lfg6

2024-12-15 03:03:27 +00:00 · 2024-12-15 03:03:27 +00:00 · 40130c5961
parent 8417fd0110
commit 40130c5961
1 changed files with 277 additions and 0 deletions
--- a/windows_11_hardening_w_privacy.txt
+++ b/windows_11_hardening_w_privacy.txt
@ -0,0 +1,277 @@
+## TBA, fix mess
+
+### Relevant + newer repos found
+# https://github.com/beerisgood/Windows11_Hardening - txt guide
+# hotcakex guide -> https://www.reddit.com/r/cybersecurity/comments/10x986w/harden_windows_security_the_right_way_only_with/
+
+
+
+### ChatGPT Answer
+
+Here's the answer in **Gitea Markdown** format:
+
+```markdown
+# Remove ALL Tracking from Windows 11
+
+This guide provides commands and steps to remove all tracking from Windows 11. **Warning:** This will break some functionality, including Windows Updates, the Microsoft Store, Cortana, and other system features. Proceed with caution.
+
+---
+
+## 1. Disable Telemetry via Group Policy or Registry
+
+### Group Policy Settings via PowerShell
+```powershell
+# Disable telemetry via Group Policy
+reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /v "AllowTelemetry" /t REG_DWORD /d 0 /f
+```
+
+### Block Data Collection via Services
+```powershell
+# Disable telemetry services
+sc stop DiagTrack
+sc delete DiagTrack
+sc stop diagnosticshub.standardcollector.service
+sc delete diagnosticshub.standardcollector.service
+sc stop dmwappushservice
+sc delete dmwappushservice
+```
+
+---
+
+## 2. Disable Tracking Features
+
+### Remove Pre-installed Apps
+```powershell
+# Remove all pre-installed apps
+Get-AppxPackage -AllUsers | Remove-AppxPackage
+Get-AppxProvisionedPackage -Online | Remove-AppxProvisionedPackage -Online
+```
+
+### Disable Cortana
+```powershell
+# Disable Cortana
+reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d 0 /f
+```
+
+### Disable Feedback Requests
+```powershell
+# Turn off feedback requests
+reg add "HKCU\Software\Microsoft\Siuf\Rules" /v "NumberOfSIUFInPeriod" /t REG_DWORD /d 0 /f
+reg add "HKCU\Software\Microsoft\Siuf\Rules" /v "PeriodInNanoSeconds" /t REG_QWORD /d 0 /f
+```
+
+---
+
+## 3. Block Microsoft Telemetry Domains
+
+### Open HOSTS File
+```powershell
+notepad C:\Windows\System32\drivers\etc\hosts
+```
+
+### Add Telemetry Domains
+Add the following lines to the `hosts` file:
+```plaintext
+127.0.0.1 vortex.data.microsoft.com
+127.0.0.1 settings-win.data.microsoft.com
+127.0.0.1 watson.telemetry.microsoft.com
+127.0.0.1 feedback.windows.com
+127.0.0.1 activity.windows.com
+127.0.0.1 assets.onestore.microsoft.com
+127.0.0.1 c1.microsoft.com
+127.0.0.1 c2.microsoft.com
+127.0.0.1 c3.microsoft.com
+127.0.0.1 msftncsi.com
+127.0.0.1 officeclient.microsoft.com
+127.0.0.1 www.msftconnecttest.com
+```
+
+Save the file and reboot.
+
+---
+
+## 4. Disable Tracking Using PowerShell
+
+### Disable Windows Defender (Tracking)
+```powershell
+# Disable Windows Defender
+Set-MpPreference -DisableRealtimeMonitoring $true
+```
+
+### Disable Data Sharing Features
+```powershell
+# Disable OneDrive
+reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\OneDrive" /v "DisableFileSyncNGSC" /t REG_DWORD /d 1 /f
+
+# Disable Activity History
+reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "EnableActivityFeed" /t REG_DWORD /d 0 /f
+reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "PublishUserActivities" /t REG_DWORD /d 0 /f
+reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "UploadUserActivities" /t REG_DWORD /d 0 /f
+```
+
+---
+
+## 5. Disable Windows Update (Tracking)
+Completely disable Windows Updates to stop telemetry-related data collection.
+```powershell
+# Disable Windows Update Service
+sc config wuauserv start= disabled
+sc stop wuauserv
+```
+
+---
+
+## 6. Disable Telemetry via Firewall
+
+### Block Telemetry Domains
+```powershell
+netsh advfirewall firewall add rule name="BlockTelemetry" dir=out action=block remoteip=13.107.4.50,23.216.10.10,204.79.197.200
+```
+
+---
+
+## 7. Use Advanced Privacy Tools
+
+1. Download and run **[O&O ShutUp10++](https://www.oo-software.com/en/shutup10)**.
+   - Apply all "Recommended" and "Recommended and somewhat recommended" settings.
+2. Install **[WPD](https://wpd.app/)** for additional telemetry blocking.
+
+---
+
+## 8. Disable Online Features
+```powershell
+# Disable online search in Start Menu
+reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "BingSearchEnabled" /t REG_DWORD /d 0 /f
+reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "AllowSearchToUseLocation" /t REG_DWORD /d 0 /f
+```
+
+---
+
+## 9. Use a Debloated ISO
+
+For a fully stripped-down version of Windows 11, consider:
+- Installing a debloated custom ISO like **[AtlasOS](https://atlasos.net/)**.
+- Creating your own using **NTLite**.
+
+---
+
+Would you like a pre-made script to automate these steps? Let me know!
+```
+
+## GPT Sciprt:
+# Set-ExecutionPolicy Bypass -Scope Process -Force .\RemoveTracking.ps1
+
+```
+# Disable Telemetry Services
+Write-Host "Disabling telemetry services..." -ForegroundColor Green
+sc.exe stop DiagTrack
+sc.exe delete DiagTrack
+sc.exe stop diagnosticshub.standardcollector.service
+sc.exe delete diagnosticshub.standardcollector.service
+sc.exe stop dmwappushservice
+sc.exe delete dmwappushservice
+
+# Disable Telemetry via Registry
+Write-Host "Disabling telemetry via registry..." -ForegroundColor Green
+reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /v "AllowTelemetry" /t REG_DWORD /d 0 /f
+
+# Remove Pre-installed Apps
+Write-Host "Removing pre-installed apps..." -ForegroundColor Green
+Get-AppxPackage -AllUsers | Remove-AppxPackage -ErrorAction SilentlyContinue
+Get-AppxProvisionedPackage -Online | Remove-AppxProvisionedPackage -Online -ErrorAction SilentlyContinue
+
+# Disable Cortana
+Write-Host "Disabling Cortana..." -ForegroundColor Green
+reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d 0 /f
+
+# Disable Feedback Requests
+Write-Host "Disabling feedback requests..." -ForegroundColor Green
+reg add "HKCU\Software\Microsoft\Siuf\Rules" /v "NumberOfSIUFInPeriod" /t REG_DWORD /d 0 /f
+reg add "HKCU\Software\Microsoft\Siuf\Rules" /v "PeriodInNanoSeconds" /t REG_QWORD /d 0 /f
+
+# Block Microsoft Telemetry Domains via Hosts File
+Write-Host "Blocking telemetry domains..." -ForegroundColor Green
+$hostsPath = "C:\Windows\System32\drivers\etc\hosts"
+$domains = @"
+127.0.0.1 vortex.data.microsoft.com
+127.0.0.1 settings-win.data.microsoft.com
+127.0.0.1 watson.telemetry.microsoft.com
+127.0.0.1 feedback.windows.com
+127.0.0.1 activity.windows.com
+127.0.0.1 assets.onestore.microsoft.com
+127.0.0.1 c1.microsoft.com
+127.0.0.1 c2.microsoft.com
+127.0.0.1 c3.microsoft.com
+127.0.0.1 msftncsi.com
+127.0.0.1 officeclient.microsoft.com
+127.0.0.1 www.msftconnecttest.com
+"@
+Add-Content -Path $hostsPath -Value $domains
+
+# Disable Defender Realtime Monitoring
+Write-Host "Disabling Windows Defender real-time monitoring..." -ForegroundColor Green
+Set-MpPreference -DisableRealtimeMonitoring $true
+
+# Disable Activity History
+Write-Host "Disabling activity history..." -ForegroundColor Green
+reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "EnableActivityFeed" /t REG_DWORD /d 0 /f
+reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "PublishUserActivities" /t REG_DWORD /d 0 /f
+reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "UploadUserActivities" /t REG_DWORD /d 0 /f
+
+# Disable Windows Update Service
+Write-Host "Disabling Windows Update service..." -ForegroundColor Green
+sc.exe config wuauserv start= disabled
+sc.exe stop wuauserv
+
+# Block Telemetry Domains via Firewall
+Write-Host "Blocking telemetry domains via firewall..." -ForegroundColor Green
+netsh advfirewall firewall add rule name="BlockTelemetry" dir=out action=block remoteip=13.107.4.50,23.216.10.10,204.79.197.200
+
+# Disable Online Features
+Write-Host "Disabling online features..." -ForegroundColor Green
+reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "BingSearchEnabled" /t REG_DWORD /d 0 /f
+reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "AllowSearchToUseLocation" /t REG_DWORD /d 0 /f
+
+Write-Host "All tracking has been disabled. Reboot your system for changes to take effect." -ForegroundColor Green
+```
+
+
+### Old privacy hardening notes below
+
+# Disable all networking except for programs you need it for.
+
+# Alternatively try these and use a good firewall, don't allow unwanted sites.
+
+# Uninstall tracking updates:
+wusa /uninstall /kb:3083710 /quiet /norestart
+wusa /uninstall /kb:3083711 /quiet /norestart
+wusa /uninstall /kb:3065988 /quiet /norestart
+wusa /uninstall /kb:3083325 /quiet /norestart
+wusa /uninstall /kb:3083324 /quiet /norestart
+wusa /uninstall /kb:2976978 /quiet /norestart
+wusa /uninstall /kb:3075853 /quiet /norestart
+wusa /uninstall /kb:3065987 /quiet /norestart
+wusa /uninstall /kb:3050265 /quiet /norestart
+wusa /uninstall /kb:3050267 /quiet /norestart
+wusa /uninstall /kb:3075851 /quiet /norestart
+wusa /uninstall /kb:2902907 /quiet /norestart
+wusa /uninstall /kb:3068708 /quiet /norestart
+wusa /uninstall /kb:3022345 /quiet /norestart
+wusa /uninstall /kb:2952664 /quiet /norestart
+wusa /uninstall /kb:2990214 /quiet /norestart
+wusa /uninstall /kb:3035583 /quiet /norestart
+wusa /uninstall /kb:3021917 /quiet /norestart
+wusa /uninstall /kb:3044374 /quiet /norestart
+wusa /uninstall /kb:3046480 /quiet /norestart
+wusa /uninstall /kb:3075249 /quiet /norestart
+wusa /uninstall /kb:3080149 /quiet /norestart
+
+
+# Stop tracking Services:
+sc stop DiagTrack
+sc stop dmwappushservice
+sc delete DiagTrack
+sc delete dmwappushservice
+
+
+# Or Windows behind a firewall and block Microsoft...