If you switch off Cortana and searching the Web from the Start menu, opening Start and typing will send a request to www.bing.com to request a file called threshold.appcache which appears to contain some Cortana information, even when Cortana is disabled.
Some of the traffic looks harmless but the question is why it happens.
Windows 10 downloads new tile info from MSN’s network from time to time, using unencrypted HTTP to do so. While again the requests contain no identifying information, it’s not clear why they’re occurring at all.
The OS periodically sends data to a Microsoft server named ssw.live.com. This server seems to be used for OneDrive and some other Microsoft services. Windows 10 transmits information to the server even when OneDrive is disabled and log-ins are using a local account that isn’t connected to a Microsoft Account.
It appears to be referencing telemetry settings but there is no reason for this it happens when telemtry is disabled.
Microsoft insists that none of this data hurts privacy. It is becoming increasingly difficult for Vole to provide services that do not hack somone off.
We’ve argued recently that operating systems will continue to make privacy-functionality trade-offs. Dervices such as Cortana (Siri, Google Now), cloud syncing of files, passwords, and settings, and many other modern operating system features are all valuable.
However you should be able to create a secure bare bones machine that does not phone Redmond if you want.