Windows 10 Update System Takes Use Bandwidth By Default

Microsoft has defended a peer-to-peer system used by default to update Windows 10 systems, saying it uses only a “limited portion” of users’ upload bandwidth.

The operating system was released on July 29 as a free upgrade to Windows 7, Windows 8 and Windows 8.1, and is also available as a free download. It introduces a new system called Windows Update Delivery Optimisation (WUDO) that by default allows other computers to download update code from participating users.

Silent uploads

The system is intended to decentralise the process of distributing updates, according to Microsoft, so that users can receive code from computers located physically in their area, or on their own local network, rather than always connecting directly to Microsoft for the downloads.

The technique is similar to that used by BitTorrent and other peer-to-peer networks – Microsoft’s Skype IP telephony system also uses a peer-to-peer approach. The change accompanies Windows 10’s shift to a “service” model which Microsoft has said is to rely on continuously downloaded updates.

To function, however, WUDO relies on users permitting data transfers to other, unknown users across the Internet. Individual users can opt out of these peer-to-peer file transfers, but by default they are enabled on all Windows 10 systems.

Industry observers criticised Microsoft for its failure to notify users, particularly since those with metered Internet connections might end up paying for their WUDO uploads. Microsoft responded that the system restricts its data transfers if it detects a metered connection.

The feature “helps people get updates and apps more quickly if they have a limited or unreliable internet connection”, Microsoft stated. It doesn’t slow down Internet connections because it uses only a “limited portion” of bandwidth, the company said.

Security risk?

Security researchers said WUDO is unlikely to pose a risk to users because it relies on a cryptographically signed list of files sourced directly from the company.

“Your PC can validate cryptographically that it received the same file that it would have acquired directly from Microsoft, even if the download came from one or more unknown third parties,” wrote Sophos Security’s Paul Ducklin in an advisory.

Users have the option of blocking the peer-to-peer feature by modifying Windows 10’s “Updates and Security” settings, in a panel found under “Advanced options/Choose how you download updates/Get updates from more than one place”.

The settings give users the option of restricting peer-to-peer update downloads to the local network or of downloading all updates directly from Microsoft.

How much do you know about the cloud? Try our quiz!

 Loading ...