Advice Request Need suggestions for a free privacy-respecting Win10 config

Please provide comments and solutions that are helpful to the author of this topic.

gahnewlinox

New Member
Thread author
Apr 1, 2020
2
I'll be using Windows 10 for specific tasks but it's important I secure it the best I can. I want to limit third-party software when possible and any software I do use must respect my privacy. What I mean by that is something that doesn't collect data outside of the program itself, doesn't share data with random third-parties, and only collects anonymous data or even no data collection at all. Since I'll be running brain.exe I'm specifically concerned with zero-days and exploits as opposed to more common malware/phishing. I was thinking of using Windows Defender & firewall with OSArmor and SysHardener from NoVirusThanks but I could only find their websites privacy policy but no privacy policy for their software. I'm also not sure how effective they are with modern zero-days considering they haven't been updated in a while, so any clarification on their effectiveness would be apprecated. I also plan on using Windows privacy tools like Debotnet which might effect Windows Defender's capabilities, though I'm not sure. As mentioned in the title, this config has to be free so paid software is out of the question. Any advice is welcomed!
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
You can choose one of the privacy tools from this link below


There are 4 areas of privacy where your PII (Personal Identifiable Information) can be exfiltrated

1) Windows OS.
In Windows go to => Settings => Privacy and disable those unwanted settings

2) 3rd-party software.
Some are Windows hardening tools (for security and/or privacy) while others (e.g. Adguard for Windows, BlackFog Privacy etc) are more in protecting PII exfiltration by other software and the websites

3) Browser(s) and their extensions
Forget about Chrome if you seriously want your privacy. It's great secure browser though. Similarly, Edge by Microsoft, Yandex (a Russian browser), Opera (owns by the Chinese) and most Chromium browsers as well unless stated they can de-googled themselves. Ungoogled Chromium browser is Google-free but it lacks in security due to its slow releases. Other browsers like TOR and TAILS will give great privacy protection but they have their downsides as well. Brave browser (as reported) is great in privacy but only in its default settings. As for Firefox browser you can harden its security and privacy settings.

As for extensions the best is to use those FOSS. And don't download extensions from Google Web Store.

4) Fingerprinting
This is becoming increasingly prevalent as you surf the net for you can easily be fingerprinted. Anything of you that is your computer hardware, your OS, browser, use of social media, your surfing habit etc can be fingerprinted. A big topic here. Read the net and take some care in protecting your fingerprints.

There's no need to be paranoid in over protecting them. Just do something above and beyond the default settings will do
 
Last edited:

gonza

Level 2
Sep 10, 2019
60
Hello. What about using something like Qubes? If Edward Snowden uses it, I think you'll feel secure too.

Or any distro + Windows inside a VM?

If you don't trust those apps or the developer... Well, I'll not judge. Mmm... Take a look at Hard configurator. Maybe is the app you are looking for. You have 124 awesome pages to read. And @Andy Ful is always there to answer questions.
 
Last edited:

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
Hello. What about using something like Qubes? If Edward Snowden uses it, I think you'll feel secure too.

Or any distro + Windows inside a VM?

If you don't trust those apps or the developer... Well, I'll not judge. Mmm... Take a look at Hard configurator. Maybe is the app you are looking for. You have 124 awesome pages to read. And @Andy Ful is always there to answer questions.
If you run a server or workstation the use of Qubes/Whonix combo would be great.

Otherwise for Windows users adding a VM should help a lot in addition to the privacy protections that I have mentioned. BTW, VM and Hard Configurator come under 3rd-party software use
 

Thales

Level 15
Verified
Top Poster
Well-known
Nov 26, 2017
708
I used to be a privacy oriented person like you. But I've changed because I realized security is more important and achievable. Privacy is not. I also checked privacy policies and used linux, double hop vpn, "private" mobile OS, paid "private" emails and other things I can't even remember. Made my life complicated because I thought they need my data. No one wanted my pizza orders, or browser history. If you are not a journalist then you should not pursue privacy like I and others did. I still use VPN and disabled telemetry on Windows but that's all. Google is the most secure oriented email service out there. Privacy? Doesn't matter.
There are a lot of topics here about privacy and you can find useful information. If I were you I would focus on security because as I mentioned it is achievable.
 

cliffspab

Level 4
Verified
Well-known
Oct 4, 2019
175
I used to be a privacy oriented person like you. But I've changed because I realized security is more important and achievable. Privacy is not. I also checked privacy policies and used linux, double hop vpn, "private" mobile OS, paid "private" emails and other things I can't even remember. Made my life complicated because I thought they need my data. No one wanted my pizza orders, or browser history. If you are not a journalist then you should not pursue privacy like I and others did. I still use VPN and disabled telemetry on Windows but that's all. Google is the most secure oriented email service out there. Privacy? Doesn't matter.
There are a lot of topics here about privacy and you can find useful information. If I were you I would focus on security because as I mentioned it is achievable.

I totally agree with this.

Maintaining absolute privacy is almost impossible if you're tied to the Google or Microsoft ecosystems and many of the measures I've tried to achieve even a modicum of this have resulted in various things breaking on my system.

Some recent examples being O&O Shutup disabling secure lookups on Edge and switching various Windows settings to "managed by your organisation"; WPD breaking the useful new clipboard sharing feature of Your Phone; not having a decent search tool on Tutanotoa/Proton Mail due to the encryption; and an always-on VPN hobbling my internet speed.

With that in mind, these days I'm not prepared to give up functionality in the pursuit of protecting my 'pizza orders' as you so succinctly put it.

So now, like you, I take a minimalist approach to privacy using various tracking blacklists and settings in Edge, AdGuard and NextDNS and manually disabling a few of the more needless Windows telemetry features.

Taking a strong approach to security, on the other hand, tends not to break things and mitigates against threats that might actually screw up my system, lose my data, jeopardise my accounts or cause me tangible grief in my day-to-day computer use.
 
Last edited:
F

ForgottenSeer 85179

Hello. What about using something like Qubes? If Edward Snowden uses it, I think you'll feel secure too.

Or any distro + Windows inside a VM?

If you don't trust those apps or the developer... Well, I'll not judge. Mmm... Take a look at Hard configurator. Maybe is the app you are looking for. You have 124 awesome pages to read. And @Andy Ful is always there to answer questions.
QubesOS is not for normal user's nor for normal usage generally.

Recommend a switch from Windows to Linux doesn't make sense if you care about security.
Using a VM in Linux then also then only make this argument stronger.

Using Linux in a VM under Windows as Windows internal feature make sense if you want to this extra step.
But it's not needed for normal guys.
Windows itself already use Hyper-V for some security stuff.
 
F

ForgottenSeer 85179

Instead of OSArmor and SysHardener I recommend AndyFul tool's

For privacy you should check windows internal privacy settings and policy rules. The many available tools don't do magic which you cannot do by yourself. This would be also the best solution if you want avoid external tools as much as possible.

Also these privacy tools mostly break stuff. So if you use such, watch out what you/ the tool does before you apply the changes
 
Last edited by a moderator:

Thales

Level 15
Verified
Top Poster
Well-known
Nov 26, 2017
708
Ohh and check this out! A lot of members use this solution to make windows fast and disable telemetry.

 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top