Windows Guide

Just noticed the Group policy section of the guide uses the Windows 11 names, on Windows 10 some of the names are different (ex “Allow Telemetry” instead of “Allow Diagnostic Data”). Also, Desktop Analytics seems like an enterprise feature not enabled by default so I’m not sure if there’s any point in touching settings related to it.

btw whats the best UX for setting group policy objects?

wdym best UX? i don’t see any reason not to just use the default editor

Windows 10 is about to go EOL next year so time to upgrade.

I want to stay with Win10 Pro as long as I can but eventually we’ll all be forced to upgrade October 2025.

Are there any new security/user privacy to Win11 Pro compared to Win10 Pro?

There seems to be some confusion on when Win10 support ends so here’s an official Microsoft statement:

It mostly mandates a bunch of stuff that used to be optional: Secure boot, TPM 2.0, etc. If you were already using them, no significant improvement then.

The software side changes are also not that exceptional for a non-commercial user: More virtualization, more code fuzzing, etc.

It’s more of a “bring everyone to a new security baseline” update than a “improve the top end of security” update. But do remember to update once MS drops support for your version of OS.

(As good a time as any to “upgrade” to Linux too, if that suits your workflow and security needs)

2 Likes

You can with Windows 10 IoT Enterprise LTSC till 2032. Don’t ask me how. Please search the web.

2 Likes

My only gripe with this is the iso, i dont know where it came from even though i can verify the hash. So :person_shrugging:

There’s this tool to check it
https://www.majorgeeks.com/files/details/windows_and_office_genuine_iso_verifier.html

And why would you trust that tool? Better to verify the hash against multiple databases instead of running random code on your own device. It is also possible to verify the hash directly from Microsoft

1 Like

It came from Microsoft, specifically MVS, but it can also be downloaded from VLSC if you have a license for that.

1 Like

I might dm you if your ok with that. Just give me some time to gather my thoughts/resources. Tx

Is the former overviews not accessible anymore? I remember setting up my windows enterprise multiple times using the guide on PG site but can’t find it anymore. Instead there’s this unfinished one and github where I can’t find simple step by step tutorial. What do I do now then?

1 Like

It is now on the main website Windows Overview - Privacy Guides

1 Like

Yeah all those coming soon topics were covered in overview, so can’t I access it anymore?

They are not here Group Policy Settings - Privacy Guides ?

This is but a fraction of what it used to be

I believe this is what you are talking about:

Update: by enabling “advanced mode” in UBlockOrigin I was able to ditch NoScript!

I use UBO purely now, it is great

2 Likes

Source? Process isolation with nested filesystem userns sandboxes works in podman containers.

With gVisor you can harden apps even more by reducing the attack surface they are exposed to