So I tried to make a minimalist but secure config here
- Only a few installed apps mostly because there is no portable version or the shell integration is important
- They don't start automatically. I turned them off!
- Uninstalled some windows features (IE, xboxlive, onenote, games, etc.)
- Black Viper’s Windows 10 Service Configurations
- Windows Defender is off
- I disabled the auto start of all unnecessary programs and services
- The system consumes 1,3 GB RAM after the login.
- Basic security tweaks (autoplay disabled, smartscreen, UAC max etc.)
- Security software tweaks: SRP, Windows 10 Shut up
- Firewall: Inbound and outbound connections that do not match the rule are blocked
- Only a few programs have Internet access
- Windows Firewall Control is the only program that allowed to change the Firewall rules
- I prefer redundant backup, so this way the chance to lose my data is extremely small
- I can restore the whole system within 5 minutes with Macrium Reflect
- The image file is uploaded to the cloud too
- MEGA (paid): sensitive files are encrypted with 7zip.
- Non-sensitive files are not encrypted.
- Mobile and PC sync.
- OneDrive free
- 2 different SSD and 1 USB drive
- Sensitive files are unencrypted but the whole partition/drive/usb is protected by Bitlocker
- Bitwarden online password manager (browser extension)
- My passwords have 2 backup. Physical and digital. The digital one is protected with cascade encryption and uploaded to the cloud.
- I do not think the real privacy is achievable , so I don't really care. I am not a criminal and I focus on security instead of paying for placebo services. I protect my whole life from cyber stalkers.
- VPN because I use sometimes open WIFI and I don't like my ISP.
- I do not share any info or photos on the social networks anymore. I use a lookalike photo!