Everyone, after installing win 10 on a few more machines, I have updated my post with all the steps I took to neuter the spying stuff.
Secondly, this guy recommends Comodo Firewall as the best free firewall, and indeed it received awards and mentions everywhere etc. But what reasons should I have to trust it if it's free? What's their revenue model?
PS: don't use the windows 10 firewall nor windows defender.
Me and a friend of mine tried that firewall and randomly the network printers installed on the pcs in the office with that firewall would suddenly stop working and that problem went away after uninstalling it. Have anyone tested recent versions and noticed that problems ?
Honestly, I wouldn't install any Comodo product. After that stunt they pulled with Let's Encrypt, they have shown to be a shady company.
No idea what you should use though. The one in my D-link router is doing the trick for me.
As for Win10 ... sigh ... you really are in a constant battle with your OS. All that wasted energy.
My 8.1 is on lockdown too, I manually check every update to make sure none of the telemetry crap gets in. It's sad really.
I am going to have to figure out how to remove Windows Defender because is it now waging war with the antivirus of my choice. Hijacking it and trying force windows firewall.
I would never use a Comodo product after they whole VNC server incident. It was a mistake that should never have been made by a security company.
I generally agree that the only good firewall is the one in your (custom) router. But what about when you are on a laptop moving around, connecting to wifi?
Another one is GlassWire which looks nice in theory, and has a free version, but it looks too bubbly and app-y for them to not have thought of collecting data :P
This thread is awesome... How does everyone feel about me making a video showing how to do all this stuff then using our forum thread as a reference in the video? I have a few of my own things that I will add too.
Do it for the love of beer.
maybe it's just me, but i think windows 10 was made to spy on people as it's core feature. microsoft isn't making money on selling copies of software, but on the data they harvest. you can hack windows and try to change it into something that works for you instead of something that works for microsoft while they try to undo everything with every update, but isnt it better to work on linux if you have a problem with what windows is doing?
obviously some programs/games are incompatible but their are dual boot and vm options.
maybe it's just me?
I will allow it.
We are theoretically secure from monitoring, harvesting, and phoning home after all these fixes. But it wouldn't hurt if we also run this on a VM, do random crap while monitoring every connection for a while to verify.
Then we need to brace our buttocks for the August update :)
I agree, but this thread is for that pc you absolutely need not-linux on. For example I can't do my gamedev on a machine where windows is in a VM (and you'd still need to decrapify that too).
If someone decides to pour a few $billion into getting things seamless in the linux (non-server) world, making a nice community of devs with common sense, and makes all hardware and windows programs run decently in linux then yeah, we wouldn't be pouring this much energy into windows-10-butt-protectors.
I followed Barnacules guide, as well as doing some registry edits to make windows think my ethernet connection is metered. I've got a permanent notification message in the sidebar saying 'windows is unable to download updates'.
I followed this video to make the changes:
That's a nice quick workaround but I'm sure that if microsoft wants to phone home it still will. For instance, your android phone's google services get updated even on mobile data while your updates are set to not run on data.
To be relatively sure you're safe, you need to go trhough everything in gpedit.msc, services.msc, system event viewer, task scheduler, some parts of the registry, and monitor all traffic. I reckon that's what the people making the batch tools analyse in order to make them. But they know what to look for so it doesn't take them months.
You guys are pissing into the wind. You can do all this stuff, but there is still spying hardcoded into Windows. It cannot be stopped. It ain't worth the trouble. I'd rather take the time to learn Linux and setup a KVM if I ever need Windows 10 for something so I can keep it locked down.
The only true way to stop the spying would be to reverse engineer Windows 10 or a source code leak, so it could be deleted out. This sanitized version would then have to be distributed, and you damn well know Microsoft would move heaven and earth to squash that movement. Plus, who would keep it updated?
windows 10 butt protectors mmm gives me a t-shirt idea :)
HK-47 thanks for the comment with the references. I want more people to argue against these countermeasures so we can test and see how secure (or unsecure) we are after applying them.
It is absolutely true that no matter what checkboxes you uncheck while installing win10 or afterwards in the settings, you still get 100% spied upon. Those checkboxes just represent the only things that you can as a user benefit from the spying with to some extent. Turn off cortana, it's still listening though. not helping any more, but still listening, etc..
DisableWinTracking is a simpler tool than Windows 10 Privatizer, W10Privacy, and more importantly Spybot Anti-Beacon.
That cheezus guy did not do a thorough enough job at neutering windows. When they say "no matter how hard you try to stop it" they mean, you as a common user. The articles are biased towards how horribly win10 spies on you (and rightfully so) vs how effective countermeasures can be.
As it stands now, you are perfectly capable (with effort) of seeing and cutting off all phoning home, until microsoft manages to slip you a new update which phones home in a different way. -> Arms race. ( so yeah, go to linux or bet on "the russian hackers" to win vs microsoft as they have vs win7)
Or rather, right now I have no evidence to make me think otherwise.
I have taken time to try the various steps but at the end of the day a good firewall tells the story.
until it updates and all the fixes are programed out because they were posted online showing exactly how they were done. lol
I use spybot anti beacon
And peerblock (peerguardian2)
Regular scans of spybot2 and Avast / microcrap essentials
windows just Runs this world don't it?
well..
"RUNS" is a bad word i suppose///
