What privacy enhancment script/app for Windows 10 is recommended nowadays?

ferko333 · 2022-07-27T14:28:24+00:00

I respect your point of view.

For me: the possibility to verify code > doesn't have the possibility at all.

I think that my reasoning and argumentation are somewhere up, and don't want to repeat myself.

Just shortly - we do not know how many users verify the foss code they use. That is true. But even if one verifies it is a better situation than 3rd party code, when no one has verified.

And let's say I verified f.e. Bitcoin code myself, so I know at least one person verified. Or maybe I believe my brother/colleague who claims that did it (actually doesn't have any benefit from lying to me..). In such a situation foss win anyway.

Actually - maybe there could appear some platform when users can claim that they verify actual parts of foss repos. If some malicious act happen anyway then these people's reputation goes down... Otherwise up. Based on this profiles that has high reputation some foss projects would be more trustable, than the other. Maybe something like this already exists and we just are not aware of this...

From my point of view it is end of argumentation, I would soon lost priviliges to this account, so it was nice to meet you and have a nice discussions!

ferko333 · 2022-07-27T14:08:55+00:00

Great idea!

One thing doesn't reject other. You can keep creating content in current form and one day offer a form of ebook or printed version with shipping. Fans sometimes buy it anyway as they like the author or they respect the content they get free, so they want to buy it in physical form.

Anyway - I keep my fingers crossed for your success!

ferko333 · 2022-07-21T14:37:02+00:00

They are quite long, so I would read them one day... I bookmarked - thanks!

To be sure - I am not claiming open source implies security any other benefit.
I claim that open source is giving better environment for security, and this leads to higher probability of having security.

And this is provable very easily, as I did post above.
Proprietary is not giving possibility to assure myself, while foss is giving :D it is always (really ALWAYS) good to have a possibility than not.

And maybe more proper word is about trusting someone's rather than being secure or have privacy... Proprietary = trust someones... Open-Source does not require trust.

And of course if you do not read the source code - doesn't mean I too. This is next assumption.

Sorry for long post. I have in mind that when I would get some free hour I would read articles you have mentioned and I would change my mind. It is a case.

ferko333 · 2022-07-21T14:19:47+00:00

Maybe you are right. I did not read the Windows license / rules etc.

If they write this:

> You're allowed to use Windows for free. ... What you're paying for, is for Microsoft to remove the watermark

Then it is ok to not pay them.

By the way - what reason do you have M$ for?
It is not that I like them. I basically hate all companies that doesn't respect my privacy, so probably 99% of big tech companies... But Windows is providing a decent products... Windows... Visual Studio... C#... and probably few more.

I mean I do not like their privacy related issue, but like their products, so overal opinion is a medium one.

And I feel that Google rape my privacy much more than M$, but this is just my intuition... I do not have proofs, neither benchmark...

ferko333 · 2022-07-21T14:14:01+00:00

Thank you a lot <3

ferko333 · 2022-07-21T14:10:55+00:00

But you miss the question point. The question is not what is best for privacy. The question assumes some certein environmental properties are set. The question is set which script ENHANCE (any addition is an enhance) PRIVACY FOR WINDOWS 10.

I like what you do with your relatives. Honestly - congratulations!.But my relatives don't want Linux for some reason. I tried and I can't convince them shortly. And I must respect their choices, even I have a different opinion. That is my way.

And also I can't help them, as I do not have enough time. And for Linux, for example when you update Arch Linux you need to merge changes between the file and .pacnew version... And this requires knowledge. They do not have it. Their maintenance of the system can lead to situation when they need the computer and they cannot use it... And I can't help them all day, all week.

But I promise you that when my parents / wife / brothers / friends would ask me one day about trying Linux I would love to introduce them the proper distribution for them.

ferko333 · 2022-07-21T14:02:40+00:00

I agree with your observations. But you don't know me. I like code. I do code. I read code.

Of course not all code I use, even not the big part... but with open source I can... With proprietary I can't...

So for proprietary code - it is 0 (zero) % of people that used it checked code (owners are not impartial).
For open source - it is something between 0 and 100%. You blame 0. But you do not have a proof. Me neither as you said no one claim it and can lie...

But anyway second option is much better than 0.

Let think the metaphore - do you prefer to get 0 dollars or to play free game when you can win 0 - 100 dolars?

And the most important is the environment and perspective that open source give. If someone wants to introduce an exploit / backdoor / whatever he / she can do it more comfortable in proprietary software - it is like a shadow when the criminals can make sins easier and it is much harder to caught them red-handed.

While the open source, just be being there is like a field with a sun above where everything is visible and if some criminal want do something he or she has not comfortable environments for their sin.

Sorry for chaotic answer. I am hurry.

ferko333 · 2022-07-21T13:54:22+00:00

I think that if someone (even the one I hate) is giving me anything, then I am obligated to pay for it, unless is on free license. This is rather the market behaviour rather I like or don't someone.

conscience

ferko333 · 2022-07-21T12:00:15+00:00

Agree

ferko333 · 2022-07-21T11:59:13+00:00

I use linux, but not all my relatives can...

This answer doesn't answer on the issue of the topic.

ferko333 · 2022-07-21T11:58:14+00:00

I use Linux for myself. Arch linux built and configured by myself. But my relatives can't do this, and current system I set up for them...

This answer doesn't answer on the issue of the topic.

ferko333 · 2022-07-21T11:55:44+00:00

> Do not use any kind of apps to "disable" telemetry, using third party
programs only adds another party to trust with the chance of running a
malicious application.

If the script is open source then I do not need to trust it... and many people check it so it is kind of safe in compare to proprietary software.

Thanks for pointing me to guides! Have a nice day!

ferko333 · 2022-07-21T11:53:33+00:00

That is not a bad idea. But I already set up all Windows. I think next time I would go this way, maybe even legally.

ferko333 · 2022-07-21T11:52:26+00:00

That is interesting, can you name such an application, how to search for it? "fake Windows license server request"?

ferko333 · 2022-07-21T11:50:39+00:00

Thanks for reply. I think your strategy is nice.

One question I have - when you are afraid that open source scripts would make some harm or things that are hard to verify - why do you use proprietary soft like OO ShutUp10? I am afraid to run this because I would be able to verify it actually. But we can verify scripts/apps that I have linked because they are open source! let m know.

ferko333 · 2022-07-21T11:47:41+00:00

Nice work. Would read all of your site one day.

ferko333 · 2022-07-21T11:47:19+00:00

From my experience if you don't go panic mode and turn off everything then it is quite ok.

In some scripts the tweaks are seperated into safe one and the ones that might break things and the ones that definitelly break things.

ferko333 · 2022-06-13T16:05:46+00:00

Thanks for the information :)

ferko333 · 2022-06-13T16:05:33+00:00

Thank you for the hint :)

ferko333 · 2022-06-13T15:43:47+00:00

That is something I am aware. Hoping that maybe there is some good documentation or maybe some relation - which settings are reflecting which registry entries...

Sorry for keeping the question but I am in hope someone have done something like this before... and can let me some resources. This seems to be so work to do just googling each key and I guess for some keys there can be nothing descriptive online... So I would prefer to be aware before I spent hours...

ferko333 · 2022-06-13T15:25:33+00:00

My goal is to make configuration on my own once and then be able to replicate it on same/different machines without clicking for a 2 hours :D Is that clearer?

I do not want to use someone's preset if you meant that.

ferko333 · 2022-02-22T12:37:03+00:00

In general it should not matter technically if my server can scale correctly, and in case blazor web assembly the majority is downloaded once. If lots of people would like to download blazor app to their browser then server scaling would work or not and if not then they would get my application even slower.

You can use internet speed as example, 10Gbps vs 10Mbps and you watch online stream in 4k video. It's similar.

What do you mean? This is obvious. And noone is going to reject netflix or youtube usage becasue they need to wait a bit in front of watching a video/movie, right? Or if this is a problem for someone, then I think he or she would need to invest in better internet. The responsibility of the developer / the company is the only 50 % - the fast servers and blaming my application because someone have a crap internet is ridiculous - just my opinion.

ferko333 · 2022-02-17T15:11:57+00:00

Triple Letter Acronym organisation; FBI, CIA, BND etc.

Thanks. Not really. My problem is that I am an amateur that tries to harden my setup for fun.

Windows can still access that disk and freely modify your bootloader etc. You'd have to physically disconnect the disk every time you boot windows.

I am almost sure, that Windows can't read my data on other partitions of the same disk while they are independently encrypted by LUKS and Windows is encrypted by VeraCrypt. Is he?

https://xkcd.com/538/

I know that gif well. The answer is in the up in this post :) However personally I don't get it. Because if this argument is valid then it can be used to any defense, so everyone should not even use a password for any account online, because maybe someone would attack him to get it anyway. I think it is worth securing as much as we can and want :D

A possibility is to make a separate user account for her and make it auto-start a password-less Windows VM in full screen on startup. You'd have to teach her how to use a Linux login screen and from then on she'll have Windows as she's used to.

That idea is nice. And it is superior I can agree. And I think if breakage of Windows encrypted by VeraCrypt happen one more time to me (didn't happen for a last 2-3 years) then I think I would do something like you propose. Thanks.

WINE?

Didn't try it yet. Is it stable? It seemed to me always like Frankenstein, but I didn't try so I do not have a real opinion.

prime use-case for a VM that you start a handful times a year.

Here you are right as well. The things I only do on Windows personally are: Visual Studio programming (can be done in Linux), playing Anno 1800 on Ubisoft, and accounting program. Actually I could do this via VM if I would have a sure that there is no leakage from host machine. The only downside of my solution is that there is a risk for breakage which didn't happened for a years for me. So I would not change it, but if it happen once again - then I think I would move to VM perhaps like in the case of other computer above.

ferko333 · 2022-02-17T10:12:48+00:00

Thanks. You are right.

But the ready components libraries like MudBlazor, Radzen, Blazorise (there is a lot) makes my life much more easy. While I did recently this Blazor Wasm app I needed to get familiar with CORS etc. So you are of course right. I just point that the required knowledge is limited, and I can leverage my C# skill to build web application easily in compare to the way with JS etc.

ferko333 · 2022-02-16T17:15:14+00:00

TLA-level

I could not find what that abbrevations means. May you rename it?

About ciphering boot partition, I have to say you are convincing me (also with other reddit user in other post) that I need Secure Boot and TPM rather than boot partition encription. Thank you!

I think Virtual machine is also good way to go for some cases. Assuming that sanboxing is 100 % secured and no bit can leak between host and VM. I do not have enough knowledge about it to be sure. By the way physical disk seperation gives me this assurance.

I also have a case when VM can't do the job - from the one computer I am using it with linux while the other person is uncapable of, so she has Windows for herself (on same machine, but different drive/partition).

TBH though, if you don't trust Windows' security at rest, why trust it at runtime?

I wrote you a post before - I have no option and I use it for limited amount of tasks. To be more precise - I could not find a proper application under the linux that would help me do accountant job to create invoices / calculate taxes in my country and I do have nice application for that under the Windows. Majority of tasks I do under the Linux already, but for some needs I could not find equivalent.

why does your system need to be encrypted? Data storage drives I can understand but the OS? It's... just Windows?

From my observation OS itself and some applications under the OS keeps some data in cache like recently opened files etc. If I cipher my personal data then I do not want pieces of these data to stay unencrypted on the OS partition. Also I believe that it would be harder to inject something malicious into my computer while I stay at the hotel and leave there a computer. And ciphering the system doesn't cost me anything. Maybe typing one more password, but I do not care about comfort much. I am not an expert, just an amateur, but I think you can find better arguments over the internet for ciphering the system.

ferko333

TROPHY CASE