"Update",
"AppNS":"autosuggest"},{"T":"D.MI","Tx":"hledat google",
"K":5004,"Q":"hledat google","Val":"AS","Ho":0,"Gr":11,
"RankerSignals":{"rankingScore":-9.61600552681862,"featureStore":
{"4":1,"7":600,"8":0,"10":6,"13":0,"14":7,"15":13,"17":0,"19":1,
"20":0,"22":0.5833333333333334,"23":0,"25":1,"42":1,"60":0,
"65":0,"67":0,"68":1,"70":1,"71":0,"72":9,"73":1,"74":1,"75":1,
"76":0,"77":10,"78":0,"79":0,"80":0,"81":0,"82":1,"93":0}},
"Action":"Update","AppNS":"autosuggest"},{"T":"D.MI","Tx":"hledat","K":5005,"Q":"hledat","Val":"AS","Ho":0,
"Gr":11,"RankerSignals":{"rankingScore":-9.61600552681862,"featureStore":
{"4":1,"7":600,"8":0,"10":6,"13":0,"14":0,"15":6,"17":0,"19":1,
"20":1,"22":0,"23":0,"25":1,"42":1,"60":0,"65":0,"67":0,"68":1,
"70":1,"71":1,"72":9,"73":1,"74":1,"75":1,"76":0,"77":10,"78":0,"79":0,
"80":0,"81":0,"82":1,"93":0}},"Action":"Update","AppNS":"autosuggest"},
{"T":"D.MI","Tx":"hledat seznam cz","K":5006,"Q":
"hledat seznam cz","Val":"AS","Ho":0,"Gr":11,"RankerSignals":{"rankingScore":-9.61600552681862,"featureStore":
{"4":1,"7":600,"8":0,"10":6,"13":0,"14":10,"15":16,"17":0,"19":1,
"20":0,"22":0.8333333333333334,"23":0,"25":1,"42":1,"60":0,"65":0,
"67":0,"68":1,"70":1,"71":0,"72":9,"73":1,"74":1,"75":1,"76":0,
"77":10,"78":0,"79":0,"80":0,"81":0,"82":1,"93":0}},"Action":"Update",
"AppNS":"autosuggest"},{"T":"D.MI","Tx":"hledat tel cislo",
"K":5007,"Q":"hledat tel cislo","Val":"AS","Ho":0,"Gr":11,"RankerSignals":{"rankingScore":-9.61600552681862,"featureStore":{"4":1,"7":600,"8":0,"10":6,"13":0,"14":10,"15":16,"17":0,"19":1,
"20":0,"22":0.8333333333333334,"23":0,"25":1,"42":1,"60":0,"65":0,
"67":0,"68":1,"70":1,"71":0,"72":9,"73":1,"74":1,"75":1,"76":0,
"77":10,"78":0,"79":0,"80":0,"81":0,"82":1,"93":0}},"Action":
"Update","AppNS":"autosuggest"},{"T":"D.MI","Tx":"hledat adresu","K":5008,"Q":"hledat adresu","Val":"AS","Ho":0,
"Gr":11,"RankerSignals":{"rankingScore":-9.61600552681862,"featureStore":{"4":1,"7":600,"8":0,"10":6,"13":0,"14":7,"15":13,"17":0,
"19":1,"20":0,"22":0.5833333333333334,"23":0,"25":1,
"42":1,"60":0,"65":0,"67":0,"68":1,"70":1,"71":0,
"72":9,"73":1,"74":1,"75":1,"76":0,"77":10,"78":0,
"79":0,"80":0,"81":0,"82":1,"93":0}},"Action":"Update",
"AppNS":"autosuggest"},{"T":"D.MI","Tx":"hledat praci","K":5009,"Q":"hledat praci","Val":"AS","Ho":0,"Gr":11,"RankerSignals":{"rankingScore":-9.61600552681862,"featureStore":
{"4":1,"7":600,"8":0,"10":6,"13":0,"14":6,"15":12,
"17":0,"19":1,"20":0,"22":0.5,"23":0,"25":1,"42":1,"60":0,"65":0,
"67":0,"68":1,"70":1,"71":0,"72":9,"73":1,"74":1,"75":1,"76":0,
"77":10,"78":0,"79":0,"80":0,"81":0,"82":1,"93":0}},"Action":"Update","AppNS":"autosuggest"},{"T":"D.MI","Tx":"hledat hrob","K":5010,
"Q":"hledat hrob","Val":"AS","Ho":0,"Gr":11,"RankerSignals":{"rankingScore":-9.61600552681862,"featureStore":{"4":1,"7":600,"8":0,"10":6,"13":0,"14":5,"15":11,"17":0,"19":1,
"20":0,"22":0.4166666666666667,"23":0,"25":1,"42":1,"60":0,"65":0,
"67":0,"68":1,"70":1,"71":0,"72":9,"73":1,"74":1,"75":1,"76":0,
"77":10,"78":0,"79":0,"80":0,"81":0,"82":1,"93":0}},
"Action":"Update","AppNS":"autosuggest"}]]]></DS><D><![CDATA[{"CurUrl":"https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init",
"Pivot":"QF","EnrichedClientInfo":{"MUID":"4D64463CDFDD425C8564C309A6FCC5A3",
"FDPartnerEntry":"autosuggest……………………………… 

Závěr

Ukázali jsme si poměrně detailně, jakým způsobem Windows 10 komunikují se servery Microsoftu, jaká data posílají a jaká přijímají – můžeme tedy hodnotit na základě důkazů a faktů, nikoli domněnek a osobní animozity. Je pravdou, že odcházejících dat je poměrně velké množství, podíváme-li se ale na celou situaci s odstupem, je nutné zmínit, že se nejedná o nic nového – kromě funkce vyhledávání, která s námi je již od systému Windows 8 (prohledávání webu) a v zásadě i na systémech Windows XP a Windows 7, v případě, že jsme si systém „obohatili“ o aplikace typu „google desktop search“/“windows live desktop search“/apod.

root_podpora

Dále mohu reagovat na některá tvrzení, která vznik tohoto článku iniciovala. Testování probíhalo čtyři dny. Nepovedlo se mi žádným způsobem donutit systém, aby mne vyfotil a odeslal fotografii „ven“. Jediný způsob, jak toho docílit, byl spuštění kamerky a nastavení synchronizace složky „Obrázky“ na OneDrive – i v tomto případě byl datový tok odpovídající její reálné velikosti a za žádných okolností by se to nestalo bez mého vědomí.

Data, která zadám do vyhledávacího pole nebo do adresního řádku, jsou samozřejmě odeslána „ven“, to je ale přeci očekávané chování – jak jinak získat odpověď na dotaz, když ho serveru nepoložím? Odesílání hlasu, textů a všech dalších vstupů (používal jsem během testování MS Word, MS Excel, MS Outlook, Aplikace Hlasový záznam, aplikace Bamboo Page) se prostě neděje (vyjma situace vyhledávání v menu „Start“ nebo webového prohlížeče). Upload souborů z lokálního stroje se děje pouze z adresářů určených k synchronizaci na OneDrive – což je samozřejmě očekávané a správné chování.

Byl pro vás článek přínosný?

Autor článku

Jiří Bartoš působí jako senior bezpečnostní konzultant, specializuje se na penetrační testování, QA, administraci kritické infrastruktury a podílí se na implementacích a auditech ISMS.