-
-
Notifications
You must be signed in to change notification settings - Fork 210
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
update!: Windows guide #1659
base: main
Are you sure you want to change the base?
update!: Windows guide #1659
Conversation
🎊 PR Preview 6865c06 has been successfully built and deployed to https://privacyguides-privacyguides-org-preview-pr-1659.surge.sh 🕐 Build time: 74.102s 🤖 By surge-preview |
b5ff399
to
b9612de
Compare
✅ Deploy Preview for privacyguides ready!
To edit notification comments on pull requests, go to your Netlify site settings. |
Please don't ping a bunch of contributors or leave multiple consecutive comments on this PR. This guide is a work in progress. |
Okay, Jonah. But in my Opinion I have finished what I could do.So, Merging is totally upto you. I could add stuff if wanted. |
This pull request has been mentioned on Privacy Guides. There might be relevant details there: |
This pull request has been mentioned on Privacy Guides. There might be relevant details there: https://discuss.privacyguides.net/t/recommending-apple-products/10815/9 |
This pull request has been mentioned on Privacy Guides. There might be relevant details there: |
I am at some point going to have another look at this, we should incorporate https://github.com/privacyguides/privacyguides.org/pull/1979/files into it as an tip. |
This discussion https://github.com/privacyguides/privacyguides.org/discussions/1281 brought up that we should remind users to update their systems. We should probably have some mention about BIOS updates too, https://github.com/privacyguides/privacyguides.org/discussions/1280 as not all systems this comes through Windows Update. Of course there will only be only general instructions as different vendors use different update tools on Windows. |
67e4d9a
to
2150385
Compare
I pushed to it, before, but haven't made any changes, it will require some time to go over. I haven't read it in detail |
Since #2591 added a dedicated page for Group Policies, I suggest moving the GP instructions in "Security policies for Bitlocker" to the aforementioned page, and adding an internal link to the BitLocker section of the GP page in its place. Other group policy recommendations introduced in this PR can also be moved to the dedicated GP page. |
That's exactly what I had in mind in regard to #2437 (comment). I haven't yet gone over this PR and read it, in entirety just getting the structure right of what should be where as it is huge. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I haven't used Windows for quite a while now so, for this PR, I can offer suggestions only regarding grammar, formatting, and consistency with other parts of the Privacy Guides site.
Aside from my earlier suggestion about consolidating Group Policy recommendations, other parts of the PR caught my eye, which I commented on below.
|
||
## Security Improvements | ||
|
||
- Use [PeaZip](https://peazip.github.io/) archiver instead of 7-zip as it disables [Mark of the Web(MoW)](https://nolongerset.com/mark-of-the-web-details/) [support by default](https://github.com/nmantani/archiver-MOTW-support-comparison#*2) leading to execution of malicious instantly after extracting. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think that this guide (which will be housed in the Knowledge Base) should include tool recommendations that are not native to the OS.
Besides, the linked resource about Mark of the Web mentions that the unzipping tool built in to Windows preserves the MOTW.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Well, At then time, 7Zip or Windows didn't preserve MoTW. I don't remember quite well.
|
||
- Use [PeaZip](https://peazip.github.io/) archiver instead of 7-zip as it disables [Mark of the Web(MoW)](https://nolongerset.com/mark-of-the-web-details/) [support by default](https://github.com/nmantani/archiver-MOTW-support-comparison#*2) leading to execution of malicious instantly after extracting. | ||
|
||
- Using MS edge or brave over Firefox. Edge is recommended with MDAG mode for secure browsing if security is your priority. Brave is recommeded if content blocking is important for you (Brave shields) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's already a page for desktop browser recommendations on the site.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You are right. Will remove it since MDAG is gonna be killed by microsoft afaik.
|
||
## Apps | ||
|
||
- Avoid any types of Cleaning software at all cost. As Microsoft is working on its own implementation specfically designed for windows. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Including a brief explanation of why people using Windows should avoid cleaning software would be useful here.
Also, is the native implementation of cleaning software you're referring to called "Microsoft PC Manager"? From these forum posts, it looks like Windows users have to download it from the Microsoft Store themselves and the software isn't available in all geographical regions.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, It is.
3a72223
to
885f067
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A lot of the information from this page was adapted to the current Windows Overview in #2591.
Unless someone has specific suggestions on information in this drafted page that should be added to the current Windows Overview on the site, I think this page should be removed to reduce the size of this PR and make it easier for reviewers to go over the PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I haven't looked at this PR in detail, but it should be possible to create several PRs for those various sections from this one.
We can always give @IkelAtomig credit for the ones which were heavily based on this one, perhaps splitting them up would make it more workable?
Ah, Should I do anything because I kind of orphaned this PR. I would be glad if some parts of it are made into the site and my name is in the footer. That's it. |
don't close it. The other one will do that when it is merged, and yes you're on it as co-author, so you'd get the same credit in your git activity. |
I want it to be on the privacyguides site. Greedy me. |
@IkelAtomig on second thoughts, I think it might be better if we split this off onto three PRs, one for each page (sandboxing, privacy, hardening), as long as you're the author, of each it will show your name at the bottom of the page. We need to then just check whether |
Alright, just say what to do when you are ready. |
|
||
## Choosing your Windows edition | ||
|
||
While using Windows, it is better to select either Windows **Enterprise** Edition or **Education** Edition because it gives more control over the system for hardening it for privacy and security by giving access to stops the OS from sending any Telemetry data using GP Editor. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I miss the recommendation to use windows N. This should really be the go to as it comes with less bloatware.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is that the government specific editoin ?
Any team member could you please look on the changes proposed and edit my Pull request as needed. I am really busy to work on it.
4 Jan 2025, by ***@***.***:
…
@ph00lt0> requested changes on this pull request.
In > docs/os/windows/windows-overview.md <#1659 (comment)>> :
> ++</div>++At launch, telemetry could not be disabled in non-enterprise editions of Windows 10. Only after [criticism](https://www.theverge.com/2016/7/21/12246266/france-microsoft-privacy-windows-10-cnil) from the France data protection commission, the [Electronic Frontier Foundation](https://www.eff.org/deeplinks/2016/08/windows-10-microsoft-blatantly-disregards-user-choice-and-privacy-deep-dive) and the [European Union](https://www.reuters.com/article/us-microsoft-dataprotection-eu-idUSKBN15Z1UI), Microsoft changed the way they collect telemetry, allowing users to choose between "Basic" (now renamed as `Required`) and "Full", with "Basic" mode collecting [much less telemetry](https://www.extremetech.com/computing/243079-upcoming-windows-update-reduces-spying-microsoft-still-mum-data-collects). Along with that, Microsoft collects a [lot more data from Windows 10](https://web.archive.org/web/20210711143017/https://privacytools.io/operating-systems/#win10).++With the launch of Windows 11, a lot of [other](https://www.windowscentral.com/one-thing-microsoft-didnt-discuss-windows-11-privacy) [concerns](https://www.pcworld.com/article/539183/windows-11-review-an-unnecessary-replacement-for-windows-10.html) were raised, such as:++- Integration of Microsoft Teams into the OS, which would encourage users to switch to the service, allowing Microsoft to collect even more data.+- Removing the ability to have local accounts in Windows 11 Home, therefore forcing you to log into a Microsoft account so as to collect more data.+- Having all data collection options on by default+- Working with Amazon to bring Android apps to Windows through the Windows Subsystem for Android, likely allowing both Microsoft and Amazon to collect data about Android app usage on Windows.+- Using users in a P2P way to distribute Windows updates to reduce load in Microsoft's servers without users' consent.++## Choosing your Windows edition++While using Windows, it is better to select either Windows **Enterprise** Edition or **Education** Edition because it gives more control over the system for hardening it for privacy and security by giving access to stops the OS from sending any Telemetry data using GP Editor.
I miss the recommendation to use windows N. This should really be the go to as it comes with less bloatware.
—
Reply to this email directly, > view it on GitHub <#1659 (review)>> , or > unsubscribe <https://github.com/notifications/unsubscribe-auth/AYJXNKGQH7IJ7U54F45UZYD2I7SP7AVCNFSM57A3J3C2U5DIOJSWCZC7NNSXTPCQOVWGYUTFOF2WK43UKJSXM2LFO45TENJTGA3TINRWHEZA>> .
You are receiving this because you were mentioned.> Message ID: > <privacyguides/privacyguides> .> org/pull/1659/review/2530746692> @> github> .> com>
|
Signed-off-by: Jonah Aragon <[email protected]> Signed-off-by: Mare Polaris <[email protected]> Signed-off-by: fria <[email protected]>
Signed-off-by: Jonah Aragon <[email protected]> Signed-off-by: Mare Polaris <[email protected]> Signed-off-by: fria <[email protected]>
This is refresh commit made due to merge conflicts that came when trying to sync the fork
This is done with respect to comment by 128bitpotato - https://discuss.privacyguides.net/t/windows-guide/250/81
Co-authored-by: noClaps <[email protected]>
Co-authored-by: noClaps <[email protected]> Co-authored-by: Pa1NarK <[email protected]>
Closes: #1380
This is a successor to #1380 Pull request by me. Things that are there will follow here but in a paced manner with concise information.
I have stated the reason in the old one for its closure.
If you are suggesting big Changes, make a PR other than that do Code reviews.
Do not comment about your suggestions in this PR as I want it clean and don't want it confusing either for me or to the contributors. So, Suggest them in Issue #166. I am following it.
There will be no ETA for this. I will work on this in my Free time and try finish ASAP.