In light of the attached article, is it game over for eliminating leaks from your Windows 10 system?
I've heard that microphone capture, screenshots of your display, and snapshots of your file system continue to be collected by Microsoft even if their telemetry addresses are present in your hosts file.
I already knew that they reset your placebo privacy settings after every Windows Update, but I didn't know that telemetry just straight up ignored your hosts file until now. Are there any means of overriding this behavior?
I use a VPN. Ironically this just gets my data to Microsoft easier.
Jaxson King
That was the case even on release but Win10 shills kept saying xyz script blocks them.
Cameron Morgan
>Telemetry ignores your hosts file Well yeah you stupid mong, it typically goes by IP addresses hardcoded in Windows.
Gabriel Campbell
They knew it wouldn't work. Almost like the usa saying xyz encryption is safe but they can crack it.
Justin Rodriguez
Don't mess with group policy if you don't know what you are doing. It's possible to completely kill telemetry but takes some work.
Robert Gomez
Is this possible? Any links to guide would be appreciated.
Leo Carter
this is the only way you can use W10 without telemetry.
Note that MS has some large IP ranges and I believe that they're shared with windows update, so you essentially have to go without updates and blackhole all of MS at the router. Expect various things to break if they can't talk to the mothership. You might have better results telling your router to drop the packets silently instead of explicitly rejecting the connections, the spying components are likely to deal better if they think that there's some internet congestion or temporary outage, rather than realizing they're being blocked.
Colton Gray
Telemetry uses IP addresses, the hosts file is ignored for them anyway lel
>I do use linux bitchass. The ubuntu subsystem does not count
Gavin Jenkins
If you are too stupid to figure that out on your own you aren't doing anything worthwile with Adobe anyway.
Benjamin Jenkins
Nope, even with group policy Win 10 will sometimes say "fuck you, I do what I want"
Grayson Myers
Hosts file works fine for me desu, point the telemetry domains to 127.0.0.1, host a HTTP server and watch them roll in Alternatively point them to 0.0.0.0, install fiddler and watch all those failing requests go through it Not sure where the "ignores hosts file" boogeyman came from
Carter Barnes
Thanks for the advice tripfag
Ethan Hill
Then virtualize windows, retard.
Yes. Firewall that shit. You dont have to let unauthorized outbound connections happen, faggot.
Easton Green
Can confirm that it's possible to disable telemetry.
Decided it's not worth fucking around and just disabled everything windows that connects to the internet automatically. No unsolicited outgoing connections since (as reported by router).
And when I feel like updating (once every 1-3 months) I just temporarily enable outgoing connections,while keeping a keen watch nothing suspicious happens meanwhile, update and redo the block. Of course it doesn't suck any less that such gymnastics are necessary to get something that's a constitutional right, but it *does* work, and I'm willing to put in the tiny bit of effort it requires if it means privacy.
Gabriel Evans
>And when I feel like updating (once every 1-3 months) I just temporarily enable outgoing connections
>yfw its been archiving all of its reports and during this brief window it sends them all in bulk
Alexander Myers
>keeping a keen watch nothing suspicious happens meanwhile Unless they mastered compression to the point where they can condense months' worth of telemetry into the size of an update check message, I'm good.
Henry Martin
Why is anyone even using this shit OS?
>adobe creative suite Virtualize Windows and block all Internet access to the VM, or use a fucking Mac.
Christian Stewart
>Virtualize Windows That doesn't work for applications that actually require significant performance. >or use a fucking Mac. So send the data to Cupertino instead of Redmond?
Grayson Lee
Yes, let's run bloated af Adobe software in a vm. That'll work great.
You'd have to go with a WSUS system to collect updates which would then provide those updates to virtually air-gapped systems. The double-paranoid would distribute the update files directly to the systems rather than use Windows Update to access the WSUS server (a setting via GPO).
Adrian Gonzalez
you know the phrase, 'if you have to ask?'
that applied to this question
Isaiah Green
how would that help at all? it just makes adguard resolve your telemetry rather than opendns or google?
Colton Lewis
wincucks BTFO
Thomas Robinson
>the spying components You mean telemetry right? The same thing that the browser you posted from has and uses probably much more intensively.
Brody Campbell
// 0330a: disable telemetry // gecko.readthedocs.org/en/latest/toolkit/components/telemetry/telemetry/preferences.html // the pref (.unified) affects the behaviour of the pref (.enabled) // IF unified=false then .enabled controls the telemetry module // IF unified=true then .enabled ONLY controls whether to record extended data // so make sure to have both set as false user_pref("toolkit.telemetry.unified", false); user_pref("toolkit.telemetry.enabled", false); // 0330b: set unifiedIsOptIn to make sure telemetry respects OptIn choice and that telemetry // is enabled ONLY for people that opted into it, even if unified Telemetry is enabled user_pref("toolkit.telemetry.unifiedIsOptIn", true); // (hidden pref) // 0331: remove url of server telemetry pings are sent to user_pref("toolkit.telemetry.server", ""); // 0332: disable archiving pings locally - irrelevant if toolkit.telemetry.unified is false user_pref("toolkit.telemetry.archive.enabled", false); // 0333a: disable health report user_pref("datareporting.healthreport.uploadEnabled", false); user_pref("datareporting.healthreport.documentServerURI", ""); // (hidden pref) user_pref("datareporting.healthreport.service.enabled", false); // (hidden pref) // 0333b: disable about:healthreport page (which connects to Mozilla for locale/css+js+json) // If you have disabled health reports, then this about page is useless - disable it // If you want to see what health data is present, then these must be set at default user_pref("datareporting.healthreport.about.reportUrl", "data:text/plain,"); // 0334a: disable new data submission, master kill switch (FF41+) // If disabled, no policy is shown or upload takes place, ever // bugzilla.mozilla.org/show_bug.cgi?id=1195552 user_pref("datareporting.policy.dataSubmissionEnabled", false);
come on, user
Levi Powell
Doesn't that break windows?
Cameron Reyes
We're talking about Windows.
Aiden Thompson
I game in a vm. If hl2 can run at 300 fps then your photofag software will manage just fine.
Cameron Hall
Nigger, Windows hosts ALWAYS ignored entries for any microsoft servers for security reasons long before Windows 10. If you want to block microsoft servers from your network, you use a dedicated firewall on the edge of your network. But even then, good luck with playing whack-a-mole with telemetry server addresses on your ACL. It is more work than it is worth for an entire OS.
Kevin Morgan
firewall your VPN at the other end
Isaac Thompson
install gentoo....
Juan Powell
>I need Windows for Adobe Creative Suite. Then just use it for adobe then. I'd try running win10 in a vm. Shared folders change your workflow.
>I'm starting to think its game over.
Stop being a pussy. In the words of Churchhill, never never never never ever give up. If you're going through hell, keep moving.
In order to prevail you have to think outside of the mindset that a single product is going to solve everything or that the solution is intentionally created. Buy, borrow and steal from different ideologies and whatever and you'll arrive at a solution.
Jose Martinez
PiHole plus a good UTM will help keep stuff from getting out that shouldn't.
Mason Ortiz
>I've heard that microphone capture, screenshots of your display Source?
Ian Perry
You can just block outbound connections by configuring your firewall in the router (remember you might need 2 rules: one for IPv4 and another for IPv6), if you want to have FQDNs blocked instead of IPs, you might need to also run a small DNS server locally like BIND as most firewalls will not block connections based on FQDNs.
Lucas Williams
Thanks!
Justin Bailey
I still would recommend to use LTSB. At least on LTSB it dont come with edge, cortana and windows app store and bundled apps are not present.
Kevin Powell
There is a backdoor in your processor that gives intel or amd complete control of your computer regardless of the OS. The only way to be free you need to go full freetard and browse the internet with ancient hardware, libreboot and tails or some shit. Escaping the MS botnet changes nothing.
Ayden Reed
Photoshop is not the only Adobe program.
Jayden Hall
>use enterprise system in work place >what better way to manage all those computers than with group policy? >microsoft: don't use the software we gave you to use for managing groups of computers under one policy
Jace Jackson
irrelevant.
Nathaniel Robinson
What source? I'm looking for an untouched ISO if at all possible.
Nolan Roberts
Do it on your gateway dumbass that way it works for all your machines.
Thomas Gonzalez
wrong
Isaac Fisher
Show proof using wireshark
Luis Bailey
mdl
Eli Gutierrez
Variosu reports shortly before Windows 10 launch
Christian Ross
no, you are thinking of the level 3 telemetry which can simply be turned off.
Zachary Russell
>this telemetry shit evolves over time
Mason Price
>Of course it doesn't suck any less that such gymnastics are necessary to get something that's a constitutional right,
There's nothing in the Constitution that prohibits Microsoft from offering you a contract that includes telemetry. A contract that you agree to by using their software.
Instead of moaning about nonexistent Constitutional rights, install an operating system that respects your privacy.
Jack Jones
yeah people dont understand that they willingly agreed to EULA, you cant even install this shit OS if you dont agree on telemetry bullcrap, they covered their asses very well in that regard
Caleb Young
>mdl ??
Adrian Hernandez
MyDigitalLife
Jackson Sullivan
thank you! ^_^
Ethan Rogers
Yeah, they covered their asses with 20k pages. You could block a hail of bullets with that thing.
Asher Rodriguez
You just need a hardware firewall, like the good old days.
Tyler Walker
I simply dont care. problem solved
Jeremiah Barnes
yes
if your router cant do simple firewall rules dropping the traffic to ip addresses you want it is a retarded device and you should get rid of it and get a better one, anything worth using should have basic functionality
Jeremiah King
You know, if everyone stopped complaining that they can't leave Winblows because of this shit, Adobe would have a fire under its ass to get that shit ported. Spineless assholes only complain.
Tyler Morris
>That doesn't work for applications that actually require significant performance. Native performance in VMs through x86 extensions has been a thing for like ten years you nigger.
Ethan Roberts
u wot? Windows has been ignoring the host file for Windows domains since the Windows 10 launch, and probably before that
It was game over from the start
Adam Diaz
Funny, I thought that made you part of the problem.
Bentley Anderson
>people believe you can secure a compromised system from within the system a strict firewall running on separate hardware is the only way to make it work
the best solution is obviously to stop using an operating system that requires you to use a hardware firewall in the first place though
Christopher James
>Burnett deleted the new Paint 3D, a system app, which he is entirely entitled to do. He found the system restored it and added a firewall rule allowing it network access. Yes. Not even Paint is safe.
Adam Ross
Hardware firewall does nothing if you use a paid VPN service. There must be a different solution.
And no. You don't want to build your own personal VPN. That is fucking retarded. It's basically announcing to the world that all of your traffic is 100% authentic. It is the easiest way to de-anonymize yourself and eliminate any plausible deniability. Stop this harmful meme.
Unless you live in China.
Hunter Miller
>he doesn't have a personally hosted VPN to securely connect to his network from anywhere >he doesn't have a paid VPN at the router level to secure any outgoing traffic at will
Elijah Hill
If you care so much then why not just use Windows 7 or XP? What software are you running that REQUIRES Windows 10? Stop crying. Telemetry is a great tool for developers because it allows them to get more data from normies that would otherwise not give to the developer. If you're so concerned about muh privacy then maybe you should stop using Windows.
Jacob Bailey
What about OSO ShutUp 10 or whateverr it's called?
Cameron Campbell
>What software are you running that REQUIRES Windows 10 Need it for my Minecraft Windows 10 Edition.
Zachary Harris
>This is how normalfags think law works Now, nobody to my knowledge has taken Windows 10's spying bullshit to court yet, much less on a constitutional issue. But let's put that aside and talk about how EULAs work, and sometimes they don't.
An EULA is a contract that is "signed" by clicked a "Yes, I read this" box, which nobody has any reasonable expectation of actually having read. Note that most of civil law is based on the "reasonably expect" standard. Now, clicking the button is usually (in California, which is the usual jurisdiction for these cases because of it's incredibly crony-capitalist civil law system) pretty solid in court. Courts call these "clickwrap" contracts.
HOWEVER, many Microsoft Windows users will never click that button during an install because Windows comes preinstalled. This leaves the EULA more similar to what's called a "browsewrap", or as many courts have decided, "not actually a contract". Essentially a "broweswrap" is identifiable by a blurb somewhere that reads "by using this software/website/store, you consent to XYZ..." Courts throw these out all the time. They are almost never actually binding contracts.
Finally, two issues that cause problems for EULA owners. First, certain rights cannot be signed away. A EULA that states you cannot speak poorly of the product would be thrown out under first amendment concerns. Obviously a EULA cannot literally enslave you, for a more blunt and obvious example.
The second issue is that America isn't the world, and Europe is a thing. In much of Europe EULAs are toilet paper with the enforceability of a "no girls allowed" sign.
This has been your friendly PSA from "actually read a bit"
Luke Ross
>OSO O&O*
Austin Bailey
Dont spout shit you know nothing about. I run games and some other programs (autocad, android studio) with 99% performance of bare metal. Kvm qemu, vt-d, vga passthrough.
Josiah Nguyen
>I've heard that microphone capture, screenshots of your display, and snapshots of your file system
Heard where?
Matthew Russell
Air gap it. Faraday cage it. Sound isolate it. Power buffer it. It's the only way to be sure.
Sebastian Foster
How doesn't ubuntu not count? Ubuntu gives you most functionality.
Inb4 Linux without GUI and only terminal is the only Linux Inb4 systemd meme
He said ubuntu subsystem(as in, the thing MS added to windows), not Ubuntu(the distro).
Nicholas Watson
because not every router has that option
Christopher Wilson
what kind of shit router do you have
AT&T Certified crap`?
Wyatt Baker
tp-link tl-wr741nd
David Russell
They have oem windows versions where you still need to click I accept the first time you boot. I have seen it on a desktop I got from work and a laptop I bought, so I assume it is common practice now.
Did you know that you are not allowed to make more than 1 copy of your entire hard drive or use it in a VM?
Anthony Russell
toiletpaper link sucks anyway
tried custom firmware?
John Gomez
openwrt has multiple bugs like wifi not working, ddwrt doesn't support it at all and i don't have the money for a better one
William Rogers
well that sucks
im on an asus rt-56n, least i have padawans firmware to keep it "up to date"
Ryder Green
its fucked
John Walker
You're one of the most cancerous faggots on here, why you so salty and obnoxious, friend?
Blake Fisher
Autocad's requirements are nothing. The program exists only for legacy users who've been on it for 20 years. Inventor and Fusion 360 replace it.
Try rendering some 4K video with heavy compositing from After Effects and tell me how it goes compared to a bare metal install. VGA passthrough still requires a spare video card and remains buggy.
Jeremiah Wilson
HL2 is 13 years old. You can run it on a calculator.