What should I do before connecting Windows 10 to Internet?

Discussion in 'privacy problems' started by reasonablePrivacy, Oct 28, 2017.

  1. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    107
    Location:
    Some country in the European Union
    Hello,
    I am using Windows 8.1 for now, but I am going to do zeroing of HDD and install Windows 10 FCU. I am going to install system offline (no Ethernet crossover cable plugged in). I would like to configure Windows 10 to minimize the data sent to Microsoft before connecting to Internet. I am just going to pro-actively locating relevant information to turn off telemetry as much as possible without breaking functionality of this OS.
    What do you suggest to focus?
     
  2. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    505
    Simply change the telemetry setting to basic.
     
  3. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,097
    Before you connect it to the internet make the consious decision not to use it for anything you don't want the world to know about.
    They will claim W10 is so secure etc. Yeah, secure against publicly known software exploits.

    Remember Stuxnet? The firmware based malware in USB drives? That is ten year old technology, of course it did not end there. Two years ago firmware based malware was discovered in hard drives from several well known hard drive vendors.
    Kaspersky being the AV company that detected stuxnet and the hardrive firmware malware that we have no way to control.
    Then Intel puts remote access mini OS in its processors.
    I'm quite sure those cases are just the tip of the iceberg.
    Everyone needs to wake up to all of this there is no secure way to be connected to the internet today because the governments and corporations we trusted with that have turned against us and they have thousands of people working every day to ensure there is remote access to all and every internet connected device.
     
    Last edited: Oct 28, 2017
  4. mekelek

    mekelek Registered Member

    Joined:
    May 5, 2017
    Posts:
    81
    Location:
    Hungary
    you must be fun at parties. and a regular visitor of /r/conspiracy
     
  5. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,879
    Yes, it's iffy to think that you can keep anything on Windows private from Microsoft. I use Windows VMs sometimes, but only from anonymously obtained installers, and only through VPNs (and perhaps Tor). However, I doubt that it's as bad as @RockLobster says. Maybe for Windows and Android. Probably not for OSX and iOS, but o_O And most likely not for most Linux distros. Unless you've been targeted, anyway.
     
  6. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,097
  7. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,097
    I mean seriously what do you all think 40,000 people have been doing at NSA headquarters every day for the past decade? This stuff is their job, and they are pretty good at it, and then add to that all the independent hackers and other nation state actors they are all at it, multi billions of dollars spent every year on doing it and we should believe that malware basher super matic delux is going to stop them lol
     
  8. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,879
    Yes, they have many ways to compromise Internet-connected devices. But I doubt that they've compromised all Internet-connected devices. And even if they could, I doubt that they could interpret the data meaningfully.
     
  9. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    107
    Location:
    Some country in the European Union
    But basic means it sends telemetry too, right? I would like to minimize it further.
    I was thinking about programs such as O&O ShutUp10, manually disabling services and built-in Windows firewall (I have intermediate knowledge about Linux's iptables and OpenBSD's pf, so I think I am able to learn how configure Windows firewall too).
    Edit: I forgot about Windows Registry editing because I used to use config files.

    Virtualization is okay, but not on my current hardware for performance reasons.

    I understand that I would not be able to defend from NSA, but what else could I do? Going trully offline is not an option.
     
  10. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    4,521
    Location:
    Nicaragua
    That sounds like a formula for having problems in W10. I suggest you read, search the internet to get an idea of what people who constantly have problems in W10 are doing with their system and at the same time, do the same regarding users who don't experience issue. To me, the difference in what hey do is clear cut.

    Bo
     
  11. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,855
    Location:
    Slovakia
    https://www.ghacks.net/2015/08/14/comparison-of-windows-10-privacy-tools

    Note that Windows Firewall service might be needed for something, it was required by Windows update till version 1703, it has still got some crazy dependencies, like DHCP.
     
  12. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    523
    Location:
    Land o fruits and nuts
    Put your tinfoil hat on, then put your head between your knees and kiss your *** (privacy) goodby.
     
  13. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,942
    Location:
    USA still the best. But getting worse!
    Imo if you're on Facebook & posting truthfully about you, your family & friends lives. Then you have nothing to fear from w10.
     
  14. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    523
    Location:
    Land o fruits and nuts
    What the**** are you talking about??
     
    Last edited: Oct 28, 2017
  15. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,942
    Location:
    USA still the best. But getting worse!
    Self explanatory no ? or * needed.
     
  16. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    523
    Location:
    Land o fruits and nuts
    The question was;
    What should I do before connecting Windows 10 to Internet?

    You said; "if you're on Facebook & posting truthfully about you, your family & friends lives. Then you have nothing to fear from w10."

    Again
    what the **** are you talking about? What does FB have anything to do with the question?
     
  17. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,097
    Its rather obvious isn't it? His post is saying, if you hope to retain any semblance of anonymity while online and therefore not join the masses and post your entire life on things like FB, W10 might not be the best choice.
     
  18. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    107
    Location:
    Some country in the European Union
    I have done disabling services in Windows 8.1 and had some problems with some programs (especially big, commercial ones). Then I reinstalled and disabled smaller number of services and it have been working well since then. I guess they just disabled too much.
    On the head of list it is to stop "Windows Store","Windows Defender" , "Windows Error Reporting service" and Cortana.
    And maybe automatic drivers download/update.

    Maybe I have written something confusing (I am not native speaker nor english language expert). I don't want to disable Windows firewall. I would like to configure it to stop programs having any access to Internet by default.
     
    Last edited: Oct 29, 2017
  19. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,376
    Location:
    UK
    RBAC - role based access control - is not a feature of windows firewall. Nor can you selectively prevent access by programs to different parts of your disk (disk firewalling).

    Have you any knowledge or experience of the Sandboxie program? This allows you to selectively configure sandboxes per-program, which can prevent internet access, and restrict what parts of the file system a program can directly "see" (as well as other controls on what system calls a program can make).

    Attempting to use outgoing firewall rules to prevent all telemetry has proved a thankless and somewhat impossible task, probably not worth the effort.
     
  20. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    2,323
    omg not the great conspiracy again...:rolleyes:
    nothing. leave it as is, grab all updates, then use o&o shutup as you like to. (backup first)
    if you are using a microsoft account - your fault, is nearly same as telemetry - you give tracking data on your own.
    +1
    if any doubt at windows 10 is still present - dont use it. simple as that.

    in fact windows 10 as "windows as a service" is only the beginning.
     
  21. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,942
    Location:
    USA still the best. But getting worse!
    So true. If you're not horrified & outraged yet, just wait.

    You'll have to be woke though & not distracted by shining objects.
     
  22. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    4,888
    Location:
    Among the gum trees
    No harm in blocking third party cookies in Edge & IE.
     
  23. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,151
    A few higher level things:
    • Review Microsoft's privacy policies for the OS and related services you might be exposed to. It is a good place to start and is straight from the horse's mouth.
    • Review guides created by Microsoft and others. They can shed light on issues not covered in official privacy policies and explain how to address those.
    • Review tools that have been created to help with the task. They shed light on issues, can reveal the specific steps used to address them, and you may find one or more that you want to use.
      • Search for: windows 10 privacy script OR tool OR utility OR program
    • Make notes as you go, save links you found useful, produce something resembling a checklist that you will follow.
    Regarding how you go online: It is far better to go online with a too-tight config than a too-loose config. You can loosen up later, if you want to. If you can manage it, monitor and review network traffic to assess whether it is as expected and acceptable. Especially during the first connection, but also while you exercise different features/applications that can phone home.
     
  24. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    559
    Location:
    usa
    I use Spybot Anti-Beacon. It's enough for me as a user of Win 10, because as mirimir said, "Yes, it's iffy to think that you can keep anything on Windows private from Microsoft."
     
  25. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    107
    Location:
    Some country in the European Union
    I have done something similar in Windows 8.1. I encountered some problems with restricting some Windows services to Internet while still being able to download update (the same process hosted different services), so it wasn't too-tight unfortunately.

    See "What Firewall Rule(s) Will Allow Windows Update and ONLY Windows Update To Work" on superuser.com
    and
    "Windows 8.1 firewall issue" on answers.microsoft.com
     
Loading...