Windows Guide

Ape221 · April 13, 2025, 3:23am

I have a desktop PC. If i install Windows 11 on a second SSD on the same PC, the first ssd being linux. Is that safe to do?

HauntSanctuary · April 13, 2025, 3:27am

Yes for the most part. Its kind of annoying to swap SSDs though if you intend to daily drive it. You are still vulnerable to UEFI level malware but those are rare.

asanyan · April 13, 2025, 2:05pm

Just use chris titus’s winutil and/or privacy.sexy. No point in doing all that manual work with group policy/registry when people have already done it for you

anonymous261 · April 13, 2025, 2:57pm

As I recall (no, not that way), GrapheneOS has stated they will be working on Windows VMs in GrapheneOS. If this feature gets implemented, it could complement the rumored Android Laptop and threaten to make Windows obselete.

HauntSanctuary · April 14, 2025, 12:54am

This has already happened. Check out how websites are designed these days.

Desktop has been overtaken by mobile long ago. There are far more people with phones than PCs these days.

Gaming is also more common on mobile these days. It doesn’t help that console has also become more mobile and are going to the direction of portability due to the success of Steam Deck.

Microsoftedgeuser · April 14, 2025, 9:12am

Imas long as you don’t use those services
https://raw.githubusercontent.com/hagezi/dns-blocklists/main/hosts/native.winoffice.txt

mika · April 14, 2025, 2:09pm

Windows is not obsolete and will not become obsolete in the foreseeable future. There are lots of mission-critical pieces of hardware and software for many different use cases that only run on Windows (or Windows and Mac).

As far as I know there is no 100% compatible and reliable way to run Windows software in Linux. Maybe someday (performance penalties also need to be reduced).

Therefore there is still a need for Windows recommendations.

KevPham · April 14, 2025, 5:30pm

We are currently working on a Windows guide that focuses mostly on harm reduction. As you can see here, it is incomplete as of today. Only the “Group Policy” section is compelete.

This is more of an internal discussion among the PG team, but I am always happy to personally contribute to the Windows section during my spare time. However, I am also working on a few other projects related to site development.

Edit: Is there a specific guide on Windows that you would prefer seeing first? Installation is the easiest to write IMO but I’m sure that you would probably prefer a more complete guide up-front lol

HauntSanctuary · April 15, 2025, 12:47am

It will never be complete as Windows like to thrash itself around after a Windows update (that happens every first tuesday of the month, btw) and reset your setting to whatever it wants to be. It also reinstalls your Candy Crush Cola just in case you changed your mind and like it now more. This happened because Windows have become so adversarial and so anti-user.

Me, I have given up. Windows is on permanent detention at home.

I have a laptop machine that runs Windows should I ever have a need for it (thankfully I dont). It is connected to the LAN port provided by the ISP and never touches the insides of the home network.

Ape221 · April 15, 2025, 2:00am

My family runs a small business with a few computers. We are too small to hire an IT firm so i have to configure the computers. I already have hardened them. What i personally i am looking for are tips to increase the security of the OS. I already know how to increase privacy as much as possible but not too much about the security.
I have also done some things for security but i am not an expert and do not know if i have missed something important.
The employees using those computers are opening files from email all day (invoices, offers, etc). So the threat model is opening malicious files.

win11.shading291 · April 15, 2025, 3:09am

Yep, it’s not great. Unfortunately, as long as businesses run on Windows, it won’t be going anywhere anytime soon.

My solution to that issue is that every couple of months, I run the privacy.sexy script that I configured to my needs after a Windows Update. It’s annoying, but it only takes 15 minutes (once you’ve done the first run).

If I can echo what I’ve read here, Windows is pretty secure combined with Windows Firewall. It’s really the privacy that is the issue.

sha123 · April 15, 2025, 9:52am

Apply Windows and MS Office security baselines. You might want to check for privacy invasive settings in these and adjust them. Let users only have access to non-admin accounts and encourage everyone to use Windows Hello for authentication. Block execution of untrusted software from user-writable locations with Applocker. All of these measures should require rather low maintenance, once adjusted to your needs. Update to a newer version of the baselines every now and then. You might also want to block unsigned script execution. If you want extra safety, have a look into WDAC, but this is definitely more effort to maintain.

KevPham · April 21, 2025, 9:08pm

Noted! We will look into this. Thanks for sharing

Topic		Replies	Views
Anti-Censorship Tools Guide Suggestions	5	903	October 13, 2023
Opinions about privacy-oriented hardware Questions hardware , website	3	889	May 9, 2024
Community thoughts on Windows activation scripts? Questions	16	14565	July 16, 2024
Privacy vs Security Recommendations Off Topic	7	391	October 2, 2023
Hardware backdoor as a security threat? Privacy	20	1515	March 8, 2024

Windows Guide

Related topics