We all have to install Windows 10, admit it. Even those, who also use MacOS, like me :).
And I even like the interface (why Windows 95 did not look like that?)…
However, you better realize what new privacy policy means in Windows 10.
You can read about it briefly here:
http://www.newsweek.com/windows-10-recording-users-every-move-358952
…and in more detail, here:
https://edri.org/microsofts-new-small-print-how-your-personal-data-abused/
And you want to see the collection of most spectacular clauses, here they are for you, with bold highlight from me:
«The company saves customers’ basic information—name, contact details, passwords, demographic data and credit card specifics —but it also digs a bit deeper.»
«Other information Microsoft saves includes Bing search queries and conversations with the new digital personal assistant Cortana; contents of private communications such as email; websites and apps visited (including features accessed and length of time used); and contents of private folders. Furthermore, “your typed and handwritten words are collected,”»
«Summing up these 45 pages, one can say that Microsoft basically grants itself very broad rights to collect everything you do, say and write with and on your devices in order to sell more targeted advertising or to sell your data to third parties. The company appears to be granting itself the right to share your data either with your consent “or as necessary”.»
«By default, when signing into Windows with a Microsoft account, Windows syncs some of your settings and data with Microsoft servers, for example “web browser history, favorites, and websites you have open” as well as “saved app, website, mobile hotspot, and Wi-Fi network names and passwords”.»
«Windows generates a unique advertising ID for each user on a device. This advertising ID can be used by third parties, such as app developers and advertising networks for profiling purposes.»
«Microsoft’s updated terms also state that they collect basic information “from you and your devices, including for example “app use data for apps that run on Windows” and “data about the networks you connect to.”»
«“To enable Cortana to provide personalized experiences and relevant suggestions, Microsoft collects and uses various types of data, such as your device location, data from your calendar, the apps you use, data from your emails and text messages, who you call, your contacts and how often you interact with them on your device.»
«“we collect your voice input, as well your name and nickname, your recent calendar events and the names of the people in your appointments, and information about your contacts including names and nicknames.”»
«“We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to”, for example, “protect their customers” or “enforce the terms governing the use of the services”.»
Of course, we all know and understand that various government agencies will get access to everything that you keep online or in the cloud if they want to. However, it’s one thing to know that you have nothing to hide from secret services, and another – to realize that commercial company is openly warning you that it will access your email and all your data if it wants to – “if necessary”.
So how can we minimize this risk?
Here’s installation cheat sheet for those who does not want their personal data to be accessible by Microsoft on their computer:
- Use Mac or Linux.
- If you still need to use Windows 10, then consider these precautionary actions:
A. Do not use automatic installation. Use Custom installation and turn off ALL check boxes on privacy screen.
B. Do not use Microsoft Account – use local, or (better) corporate account.
After installation:
C. Start / Settings / Privacy:
(a) General: everything OFF
(b) Location: depending on the device – on your main desktop PC, turn OFF
(c) Camera, Microphone – you can leave ON
(d) Account info: depending on the device – on your main desktop PC, turn OFF
(e) Contacts: Windows Shell Experience: OFF
(f) Messaging: OFF
(g) Radios: OFF
(h) Other devices: OF
(i) Feedback and Diagnostics: Never, Basic
(j) Background apps: OFF for Get Office, Microsoft Edge, Xbox
D. Start / Settings / Windows Update / Advanced options
Choose how updates are installed: Notify to schedule restart
Review other parameters
E. Do not use and even activate Cortana.
F. Search / About your PC – rename your computer.
For really paranoid privacy conscious and advanced users:
G. Start / Command prompt (Admin):
(yes, now you are able to delete services from Windows command line)
(a) sc delete diagtrack
(b) sc delete dmwappushservice
H. Now we need to configure Group policies.
1. Start / Command Prompt (Admin)
2. In Admin command prompt enter: gpedit.msc – this will run Local Group Policy Editor.
3. In the Editor: Computer Configuration / Administrative Templates / Windows Components / Data collection and preview builds:
Allow Telemetry = Disabled
I. Now we need to modify the HOSTS file:
(a) Right click Start / Command Prompt (Admin)
(b) In command line: C:\WINDOWS\system32> cd drivers\etc
(c) In command line: C:\WINDOWS\system32\drivers\etc> notepad hosts
(d) add the following hosts:
127.0.0.1 localhost
127.0.0.1 localhost.localdomain
255.255.255.255 broadcasthost
::1 localhost
127.0.0.1 local
127.0.0.1 vortex.data.microsoft.com
127.0.0.1 vortex-win.data.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com.nsatc.net
127.0.0.1 oca.telemetry.microsoft.com
127.0.0.1 oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 sqm.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net
127.0.0.1 watson.telemetry.microsoft.com
127.0.0.1 watson.telemetry.microsoft.com.nsatc.net
127.0.0.1 redir.metaservices.microsoft.com
127.0.0.1 choice.microsoft.com
127.0.0.1 choice.microsoft.com.nsatc.net
127.0.0.1 df.telemetry.microsoft.com
127.0.0.1 reports.wes.df.telemetry.microsoft.com
127.0.0.1 wes.df.telemetry.microsoft.com
127.0.0.1 services.wes.df.telemetry.microsoft.com
127.0.0.1 sqm.df.telemetry.microsoft.com
127.0.0.1 telemetry.microsoft.com
127.0.0.1 watson.ppe.telemetry.microsoft.com
127.0.0.1 telemetry.appex.bing.net
127.0.0.1 telemetry.urs.microsoft.com
127.0.0.1 telemetry.appex.bing.net:443
127.0.0.1 settings-sandbox.data.microsoft.com
127.0.0.1 vortex-sandbox.data.microsoft.com
127.0.0.1 survey.watson.microsoft.com
127.0.0.1 watson.live.com
127.0.0.1 watson.microsoft.com
127.0.0.1 statsfe2.ws.microsoft.com
127.0.0.1 corpext.msitadfs.glbdns2.microsoft.com
127.0.0.1 compatexchange.cloudapp.net
127.0.0.1 cs1.wpc.v0cdn.net
127.0.0.1 a-0001.a-msedge.net
127.0.0.1 statsfe2.update.microsoft.com.akadns.net
127.0.0.1 sls.update.microsoft.com.akadns.net
127.0.0.1 fe2.update.microsoft.com.akadns.net
127.0.0.1 65.55.108.23
127.0.0.1 65.39.117.230
127.0.0.1 23.218.212.69
127.0.0.1 134.170.30.202
127.0.0.1 137.116.81.24
127.0.0.1 diagnostics.support.microsoft.com
127.0.0.1 corp.sts.microsoft.com
127.0.0.1 statsfe1.ws.microsoft.com
127.0.0.1 pre.footprintpredict.com
127.0.0.1 204.79.197.200
127.0.0.1 23.218.212.69
127.0.0.1 i1.services.social.microsoft.com
127.0.0.1 i1.services.social.microsoft.com.nsatc.net
127.0.0.1 feedback.windows.com
127.0.0.1 feedback.microsoft-hohm.com
127.0.0.1 feedback.search.microsoft.com
J. More fine-tuning:
(a) Do NOT use Edge – use Chrome, Firefox
(b) Do not use WMP – use MPC, VLC
(c) Do not use Groove Music – use Foobar2000, AIMP3, winamp,
(d) …Do not use other Windows 10 native apps – use verified third party apps which a re guaranteed not to share your personal information and data.
Now you can be more confident that no one is watching you…
DISCLAIMER: all the recommendations above is my own private opinion, which may change at any time without notice; I do not accept responsibility for errors, problems or mishaps of anyone following the information above; you are at your own risk.