To be honest, there is a lot of messages, Since I lot checked this post. I would like to read and reply to them.
But I switched from Windows to Fedora Workstation 38. Basically, I am a linux user. Missing few quirks which I could just adapt or find alternative ways here.
I will read and reply on my free time. Will check the PR and update it sooner. Some pages are offline. I mean content is still on my PR but not as webpage.
Depends. At least better than it was in the past.
Visiting malicious websites can lead to a full-system compromise including persistence. The browserâs security mechanisms just set the bar higher. You can only increase cost and effort for attackers. Security is nothing absolute and there will always be some way around the protections, especially in such huge complicated software written in memory-unsafe languages like browsers.
Damn. Guess I should grab my plastic shovel coz Iâm going in the sandbox then
Viruses are an outdated concept from the 90s and early 2000s. General malware these days are an entirely different breed: The low effort ones are botnets seeking to "infect"and passively spread throughout the internet in the classical and enable DDoS-as-service. Then there is the more sophisticated SolarWinds-like attack where the bad actors implants themselves into a software supply chain and spread themselves into important places - its as if hackers implanted itself to WinRar and sends malevolent updates to your local WinRar. In the eyes of the OS and antivirus it is technically a correct version of WinRar because it came from the officially signed WinRar update server but its in fact a modified WinRar that can open a backdoor into tour network.
Oh. Thought that was kinda what the definition of âvirusâ was.
Anyway, I donât want to get caught up on semantics. There are still cryptominers and ransomware to worry about, right?
So what in the world can we as individuals do to mitigate stuff like this, if 1. The OS wonât catch it, 2. An AV wonât catch it, and 3. Even savvy internet-safe user behavior wonât prevent it since it appears for all intents and purposes like a normal software update? Even if I used sandboxie to isolate the majority of apps (which I plan to), I would never think go sandbox something like winrar, per your exampleâŚ
I havenât been following this thread, but I think it should encompass my question, so I thought Iâd ask here instead of creating an unnecessary new topic.
Is there a general resource an average user can follow to configure and actively maintain a relatively private windows desktop?
As of right now, outside of general good practice and only using software that doesnât violate my threat model, I plan on using Portmaster as a firewall and telemetry blocker, and have considered running https://privacy.sexy/. Is there anymore I should be doing?
Privacy and security on Windows are so bad that there seems to be very little that people agree on.
On the top of this discussion you can find a link to ikelâs guide, so thereâs that.
Also, in the guide thereâs a way to disable telemetry via group policies. This is only available in Enterprise and Education versions. You can download Windows Enterprise in Microsoftâs site (Evaluation something is what the page is called - it asks an email but accepts anything), and youâll have to use Microsoft Activation Script from massgravelâs github. Itâs up to you if the risks are worth it.
On there youâll also see a recommendation to only install software from the Store, since thatâs the only way to run software in a sandbox. MS now requires a MS account to use the Store, so to get more security you need to get a MS account, link it to your OS and create some holes in your firewall/DNS block to allow it to talk back to the mothership. So, to get more security, you need to get less security. And a lot less privacy. Itâs up to you. (if you have a lot of wrong opinions, trusting Microsoft/Apple/Google/etc is increasingly a security issue on top of a privacy one, but a lot of people - PG included - donât seem to consider this in any threat model)
You can also set up NextDNS on your router and enable their Windows telemetry list, just in case.
Also, search digitalblossom in github. They have some scripts that add a bunch of urls and ips to the firewall and to the hosts file. Yes, itâs badness enumeration, but what do you have to lose? I tested then in a VM and they didnât seem to break anything. For Win10, but MS telemetry urls probably didnât change much in 11.
Edit : download anything you need to a USB drive, software, scripts, Mullvad Browser, VPN software, etc, format your hd and reinstall windows without internet and without creating a MS account. Install everything before turning internet on.
Thatâs all I can remember.
I looked through digitalblossomâs repos and didnât see anything to that effect. Is there a specific repo you can link to?
Ok, that was not it, sorry. Try supmaxi.
Thereâs block-telemetry.ps1 and Make_windows10_great_again.bat (which has a lot of other stuff that I wouldnât run).
Those lists are over 5 years old and probably out of date. Would need to run some Wireshark to find missing domains/IPs. They probably also break a lot of stuff like Windows Update, so youâd have to find what to allow. So, all in all, thereâs probably a LOT of work involved.
Then, even if you succeed, youâll still be praying your OS donât send Microsoft/NSA information using Windows Updateâs IPs.
Using Noscript you can have actually working websites, but block every unnecessary JS thats simply useless and just tracking.
If you want to block bad .js stuff â Braveâs integrated adblocker or uBlock Origin already do that, and it requires zero user input or fiddling whatsoever. Braveâs adblocker already blocks tracking and other junky .js scripts, and uBlock Origin blocks them too. This is really enough. Thereâs no point in enumerating badness. I know that some frenzied users pile up such extensions as Decentraleyes, uMatrix (which is abandoned), user agent rotator, CanvasBlocker, and so on. This is a very wrong approach to privacy, it actually does the opposite. Moreover, NoScript is redundant and is a big hassle to use for the majority, and will decrease peopleâs UX heavily. A regular user doesnât understand JavaScript and doesnât need it either, hence they wonât benefit from using NoScript. All my comments on this forum appeal to regular people; if one has an elevated threat model, then this is a completely different talk. PrivacyGuides itself mainly focuses and appeals to regular people, and a little bit on people with an elevated threat model, but only indirectly. And if you have found a use for NoScript and consider it useful â good, use it. But this is not an extension regular people should use or need, so no need to proselytize. Sorry if I sound rude or something else â I didnât mean to! I just say that you shouldnât recommend using such a technical, as well as redundant extension as NoScript to everyone.
Only problem is, there is no âsafe browsint JS listâ I would use.
Itâs illogical/incorrect. Thereâs absolutely no need to make a whitelist of âgoodâ .js scripts. It should be the other way around: to maintain a blocklist of âbadâ .js scripts. As I said, Braveâs adblocker and uBlock Origin already maintain such a list and block âbadâ .js stuff. Use Brave browser or uBlock Origin and donât waste your precious time with NoScript.
I agree with PrivacyGuidesâ recommendation of extensions â uBlock Origin is the only extension the majority might need. My another personal recommendation is Dark Reader, if one prefers dark mode for everything. Nowadays, a lack of dark mode on websites must be illegal x). It causes eyestrain and dry eyes.
Some security-hypersaturated people here go as far as advising regular people to disable JIT in their browser, being completely oblivious as to what category of people might ever need to disable JIT (spoiler: itâs not for regular people at all), and in what circumstances that category of people might need to do so. Those who give such advice â really go to hilarious extremes with such myopic vision. Like, letâs advise casual folks to use Qubes OS on an air-gapped PC, wrapped in a faraday bag.
Everyone should use NoScript.
I would re-phrase it in this way: âMost people would benefit from using uBlock Originâ.
Recommending NoScript to everyone is a similar case. It implies being oblivious to how most people use their PC, and projecting oneâs own level of knowledge/needs/use-case onto the others. You think they will tinker with NoScript? No, they donât and wonât understand what JavaScript is, in the first place. NoScript is not for regular people and they simply donât need it. If you are an advanced user and have found a use for this extension â thatâs good, use it, but donât evangelize it to hundreds of regular, non-techy people who view these threads to gain information and learn. We need to educate the majority; we need to kickstart their privacy/security journey â this should be our focus. Lots of techy people (who are a minority) are into privacy/security for a long time already. Some people donât know that other browsers besides Chrome exist, and here we are talking about NoScript and disabling JIT⌠People really shouldnât project their use-case or threat model onto other people. We should start with the basics of privacy/security, and from there we should give individual recommendations to users who ask a specific question on a forum, recommendations which are based on that userâs threat model/use-case. For the majority, we should find that sweet spot â a balance between privacy/security and convenience/user-friendliness. We shouldnât âgo all inâ regarding privacy/security. We shouldnât recommend extreme measures to someone who doesnât need them at all.
I advise people to listen to people who are knowledgeable in the privacy/security sphere and to stick to their recommendations, these people are, for example: PrivacyGuidesâs team lead Jonah Aragorn; GrapheneOS team; TOR team, arkenfox user.js developer, and some others. Smart people have already done a lot of the work and research, and figured out lots of things. Most people just need to stick to their recommendations. For people with an elevated threat model, or for people with some specific needs or use-case, recommendations to them can be adjusted and their case should be treated individually. PrivacyGuides already has a very user-friendly, visually appealing website with sane, unbiased, not opinionated, with no ideological fanaticism, privacy/security-radicalism or extremism, alarmism, fearmongering, baseless FUD, or else, which is unfortunately very common among privacy/security enthusiasts, and can often be seen on various forums and websites. People should do their own research and make informed decisions, I mean very well-informed, with information taken from sane, knowledgeable and trustworthy people. Unfortunately, some impressible people instantly give in to/fall for FUD (or whatever information they consume) with no second thought. For example: they just watch The Hated Oneâs bullsh** video about Signal, take it for granted, and go on crusades all over the internet, spreading FUD about Signal and advising people against using it. I noticed that many people donât think at all, donât self-research â they just wait for someone else to put information into their brain, no matter whether the info is correct and no matter anything about that info in general, and then they automatically agree with that information. There are a lot of YouTube channels and websites spreading similar FUD, maybe for clout, maybe to seem smart, and there is a lot of severe tribalism, circlejerking and echo-chambering in privacy/security communities. It can be really difficult for most people to filter out bad stuff, especially those who began their privacy/security journey only recently. I think it is one of the reasons why PrivacyGuides exist â to fix all the bullsh** out there, and I hope it wonât change for the worse over time, and stays like that forever. I have always really liked Jonahâs neutral, unbiased, impartial, âcleanâ approach/take on everything. He set the right approach and foundation for the PrivacyGuides project. This is what this website needs to be, even a little âdetachedâ: looking at everything from aside, no prejudice and bias towards anything, the âcompassâ stays still.
and have considered running https://privacy.sexy/
I advise you to be very careful with it. It is extremely simple to break something with such tools â been there, done that. I and some other people I spoke to, who have been testing/trying all sorts of such third-party tools/tweakers, eventually came to a conclusion that such third-party tools are simply redundant, unreliable, âdirtyâ and only cause troubles and breakages in the long run. My personal advice to configure privacy/security of Windows is via Group Policy Editor (gpedit.msc). Thatâs all. Itâs a native and âcleanâ way of configuring Windows. However, be careful when configuring it: if you are unsure what this or that policy does â donât touch it! You can break the system. GPO is for technically-inclined users. It can take some time to familiarize yourself with GPO when you configure it for the first time, but when you are done configuring, you can just export your GPO configuration and save it for the next install or for another PC. Also, you will find a lot of crucial security-related features in GPO, which no third-party tweaker is able to configure. For example:
Allow administrator account lockout
Account lockout threshold
Account lockout duration
Reset account lockout counter after
People who donât want or canât configure GPO for whatever reason (laziness; donât want to waste time; not techy and donât understand GPO; afraid to break the system by configuring something incorrectly) â should simply configure their Windows via Settings and Control Panel. Thinking that using third-party âprivacy-tweakersâ is going to significantly increase your privacy in your Windows install is wishful thinking. No third-party tool is going to give you a significant level of privacy on Windows, unless you just block the internet access altogether. If you want true and real privacy, and having real privacy is your purpose/use-case â donât use Windows, use Linux (and even then you have to pick a distro which most likely wonât shove telemetry into itself / which most likely wonât succumb to enshittification at some point of time in the future â not Ubuntu, that is). Using third-party âprivacy-tweakersâ does more harm than good in the long term of using your Windows install. If one is using Windows, they should come to terms with and peacefully, buddhistically accept the fact that they will never be significantly private when using it, and they should stop bothering with third-party âprivacy-tweakersâ.
Also, regarding security, you can find a lot of useful information here:
And donât hesitate to search up the internet for info on something from the official documentation, if something from the documentation is too technical or is written in a manner too difficult to get a grasp of. Oftentimes, random websites on the internet have a much user-friendlier/simplified explanation of some aspect of Windows, in comparison to the official Microsoftâs documentation, which appeals more to enterprise system administrators, as it seems to me.
Windowâs security is decent, and has improved dramatically in recent years. What is âso badâ â it is Linuxâs security. Proprietary operating systems will always be more secure than open-source ones, but will never be as private as open-source ones. I also fully agree with Joanna Rutkowska on that:
So, Iâm reinforced in my belief that security of mainstream platforms (from Apple, Google, MS) will continue to improve, likely exceeding the âopen sourceâ offerings. But, the open source will still have an edge in:
- trustworthiness/auditability
- customization freedom
Original post: https://twitter.com/rootkovska/status/1136220742662664193
This is factually false. You can use a local account (on both Windows 10 and 11) and use Microsoft Store freely. However, you will be unable to install paid apps or apps that have an age rating that requires verification, such as Spotify or Netflix.
Iâve used both Windows 10 and 11 with a local account and I was (and am) using Microsoft Store freely. I donât use paid apps or apps with an age rating, so I have zero issues in my use-case. Itâs completely feasible to use Windows 11 and take a full (for the most part. Like, 90%) advantage of it without making a Microsoft account.
You lose stability and reliability of your system, especially in the long run. Testing something in a VM doesnât count. What counts is using your bare-metal Windows install for a long time and subjecting it to âwear and tearâ naturally. And only then you should see if
affect the stability of your install.
I donât know why you recommend using unmaintained, outdated Windows telemetry blocklist dug out from the deep depths of GitHub, from some random no-name author (no offense to them, they just donât have any credibility) which hasnât even visited GitHub in a long time, all the while when there are several popular and maintained options from credible, reputable authors. I wonât list them because I donât recommend anyone using this approach of blocking telemetry: via third-party tools/tweakers/blocklists.
JS exploits are quite common and JIT is responsible for about half of them. Itâs a common misconception to think that you need to be a high value target, to get hit by it. Disabling JIT has only little impact on the usability of everyday browsing. Only very few websites heavily rely on it and if you know that, you can selectively enable it for these. Itâs very reasonable to disable it and you get a massive security boost with little downsides.
As I said here:
Disabling JIT slows down browsing, especially on lower-end devices. Benchmark it for yourself.
If you donât trust me, you can listen to a reputable source â @SkewedZeppelin:
Also:
Page Load times show the most severe decrease with tests that show regressions averaging around 17%
Disabling JIT does result in significantly lower scores in JavaScript benchmarks. Our tests showed a decline as high as 58%.
Source: Super Duper Secure Mode | Microsoft Browser Vulnerability Research
Since JIT-less mode disables the optimizing compiler, it comes with a performance penalty. We looked at a variety of benchmarks to better understand how V8âs performance characteristics change. Speedometer 2.0 is intended to represent a typical web application; the Web Tooling Benchmark includes a set of common JS developer tools; and we also include a benchmark that simulates a browsing workflow on the Living Room YouTube app. All measurements were made locally on an x64 Linux desktop over 5 runs.
Speedometer 2.0 is around 40% slower in JIT-less mode. Roughly half of the regression can be attributed to the disabled optimizing compiler. The other half is caused by the regular expression interpreter, which was originally intended as a debugging aid, and will see performance improvements in the future.
The Web Tooling Benchmark tends to spend more time in TurboFan-optimized code and thus shows a larger regression of 80% when JIT-less mode is enabled.
Finally, we measured a simulated browsing session on the Living Room YouTube app which includes both video playback and menu navigation. Here, JIT-less mode is roughly on-par and only shows a 6% slowdown in JS execution compared to a standard V8 configuration. This benchmark demonstrates how peak optimized code performance is not always correlated to real-world performance, and in many situations embedders can maintain reasonable performance even in JIT-less mode.
Memory consumption only changed slightly, with a median of 1.7% decrease of V8âs heap size for loading a representative set of websites.
Source: JIT-less V8 ¡ V8
Whether you need to disable JIT completely depends on your use-case/threat model. There are downsides. Browsing with JIT disabled is really not ready for general usage by everyone, yet, and it shouldnât be recommended to everyone.
I didnât imply that. I implied that regular people getting pwned by JIT exploits is a rare case.
You obviously have never used a JIT-less browser for everyday use. The performance impact is negligible for the vast majority of websites, even on low-powered devices. I have used JIT-less for years on multiple devices, including some low-powered ones without negatively noticing it.
Oh I did, I did.
Desktop or Android? Care to share your specs? I can literally record a video specifically for you from my low-end Android, where I can demonstrate the difference in page loading delay with JIT enabled and disabled. The difference is very noticeable visually.
Iâm daily driving Vanadium with JIT disabled for almost a year, and I have zeeeerooooo complaints.
But thatâs probably because all the sites that I visit arenât pieces of crap. Most of them work without JS, and the ones that need JS work well without JIT. Never have I ever encountered a site that would depend on JIT so much that it would impact my experience.
Would you call google.com a piece of crap, for example? I give the most banal example: on my device, google.com loads longer with JIT disabled, than when itâs enabled. If someone has doubts, I can prove it by recording a video. If you have a mid-tier device, the difference in performance might not be noticeable. Google Pixels are all good, even the first one. Most likely you donât see the difference due to having good specs. Nice job flagging my comment by the way.
Yes. I use Brave Search, which works amazingly without JavaScript, not only without JIT.
I have a feeling that your phone is so old that youâre sacrificing your privacy and security because it doesnât even receive updates anymore. I would suggest upgrading if you have the means.
I didnât flag a single comment on this topic. I hope that someone from @team can confirm that to you. Donât like to be accused of something that I didnât do.