[Compilation] Windows 10 Tips, Tricks and Tools to enhance your privacy

Since the release of the technical preview for Windows 10, privacy have been the first subject of discussion surrounding Microsoft's new version of Windows. A lot of threads have been created here to discuss about it, and a lot of articles are being published daily as well. Users find more terms in Windows 10's EULA everyday and post about it as well. This being said, a lot of users here are wondering what they can do to "protect" themself against this. The answer is simple:

You agreed to Windows 10's EULA when you installed it, if you realize that you do not agree with it, legally speaking, you shouldn't be using it.

But I know that a lot of users here don't care about that for whatever reason there is. I don't want to start yet another thread that debates about Windows 10's EULA and Microsoft Privacy policies, we have enough of them already. This thread will be used to compile tips and tricks you can use to attempt to protect your privacy as much as possible under Windows 10.

Be aware that some of the tweaks here can break your Windows installation and/or remove certain of its features. It's recommended to either create a System Image of your system prior to applying these modifications, and/or creating a System Restore Point (or backing up your Registry). I am not responsible for what you do with the tips and tools posted here.

Now, there's currently two programs that you can use in order to adjust the privacy settings under Windows 10.

The first one is DoNotSpy10 by pXc-coding. This tool offers a GUI to enable/disable many settings and features related to privacy under Windows 10. Be aware that this program is detected by many Antivirus programs because it bundles OpenCandy with it. You can read what quietman have to say about OpenCandy here to make a decision on whether you want to keep it or not. Programs like Malwarebytes and Emsisoft will remove the bundled OpenCandy on installation.



There's also Destroy Windows 10 Spying which is another tool that allows you to control privacy-related settings under Windows 10, but with a bit less options.



The user C-Ron on reddit posted a small guide that guides you throught the settings to disable when you first configure Windows 10, and also what to do after the installation if you want to disable more settings that would send data to Microsoft. This article was first reported by the member Condobloke here.

https://www.reddit.com/r/Windows10/comments/3f38ed/guide_how_to_disable_data_logging_in_w10

The website WinAero also offers a small tutorial on how to disable the Telemetry and Data Collection under Windows 10.

http://winaero.com/blog/how-to-disable-telemetry-and-data-collection-in-windows-10/

The following entries can be added to the hosts file (C:\Windows\system32\drivers\etc) to block the transmission of data to Microsoft from your Windows 10 system. I expect this list to grow more in the future and I'll add the entries as they are being posted online.

0.0.0.0 vortex.data.microsoft.com
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nsatc.net
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 reports.wes.df.telemetry.microsoft.com
0.0.0.0 wes.df.telemetry.microsoft.com
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 telemetry.microsoft.com
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 telemetry.appex.bing.net:443
0.0.0.0 settings-sandbox.data.microsoft.com
0.0.0.0 vortex-sandbox.data.microsoft.com
0.0.0.0 survey.watson.microsoft.com
0.0.0.0 watson.live.com
0.0.0.0 watson.microsoft.com
0.0.0.0 statsfe2.ws.microsoft.com
0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
0.0.0.0 compatexchange.cloudapp.net
0.0.0.0 cs1.wpc.v0cdn.net
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 statsfe2.update.microsoft.com.akadns.net
0.0.0.0 diagnostics.support.microsoft.com
0.0.0.0 corp.sts.microsoft.com
0.0.0.0 statsfe1.ws.microsoft.com
0.0.0.0 pre.footprintpredict.com
0.0.0.0 i1.services.social.microsoft.com
0.0.0.0 i1.services.social.microsoft.com.nsatc.net
0.0.0.0 bingads.microsoft.com
0.0.0.0 www.bingads.microsoft.com

For those who knows the Local Group Policy Editor and the Registry, here's two pictures that sums up all the privacy, telemetry and data collection settings in the GPO and Registry that you can disable if you wish. Those who are highlighted are the ones that brings the more controversy.



Next is a PowerShell script that was posted on /g/ that claims to "debloat" Windows 10 and patch the privacy settings as well. I haven't tested it yet so use it at your own risks. For those who can read PowerShell, you can revise the script and see if there's stuff you want to take care of manually.

http://pastebin.com/rkJ8Xcvx

I'll try to keep this thread (the first post) as updated as possible, and possible format it in the future if you guys find it a bit messed up. This is not a thread to debate about Windows 10's EULA and Microsoft Privacy policies, use NickAu's thread for that. This thread is used to share tips, tricks, advices and programs that can be used to boost the privacy of your Windows 10 system. So you can post articles, programs, tutorials, guides, etc. here and when I can, I'll add them all in the first post.

Thank you.

Edited by Aura, 16 August 2015 - 04:20 PM.

Wow. A wealth of information. Thanks for the links and info Aura. 

So, wont the  Microsoft Bots somehow detect that you disabled all those programs?

And just turn them all on again?

Well.....that remains to be seen. Entirely possible...given their attitude of late.....Intrusion.

 

They (msft) seem to think they have a God given right to know all and control all......

 

I've got news for them.

I have been going to a lot of the links people have been posting,and according to what I have been reading is, MS is becoming just like facebook.

Anything on facebook pics and all your information, becomes the property of Facebook

 

So anything you do,your files your pics,the websites you visit. All this becomes property of MS because you chose to upgrade to 10

 

You dont have to use Facebook, but you have to have an OS, Windows came with my PC,didnt have a choice.

 

I have disabled most of what you can disable, I use Firefox and have an alternate to windows player. So I think I will wait and see what and if MS does.

 

I did download DNS but I think I will wait a while before installing it

So, wont the Microsoft Bots somehow detect that you disabled all those programs?
And just turn them all on again?

There's no such thing as Microsoft "bots". However, I expect some of these settings to be turned back on eventually by some Windows Update that might require them, since these usually reset the settings and services to their default values, so you might have to watch out for that.

They (msft) seem to think they have a God given right to know all and control all......

You don't have to use Windows, or any other Microsoft products you know.

You dont have to use Facebook, but you have to have an OS, Windows came with my PC,didnt have a choice.

Like I said, you don't have to use Windows. You can easily wipe your drive and install any other Linux distro for example on it.

Let's keep this thread on the subject: tips, tricks, advices and tools on how to enhance your privacy on Windows 10. Discussion about privacy and "security" issues can go in Nick's thread that I linked.

Windows 10 Privacy Fixer seems to be the only one that check if something has already been changed.

It looks like there's other tools that exists then:

http://www.ghacks.net/2015/08/14/comparison-of-windows-10-privacy-tools/

Disable Win Tracking, Windows 10 Privacy and S..., Windows 10 Privacy Fixer, W10 Privacy.

Safer Networking, the developpers of SpyBot Search & Destroy developped a little utility called "Spybot Anti-Beacon for Windows 10", that can be used to disable the following features (it's all or nothing, you cannot select them individually):

• Telemetry Hosts
• Telemetry Services
• Consumer Experience Improvements Program
• Application Impact Telemetry
• Steps Recorder
• Wi-Fi Sense
• Apps using advertising ID
• P2P Windows Updates outside local network.

Spybot posted about this utility on their Facebook page and are hosting the download on Dropbox. The download link can be found in the article below on The Windows Club or in their post on Facebook.



Source: http://www.thewindowsclub.com/spybot-anti-beacon-for-windows-10

Simple and easy to use guide on GHack about Windows 10 and privacy. It shows the basic settings to disable and also what kind of account to create under Windows 10, what to allow, what not to allow, etc.

http://www.ghacks.net/2015/07/30/windows-10-and-privacy/

O&O Software released a little tool called O&O ShutUp10 which disables a lot of privacy and telemetry related settings under Windows 10.

http://www.oo-software.com/en/shutup10/update

It was first reported by the user Msradell in this thread.

The member fLOW. from MyDigitalLife forums also posted all the modifications made by the program, and a batch version of it that uses REG ADD for those who don't want to download it.

Batch version:

reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\CredUI" /v "DisablePasswordReveal" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppCompat" /v "DisableUAR" /t REG_DWORD /d "1" /f
reg add "HKLM\SYSTEM\ControlSet001\Services\DiagTrack" /v "Start" /t REG_DWORD /d "4" /f
reg add "HKLM\SYSTEM\ControlSet001\Services\dmwappushsvc" /v "Start" /t REG_DWORD /d "4" /f
reg add "HKLM\SYSTEM\ControlSet001\Control\WMI\AutoLogger\AutoLogger-Diagtrack-Listener" /v "Start" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\WcmSvc\wifinetworkmanager\features\S-1-5-21-3902212115-2543662138-3061636537-1001" /v "FeatureStates" /t REG_DWORD /d "828" /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\{A8804298-2D5F-42E3-9531-9C8C39EB29CE}" /v "Value" /t REG_SZ /d "Deny" /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\LooselyCoupled" /v "Value" /t REG_SZ /d "Deny" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\WMDRM" /v "DisableOnline" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d "1" /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\{C1D23ACC-752B-43E5-8448-8D0E519CD6D6}" /v "Value" /t REG_SZ /d "Deny" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\TabletPC" /v "PreventHandwritingDataSharing" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppCompat" /v "DisableInventory" /t REG_DWORD /d "1" /f
reg add "HKCU\SOFTWARE\Microsoft\Personalization\Settings" /v "AcceptedPrivacyPolicy" /t REG_DWORD /d "0" /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Language" /v "Enabled" /t REG_DWORD /d "0" /f
reg add "HKCU\SOFTWARE\Microsoft\InputPersonalization" /v "RestrictImplicitInkCollection" /t REG_DWORD /d "1" /f
reg add "HKCU\SOFTWARE\Microsoft\InputPersonalization" /v "RestrictImplicitTextCollection" /t REG_DWORD /d "1" /f
reg add "HKCU\SOFTWARE\Microsoft\InputPersonalization\TrainedDataStore" /v "HarvestContacts" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Personalization" /v "NoLockScreenCamera" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d "0" /f
reg add "HKCU\SOFTWARE\Microsoft\Input\TIPC" /v "Enabled" /t REG_DWORD /d "0" /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /v "Enabled" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /v "Enabled" /t REG_DWORD /d "0" /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\PushNotifications" /v "ToastEnabled" /t REG_DWORD /d "0" /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\{A8804298-2D5F-42E3-9531-9C8C39EB29CE}" /v "Value" /t REG_SZ /d "Deny" /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\{E5323777-F976-4f5b-9B55-B94699C46E44}" /v "Value" /t REG_SZ /d "Deny" /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\{BFA794E4-F964-4FDB-90F6-51056BFE4B44}" /v "Value" /t REG_SZ /d "Deny" /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\{2EEF81BE-33FA-4800-9670-1CD474972C3F}" /v "Value" /t REG_SZ /d "Deny" /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\{992AFA70-6F47-4148-B3E9-3003349C1548}" /v "Value" /t REG_SZ /d "Deny" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Biometrics" /v "Enabled" /t REG_DWORD /d "0" /f
reg add "HKCU\Control Panel\International\User Profile" /v "HttpAcceptLanguageOptOut" /t REG_DWORD /d "1" /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableLocation" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableSensors" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /v "AllowTelemetry" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection" /v "AllowTelemetry" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppCompat" /v "AITEnable" /t REG_DWORD /d "0" /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization" /v "SystemSettingsDownloadMode" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config" /v "DODownloadMode" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /v "DODownloadMode" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v "DeferUpgrade" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\DriverSearching" /v "SearchOrderConfig" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services\7971f918-a847-4430-9279-4a52d1efe18d" /v "RegisteredWithAU" /t REG_DWORD /d "0" /f
reg add "HKCU\SOFTWARE\Microsoft\Siuf\Rules" /v "NumberOfSIUFInPeriod" /t REG_DWORD /d "0" /f
reg add "HKCU\SOFTWARE\Microsoft\Siuf\Rules" /v "NumberOfSIUFInPeriod" /t REG_DWORD /d "0" /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "BingSearchEnabled" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\OneDrive" /v "DisableFileSyncNGSC" /t REG_DWORD /d "1" /f

Edited by Aura, 21 August 2015 - 07:09 AM.

Here's another article just in, to add to the list, broader in scope, taking into account being online in general.

I would have put this in the Windows spying thread,but its locked

 

So, I disabled all my privacy setting like all the youtube videos and some links people have been posting.

Today,I was looking at my taskmanager and noticed that Cortana was listed. Not only was it listed, but it looks like its active

 

I Never activated a Microsoft account or Cortana. How can it be running if I never activated it?

I think it would be a good idea to REOPEN the

Ahh, so that's how multiquote works.  I quote one and then before posting, quote another.  Clever.

 

 

I think it would be a good idea to REOPEN the

 

Seems like boopme closed it because one person in there was seeking help for illegal torrents.  That was the person's first post, page prior to boopme's closing.

 

I would have put this in the Windows spying thread,but its locked

 

So, I disabled all my privacy setting like all the youtube videos and some links people have been posting.

Today,I was looking at my taskmanager and noticed that Cortana was listed. Not only was it listed, but it looks like its active

 

I Never activated a Microsoft account or Cortana. How can it be running if I never activated it?

 

You can't cut off or close Cortana, really.  You can only (allegedly) block off some of the data collected.  Cortana cannot be uninstalled, either.  Neither can Bing, which is used even for local searches.  So even for your local searches, that information is phoned home.