GPE/GPO is a minefield with thousands of settings and if you dont know what to set game over man. I can harvest gpo settings with RegFromApp no problem, if i only knew what to harvest Will keep an eye on JATD
I updated my signature . Check Private Win10 fromn @DavidXanatos . It is sorted by categories and shows what reg keys it alters . this is the base JATD will use likewise (work in progress). NOTE: DO NOT USE THE FIREWALL ... is still abit buggy .
There are surely ISPs who do complain. The question is are their complaints conform to laws. Means are they justified in a way. If not changing ISP actually would be reasonable. Means the original ISP which has complained cannot get info about your user behavior anymore. The same happend when routing through VPN. Sure. But you have to pay 2 services then what actually should be job of the ISP alone. I posted this to remind people that: -You have to trust your services provider either way. Regardless of ISP or VPN provider. -Using VPN does not mean that you are 100% anonymous, means you can now download anything without to get identified. -Using local ISP means the ISP has to follow local laws and those are applied to you. Using VPN provider from Canada such as windscribe means you are using a service of a 5 eye country which has to follow Canadian laws. I personally prefer EU /German laws over laws of a 5 eye state when it comes to IT stuff. VPN service providers are making a lot of money also because they advertise stuff that is actually not guaranteed. They sell an anonymity which is actually not more than without using VPN. Using VPN services is also a recent trend based on a false impression, IMHO. By deciding to go for a change and to use a VPN service ones client and ones user behavior does not change! The former (client) is a technical matter, the latter (own user behavior) a human matter. We here at MDL have sometimes banned members who try to constantly re-register. Some also try VPN. But it's actually only a question of a few days to get them again identified. A VPN = other IP address does not protect them. I have no objections to VPN, the technology. I only have objections to VPN service providers and their promises at their ads. I use a VPN connection since years. But I do not run a client on the router which connects to a paid VPN server. I do run a VPN server myself. (Comes with the router). I connect my mobiles (as clients) when being abroad and I have to use questionable spots to connect via VPN home to my home ISP. This costs nothing extra and I have the security of a VPN connection. No matter in which country I am I always have my home IP address and a secure connection to home where I can call all my network devices.
People commonly misinterpret the "private" in VPN. VPN is a managed tunnel to your home LAN. LAN is also called "private network" as it is separated from the Internet ("public network"). Nothing else. You are actually taking a risk when using VPN as a rogue VPN provider could get access to your home LAN, in extreme cases.
Yes. When using a VPN service it's a managed tunnel to the service provider's VPN server and from there to the internet without any additional encryption. Some VPN service providers even offer a completely pre-configured router to be purchased to use their service. Nobody actually knows what's running on it. Linux based router OSes can be modified with services they want have to run and people blindly trust it! The VPN connection is technically not the problem e.g. openVPN is a secure standard. Also running an official openVPN client separately on each device should be OK with properly configured port forwarding. But if you want to VPN your TV for instance to circumvent the geo blocking of Netflix one cannot install a client there and has to run one on the router therefore. If there are no strict separate routes to your home LAN one could get access. When running oneself the VPN server (router) and also the clients outside to get a VPN connection to home LAN one has own control, though.
Is the conversation now about having a clean, spy free bloats**t free windows 10? i don't understand many of the codes here , but i will master them and become a primordial nerd my self. i swear it.
Actually yes. Sorry for being OT sometimes. Get LTSC -Use on board means to adjust settings to your needs to have most of privacy. -Apply Group Policies you like and find useful -Apply self chosen host lists of endpoints you want to have blocked -Reply here if you have any further questions / need assistance.
It is rarely that I would argue with you, but in this case everyone has to understand that enterprises do not use LTSB/C, except for rare situations and they are mostly due to lack of experience, skill, whatever. A serious enterprise would not risk using a system which is not supported by the manufacturer, even if this is only due to compliance reasons. I have nothing against LTSB/C, everyone can use it as they like, but my point is that what is commonly believed to be the case that enterprises use LTSB/C is fake news. The OS edition of choice is in almost all cases Enterprise, locked down and customised by using Group Policies as per the original post.
Nah, on mission critical machines runs LTSB/C or their IOT variant . Is still the same Enterprise but with different licensing term.
I tested it ... there is NO difference between normal Ent and LTSC/IoT... difference of the latter is that IoT only knows Retail/OEM licenses, LTSC is KMS/MAK only.
We run Enterprise on office clients and EnterpriseS (LTSC) on scientific clients. Clients that control high tech scientific devices such as MS. Those clients are on a separate network because they create sensitive scientific data. (QM and QA have requirements such as a validated environment). The company is a scientific business company. The main difference is really the license model, not the content. We have (as many other Enterprise customer) own contract conditions with MSFT such as pricing. It is true that there are more Enterprise than EnterpriseS versions, but not at autarchic scientific use. At other companies there might be another ratio though. While professional on w7 was acceptable on w10 it's a no-go. Not even speaking of home edition.
I don't have any reasons not to trust your results. I don't argue that Enterprise S is a valid product as it is now. I tested 1607 and I am convinced of what you and others say. I have some reservations about 1809 but this may be because it is relatively new and still evolving. 1507 does not matter from my perspective. There are questions though in relation to its official limitations in the future and don't forget that I qualified my earlier post to apply strictly to enterprise use, where there are other considerations beyond those purely technical. Nevertheless, this has been constructive so far.