tanto259's security configuration

[tanto259]

Further Details

Spoiler: Chrome Beta Settings

Involves chrome://flags settings and command-line settings, I am not responsible if your browser explode into smithereens

• Limited to TLS 1.2 and above, because why not?
• Strict site isolation, top document isolation and AppContainer Lockdown is active
• HTTP marked as actively dangerous
• Reduced information in 'referer' header
• Enforced strict extension content verification

Linux for Windows 10 is on and also installed with modified GnuPG 1.4 for 8192-bit RSA generation and other useful linux command line thingy.

Disclaimer
This configuration involves a lot of beta application. Emulate this configuration at your own risk. I am not responsible if anything happen to your data and computer.

Let me know if you have any suggestion! Thanks!

 

[frogboy]

Looks good to me, nothing to add here.

Thanks for sharing with us here at MT.

 

[tanto259]

Why is Eset beta in your config?

I'm part of ESET Insiders closed-beta group.

 

[ForgottenSeer 55474]

Very nice configuration,I have nothing to add,thanks for sharing

 

[JM Safe]

Why OS File Reputation disabled? It can be fundamental to prevent infections.

Thanks for sharing.

 

[tanto259]

Why OS File Reputation disabled? It can be fundamental to prevent infections.

Thanks for sharing.

The option to enable it is disabled somehow and I couldn't figure out how to enable it. Already tried several registry editing but nothing works so far. SmartScreen is on for Microsoft Edge and Windows Store apps though.

 

[Sunshine-boy]

Hello.
You can use Yandex browser instance of chrome(if you want) it more customizable and faster than chrome.
Some useful tweaks for chrome if you like:
Poll - Anyone using Chrome's flags to increase security and/or privacy
Also, add wise disk cleaner( free)to remove junk and useless files.
BTW Simple and effective thanks for sharing.

 

[Overlord]

Looks good. Thanks for sharing.

 

[brambedkar59]

Wow, you got lots of Beta softwares in there. Nice config, thanks for sharing it

 

[Exterminator]

Secure windows 10 config! Thanks for sharing it with us

 

[DeepWeb]

Very secure. But I would not use DNSCrypt resolvers so far away. The closer they are to where you live the fewer nodes they have to pass that are used by the NSA to collect data.

 

[Deleted member 178]

Better use smartscreen but i see

The option to enable it is disabled somehow and I couldn't figure out how to enable it. Already tried several registry editing but nothing works so far. SmartScreen is on for Microsoft Edge and Windows Store apps though.

Are you owning the admin account ?

 

[tanto259]

Are you owning the admin account ?

Yes, I am using the admin account. But I do not see any way to turn it on.

 

[Deleted member 178]

Yes, I am using the admin account. But I do not see any way to turn it on.

i guess a clean install have to be done then if you need it.

 

[tanto259]

i guess a clean install have to be done then if you need it.

After spending >2 hours researching, I finally managed to turn on SmartScreen by deleting EnableSmartScreen at
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System

 

[tanto259]

Very secure. But I would not use DNSCrypt resolvers so far away. The closer they are to where you live the fewer nodes they have to pass that are used by the NSA to collect data.

After further consideration about this, I'm switching primary resolver to d0wn's Resolver Singapore 01

 

[tanto259]

Update: Add HashTab, SmartScreen set to Block, add Disclaimer and Chrome settings