21 August 2015

How to stop Microsoft messing up your privacy in Windows 10 (updated 16/Jun/2016)

Disregard the fanboys saying “hurr you don’t need to change becuz windows is already perfect”,  there’s some things I can’t agree even that I run windows on a virtual machine, specially when privacy is the concern.
I will try to update this post every time I know something about it.


Disable Wifi Sense
            Wifi Sense is a “feature” that share your wifi password with your friends in some social networks. Wait a second… WTF? Let me guess what happen if something happens (security) with your social network? Man in the middle, someone? That’s a very stupid decision, so here you know how disable this shit:

Settings -> Network & Internet -> Manage Wifi Settings -> Disable EVERYTHING in Wifi-Sense

Disable Bandwith sharing for Updates
            Microsoft had the brilliant idea that use the CUSTOMERS to be hubs of torrents and share the updates, so they don’t need to care about bandwith, right? RIGHT? Yes, that’s retarded but it’s true:

Settings -> Update & Security -> Windows Update -> Advanced Options -> Choose How updates are delivered -> Disable Updates from more than one place

Disable automatically-applied updates
            I had some experience in the past of Microsoft messing up a shitload of companies when an update just stop machines from working. And don’t even touch in the fact those “automatically-applied updates” sometimes reboot your computer without your concern:

Settings -> Updates & Security -> Advanced Options -> Choose how updates are installed -> Change the pulldown to “Notify to schedule restart”

Disable “Getting to Know You” features
            Wanna know what is this shit? It recognize you to make windows better for you logging what and when you type, saving recordings of your voice,  collecting information of your contacts, etc. I call this TROJAN HORSE.

Settings -> Privacy -> Speech, Inking & Typing -> Click on “Stop getting to know me”

Disable Targeted Ads
            Who the hell likes a 3rd party application acessing your data to deliver “targeted ads”? FFS.

Settings -> Privacy -> General -> Disable the option “Let’s apps use my advertising ID for experiences across apps”

Disable App-Access to your location, microphone and webcam
            Yes, Microsoft doesn’t gives a fuck to your privacy and let 3rd party apps do this.

Settings -> Privacy -> Location -> Disable Everything
Settings -> Privacy -> Camera -> Disable Everything
Settings -> Privacy -> Microphone -> Disable Everything

Disable Shitty Background apps
            Microsoft doesn’t care about how mouch memory and cpu you have too.

Settings -> Privacy -> Background Apps -> Disable Everything

Disable telemetry
            Similar to “getting to know you”, they monitor everything you do for “diagnostic purposes”… Yeah yeah….

Open an elevated command prompt and type this:

echo. >%programdata%\Microsoft\Diagnosis\ETLLogs\AutoLogger\AutoLogger-Diagtrack-Listener.etl
cacls.exe "%programdata%\Microsoft\Diagnosis\ETLLogs\AutoLogger\AutoLogger-
Diagtrack-Listener.etl" /d SYSTEM

Now this:

Start -> Run -> Services.msc
Disable this services: DiagTrack Dmwappushservice

Disable the stupid accessibility using shift
            Everyone already see what happens when you press shift a lot of times.. Specially when you’re playing some game or doing something that needs to press shift..

Start -> Ease  of Access Center -> Make the keyboard easier to use -> Disable Everything

Update: 1/Sep/2015

Other recommendations
            Well… Use other OS, for fucks sake. You already see what’s happening here.
Block EVERYTHING I’ll show here. I’ll put comments on every group of hosts to you understand what you’re blocking:

127.0.0.1 oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 pre.footprintpredict.com
127.0.0.1 reports.wes.df.telemetry.microsoft.com
127.0.0.1 vortex.data.microsoft.com
127.0.0.1 vortex-win.data.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com.nsatc.net
127.0.0.1 oca.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net
127.0.0.1 df.telemetry.microsoft.com
127.0.0.1 reports.wes.df.telemetry.microsoft.com
127.0.0.1 cs1.wpc.v0cdn.net
127.0.0.1 vortex-sandbox.data.microsoft.com
127.0.0.1 i1.services.social.microsoft.com
127.0.0.1 i1.services.social.microsoft.com.nsatc.net
127.0.0.1 telemetry.appex.bing.net
127.0.0.1 telemetry.urs.microsoft.com
127.0.0.1 statsfe1.ws.microsoft.com

Other concerns

            While the inital reflex may be to block all of the above servers via HOSTS, it turns out this won't work: Microsoft has taken the care to hardcode certain IPs, meaning that there is no DNS lookup and no HOSTS consultation. However, if the above servers are blocked via HOSTS, Windows will pretend to be crippled by continuously throwing errors, while still maintaining data collection in the background. Other than an increase in errors, HOSTS blocking did not affect the volume, frequency, or rate of data being transmitted.


Update: 2/Sep/2015

            You can use this application to disable some stugg related to this privacy mess, but still, don't forget to block the sites in hosts anyways: http://www.thewindowsclub.com/ultimate-windows-tweaker-4-windows-10


Update: 19/Oct/2015

            You can uninstall a lot of useless apps using this guide.

Update: 16/Jun/2016

            Microsoft now installs software without your consent. Check here how to stop this nonsense.


1 comment:

  1. seudunha21.8.15

    Nice post.
    I will see these asap

    ReplyDelete