How to stop Microsoft messing up your privacy in Windows 10 (updated 16/Jun/2016)

Disregard the fanboys saying “hurr you don’t need to change becuz windows is already perfect”,  there’s some things I can’t agree even that I run windows on a virtual machine, specially when privacy is the concern.


I will try to update this post every time I know something about it.

1. Disable Wifi Sense
Wifi Sense is a “feature” that share your wifi password with your friends in some social networks. Wait a second… WTF? Let me guess what happen if something happens (security) with your social network? Man in the middle, someone? That’s a very stupid decision, so here you know how disable this shit:

Settings -> Network & Internet -> Manage Wifi Settings -> Disable EVERYTHING in Wifi-Sense

2. Disable Bandwith sharing for Updates 
Microsoft had the brilliant idea that use the CUSTOMERS to be hubs of torrents and share the updates, so they don’t need to care about bandwith, right? RIGHT? Yes, that’s retarded but it’s true:

Settings -> Update & Security -> Windows Update -> Advanced Options -> Choose How updates are delivered -> Disable Updates from more than one place 

3. Disable automatically-applied updates 
I had some experience in the past of Microsoft messing up a shitload of companies when an update just stop machines from working. And don’t even touch in the fact those “automatically-applied updates” sometimes reboot your computer without your concern:
 
Settings -> Updates & Security -> Advanced Options -> Choose how updates are installed -> Change the pulldown to “Notify to schedule restart”
 
4. Disable “Getting to Know You” features 

Wanna know what is this shit? It recognize you to make windows better for you logging what and when you type, saving recordings of your voice,  collecting information of your contacts, etc. I call this TROJAN HORSE.

Settings -> Privacy -> Speech, Inking & Typing -> Click on “Stop getting to know me”
 
5. Disable Targeted Ads 

Who the hell likes a 3rd party application acessing your data to deliver “targeted ads”? FFS.

Settings -> Privacy -> General -> Disable the option “Let’s apps use my advertising ID for experiences across apps”
 
6. Disable App-Access to your location, microphone and webcam 

Yes, Microsoft doesn’t gives a fuck to your privacy and let 3rd party apps do this.

Settings -> Privacy -> Location -> Disable Everything
Settings -> Privacy -> Camera -> Disable Everything
Settings -> Privacy -> Microphone -> Disable Everything
 
7. Disable Shitty Background apps 

Microsoft doesn’t care about how mouch memory and cpu you have too.

Settings -> Privacy -> Background Apps -> Disable Everything
 
8. Disable telemetry 

Similar to “getting to know you”, they monitor everything you do for “diagnostic purposes”… Yeah yeah….

Open an elevated command prompt and type this:

echo. >%programdata%\Microsoft\Diagnosis\ETLLogs\AutoLogger\AutoLogger-Diagtrack-Listener.etl
cacls.exe "%programdata%\Microsoft\Diagnosis\ETLLogs\AutoLogger\AutoLogger-
Diagtrack-Listener.etl" /d SYSTEM
 
Now this:

Start -> Run -> Services.msc
Disable this services: DiagTrack Dmwappushservice
 
9. Disable the stupid accessibility using shift 

Everyone already see what happens when you press shift a lot of times.. Specially when you’re playing some game or doing something that needs to press shift..

Start -> Ease  of Access Center -> Make the keyboard easier to use -> Disable Everything
 
Other recommendations:
 
Well… Use other OS, for fucks sake. You already see what’s happening here.

Block EVERYTHING I’ll show here. 

127.0.0.1 oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 pre.footprintpredict.com
127.0.0.1 reports.wes.df.telemetry.microsoft.com
127.0.0.1 vortex.data.microsoft.com
127.0.0.1 vortex-win.data.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com.nsatc.net
127.0.0.1 oca.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net
127.0.0.1 df.telemetry.microsoft.com
127.0.0.1 reports.wes.df.telemetry.microsoft.com
127.0.0.1 cs1.wpc.v0cdn.net
127.0.0.1 vortex-sandbox.data.microsoft.com
127.0.0.1 i1.services.social.microsoft.com
127.0.0.1 i1.services.social.microsoft.com.nsatc.net
127.0.0.1 telemetry.appex.bing.net
127.0.0.1 telemetry.urs.microsoft.com
127.0.0.1 statsfe1.ws.microsoft.com

Other concerns

            While the inital reflex may be to block all of the above servers via HOSTS, it turns out this won't work: Microsoft has taken the care to hardcode certain IPs, meaning that there is no DNS lookup and no HOSTS consultation. However, if the above servers are blocked via HOSTS, Windows will pretend to be crippled by continuously throwing errors, while still maintaining data collection in the background. Other than an increase in errors, HOSTS blocking did not affect the volume, frequency, or rate of data being transmitted.

Update: 2/Sep/2015

            You can use this application to disable some stugg related to this privacy mess, but still, don't forget to block the sites in hosts anyways: http://www.thewindowsclub.com/ultimate-windows-tweaker-4-windows-10

Update: 19/Oct/2015

            You can uninstall a lot of useless apps using this guide.

Update: 16/Jun/2016

            Microsoft now installs software without your consent. Check here how to stop this nonsense.

Sources: 

http://windows.wonderhowto.com/inspiration/everything-you-need-disable-windows-10-0163552/

http://localghost.org/posts/a-traffic-analysis-of-windows-10

http://arstechnica.co.uk/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/

http://suporteninja.com/microsoft-analise-de-trafego-do-windows-10-para-quais-servidores-ele-envia-suas-informacoes/

http://www.thewindowsclub.com/ultimate-windows-tweaker-4-windows-10

https://thomas.vanhoutte.be/miniblog/delete-windows-10-apps/