didnt i read here on forum telemetry will be renamed, reworked and can be disabled ? security will mean will be disabled , basic will remain and full telemetry will not exist anymore?
Someone explain to me how routing all your traffic through an American company trading on NASDAQ is safe?
I am using windows 10 Pro, read the OP I am confused which method is best to apply to block telemetry in my windows
Windows 10 has recently begun to enrage me! Even the calculator sends data to Microsoft. I'm already silent about the defragmenter! The whole system is some kind of terminal server for collecting and sending information. It is necessary to bring down from this board ....
Can anyone explain me why to use 0.0.0.0 in system32\drivers\etc\hosts instead of 127.0.0.1 ??? . The explanation gave by the stackoverflow link is beyond my grasp. Easy test made me rethink about it: added 0.0.0.0 mydigitallife.net saved it fired up firefox typed mydigitallife.net it loads
When using many 127.0.0.1 redirection entries in the hosts file, it slows down the network stack, as Windows needs more and more time to parse it. 127.0.0.1 means localhost (your own machine). When using 0.0.0.0, on the other hand, these slowdowns do not occur. Thus, it's better to use 0.0.0.0. General question: There is another thing to consider: If you have IPv6 access, as more and more systems do now, is it enough to redirect to 0.0.0.0 (or 127.0.0.1)? Or do you have to additionally redirect to :: (or ::1), in order to cancel out the IPv6 that might be resolved if the site has an AAAA record? Microsoft has a nearly 100% IPv6 enabled network, these days. Currently I'm using both redirections, just to be safe. Example: Code: 0.0.0.0 domain :: domain
But.... but... why does mydigitallife.net loads if it is blocked with 0.0.0.0 ? sites blocked with 127.0.0.1 dont load. Thanks in advance Carlos
1. You need to block all subdomains separately, e. g. mydigitallife.net will not block www.mydigitallife.net nor forums.mydigitallife.net. Needs 3 entries to block all. Personally, I'm using the Acrylic DNS proxy, Acrylic's hosts file allows wildcards and even regular expressions. 2. I have made the personal experience that the hosts file sometimes does not "take", especially when being copied in place. Simply repeat the process, copy using Windows tools. 3. A domain redirected to 0.0.0.0 (and ꞉꞉) is definitely not accessible anymore.
Short off topic ---- > >Myself I'm sticking with DNSCrypt and academic hosted proxies. DNSCrypt doesnt work . The ISPs can and do reroute trafic through their servers . I'm not in the position to explain that scientificly ........ i just read what the developers have said themselves when asked why a user can go to DNS server tracking / testing web sites and see their providers server IP adress .
Because hiding your IP address is totally what DNSCrypt was meant to do... [edit]...sharp, quote-able posters such as yourself to raise awareness about open source projects that doesnt work since 2008!!! So, thank you for your service!
Lots of info/scripts regarding this sorting all a little..so credits to all for the tweaks. Here's a sorted GPO Tweak reg list. Don't add it blindly ofcourse and use at ur own risk.... Code: Windows Registry Editor Version 5.00 ; MS Windows 10 GPO Tweaks ; based on MANAGE CONNECTIONS FROM WINDOWS 10 OPERATING SYSTEM COMPONENTS TO MICROSOFT SERVICES as of 2019.09.16 ; Telemetry and Error Reporting GPO Tweaks ; Disable Telemetry Group ; Security level is only supported on Education and Enterprise [best editions privacy-wise] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection] "DoNotShowFeedbackNotifications"=dword:00000001 "AllowDeviceNameInTelemetry"=dword:00000000 "AllowTelemetry"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppCompat] "AITEnable"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger\AutoLogger-Diagtrack-Listener] "Start"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger\AutoLogger\Diagtrack-Listener] "Start"=dword:00000000 ; Disable Application Experience Group [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppCompat] "DisableUAR"=dword:00000001 "DisableInventory"=dword:00000001 ; Disable CEIP Group [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows] "CEIPEnable"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\SQM] "DisableCustomerImprovementProgram"=dword:0000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Messenger\Client] "CEIP"=dword:00000002 ;Disable Query Remote Server [HKEY_LOCAL_MACHINE\SOFTWARE\policies\microsoft\windows\scripteddiagnosticsprovider\policy] "enablequeryremoteserver"=dword:00000000 ; Disable Error Reporting Group [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting] "Disabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting] "Disabled"=dword:0000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\PCHealth\ErrorReporting] "DoReport"=dword:00000000 ; Other Diagnostics [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\ScriptedDiagnosticsProvider\Policy] "DisableQueryRemoteServer"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Assistance\Client\1.0] "NoOnlineAssist"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\StorageHealth] "AllowDiskHealthModelUpdates"=dword:00000000 ; Search and Cortana GPO Tweaks ; Disable Cortana Group [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search] "AllowCortana"=dword:00000000 "AllowSearchToUseLocation"=dword:00000000 ; Disable Online Search Group [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search] "DisableWebSearch"=dword:000000001 "ConnectedSearchUseWeb"=dword:00000000 "ConnectedSearchPrivacy"=dword:00000003 ; Turn off Search Companion content file updates [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SearchCompanion] "DisableContentFileUpdates"=dword:00000001 ; MS Windows Defender GPO Tweaks ; Disable Windows Defender Group [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection] "DisableRealtimeMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender] "DisableAntiSpyware"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\AppHVSI] "AllowAppHVSI_ProviderSet"=dword:00000000 [[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService] "Start"=dword:00000004 ; Silence Windows Defender Group [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting] "DisableEnhancedNotifications"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet] "SpynetReporting"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet] "SubmitSamplesConsent"=dword:00000002 ; Disable SmartScreen [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] "EnableSmartScreen"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen] "ConfigureAppInstallControlEnabled"=dword:00000000 "ConfigureAppInstallControl"="Anywhere" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost] "EnableWebContentEvaluation"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter] "EnabledV9"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter] "EnabledV9"=dword:00000000 ; Delete ShellSmartScreenLevel [-HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] "ShellSmartScreenLevel"="" ; Turn off Windows Network Connectivity Status Indicator active tests [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator] "NoActiveProbe"dword:00000001 ; Silence MRT-Tool - Windows Malicious Removal Tool [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT] "DontOfferThroughWUAU"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT] "DontReportInfectionInformation"=dword:00000001 ; Privacy and Advertisement GPO Tweaks ; Disable Advertisement Group ; Turn off Advertising [HKEY_LOCAL_MACHINE\Microsoft\Windows\CurrentVersion\AdvertisingInfo] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AdvertisingInfo] "DisabledByGroupPolicy"=dword:00000001 ; Turn off Consumer Experiences - MS Store [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CloudContent] "DisableWindowsConsumerFeatures"=dword:00000001 ; Limit Tailored Experiences -- Admin [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Privacy] "TailoredExperiencesWithDiagnosticDataEnabled"=dword:00000000 ; Limit Tailored Experiences -- User [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CloudContent] "DisableTailoredExperiencesWithDiagnosticData"=dword:00000001 ; Turn off Windows Spotlight [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CloudContent] "DisableWindowsSpotlightFeatures"=dword:000000001 ; Disable Online Tips in Settings [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "AllowOnlineTips"=dword:00000000 ; Don't show Windows Tips [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CloudContent] "DisableSoftLanding"=dword:00000001 ; Disable Lock Screen Group ;Don't use Lock Screen [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Personalization] "NoLockScreen"=dword:00000001 ;Set LockScreen Image and Enable LockScreen Image [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Personalization] "LockScreenImage"="C:\\Windows\\Web\\Screen\\lockscreen.jpg" "LockScreenOverlaysDisabled"=dword:00000001 ; No Personalization Group ;Disable input personalization [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Personalization] "AllowInputPersonalization"=dword:00000000 ;Disable Test Collection [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Personalization] "RestrictImplicitTextCollection"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\InputPersonalization] "RestrictImplicitTextCollection"=dword:00000001 ;Disable Inc Collection [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Personalization] "RestrictImplicitInkCollection"=dword:00000001 ;Disable Linguistic Data Collection [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\TextInput] "AllowLinguisticDataCollection"=dword:00000000 ;Disable Handwriting Error Reports [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\HandwritingErrorReport] "PreventHandwritingErrorReports"=dword:00000001 ;Disable Handwriting Data Sharing [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\TabletPC] "PreventHandwritingDataSharing"=dword:00000001 ;Protect Location Group ;Disable Location Provider [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors] "DisableLocation"=dword:00000001 ;Don't Share Language List [HKEY_CURRENT_USER\Control Panel\International\User Profile] "HttpAcceptLanguageOptOut"=dword:00000001 ;Online Speech Privacy [HKEY_CURRENT_USER\Microsoft\Speech_OneCore\Settings\OnlineSpeechPrivacy] "HasAccepted"=dword:00000000 ;Change Windows Feedback Frequency [HKEY_CURRENT_USER\Software\Microsoft\Siuf\Rules] "PeriodInNanoSeconds"=dword:00000000 "NumberOfSIUFInPeriod"=dword:00000000 ;No Registration Group ;Disable KMS GenTicket [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\Software Protection Platform] "NoGenTicket"=dword:00000001 ;Disable Registration [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Registration Wizard Control] "NoRegistration"=dword:00000001 ;No Push Notifications Group ;Disable Cloud Notification [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications] "NoCloudApplicationNotification"=dword:00000001 ;Disable Cloud Notification [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications] "NoCloudApplicationNotification"=dword:00000001 ; Microsoft Account GPO Tweaks ;Disable Disable OneDrive Group ; Disable OneDrive Usage [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\OneDrive] "DisableFileSyncNGSC"=dword:00000001 ;Silence OneDrive [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OneDrive] "PreventNetworkTrafficPreUserSignIn"=dword:00000001 ;No Microsoft Accounts Group ;Disable Microsoft Accounts [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] "NoConnectedUser"=dword:00000003 ;No Settings Sync Group ;Disable Settings Sync [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\SettingSync] "DisableSettingSync"=dword:00000002 ;Force Disable Settings Sync [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\SettingSync] "DisableSettingSyncUserOverride"=dword:00000001 ;Disable WiFi-Sense [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\wcmsvc\wifinetworkmanager\config] "AutoConnectAllowedOEM"=dword:00000000 ;No Find My Device Group ;Don't Allow FindMyDevice [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\FindMyDevice] "AllowFindMyDevice"=dword:00000000 ;No Cloud Clipboard Group ;Disable Cloud Clipboard [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\System] "AllowCrossDeviceClipboard"=dword:00000000 ;No Cloud Messages Group ;Don't Sync Messages -- Admin [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Messaging] "AllowMessageSync"=dword:00000000 ;Don't Sync Messages -- User [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Messaging] "AllowMessageSync"=dword:00000000 ;Disable Activity Feed Group ;Disable Activity Feed [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\System] "EnableActivityFeed"=dword:00000000 ;Don't Upload User Activities [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\System] "UploadUserActivities"=dword:00000000 ;Don't Publish User Activities [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\System] "PublishUserActivities"=dword:00000000 ;No Cross Device Experience Group [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\System] "EnableCdp"=dword:00000000 ;Visual Studio GPO Tweaks ;Turn off VS telemetry Group [HKEY_CURRENT_USER\Software\Microsoft\VisualStudio\Telemetry] "TurnOffSwitch"=dword:00000001 ;Turn off PerfWatson2.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\VisualStudio\SQM] "OptIn"=dword:00000000 ;Block Microsoft.ServiceHub.Controller.exe ;Optional ;%ProgramFiles(x86)%\Microsoft Visual Studio\2019\Community\Common7\ServiceHub\controller\Microsoft.ServiceHub.Controller.exe ;Turn off VS Feedback button Group ;DisableFeedbackDialog [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\VisualStudio\Feedback] "DisableFeedbackDialog"=dword:00000001 ;Disable Email Input [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\VisualStudio\Feedback] "DisableEmailInput"=dword:00000001 ;Disable Screenshot Capture [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\VisualStudio\Feedback] "DisableScreenshotCapture"=dword:00000001 ; Various others GPO Tweaks ;No Explorer AutoComplete Group -- Recommended ;Disable Auto Suggest -- Admin [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete] "AutoSuggest"="no" ;;Disable Auto Suggest -- User [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\Explorer\AutoComplete] "AutoSuggest"="no" ;No Delivery Optimizations Group ;Disable WU Delivery Optimizations -- Recommended [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization] "DODownloadMode"="100" ;No Internet Open With Group -- Recommended ;Disable Internet Open With -- Admin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoInternetOpenWith"=dword:00000001 ;Disable Internet Open With -- User [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoInternetOpenWith"=dword:00000001 ;Disable Driver Update Group ;Don't Update Drivers With WU [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate] "ExcludeWUDriversInQualityUpdate"=dword:00000001 ;Don't get Device Info from Web [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Device Metadata] "PreventDeviceMetadataFromNetwork"=dword:00000001 ;No Speech Updates Group ;Don't Update SpeechModel [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Speech] "AllowSpeechModelUpdate"=dword:00000000 ;Lockdown MS Edge (non Chromium) Group ;Prevent Live Tile Data Collection [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main] "PreventLiveTileDataCollection"=dword:00000001 ; Disable Pre-launch [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main] "AllowPrelaunch"=dword:00000000 ;Disable Tab Pre-Loading [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\TabPreloader] "AllowTabPreloading"=dword:00000000 ;Disable Adobe Flash Player [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Addons] "FlashPlayerEnabled"=dword:00000000 ;Don't Update Compatibility Lists [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\MicrosoftEdge\BrowserEmulation] "MSCompatibilityMode"=dword:00000000 ;Set Blank Stat Page [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\MicrosoftEdge\Internet Settings] "ProvisionedHomePages"="about:blank" ;Set 'DoNotTrack' [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main] "DoNotTrack"=dword:00000001 ;No Password Auto Complete [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main] "FormSuggest Passwords"="no" ;Disable First Start Page [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main] "PreventFirstRunPage"=dword:00000001 ;No Form Auto Complete [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main] "Use FormSuggest"="no" ;Disable AddressBar Suggestions [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\SearchScopes] "ShowSearchSuggestionsGlobal"=dword:00000000 ;Disable AddressBar (drop down) Suggestions [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\ServiceUI] "ShowOneBox"=dword:00000000 ;Keep New Tabs Empty [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\ServiceUI] "AllowWebContentOnNewTabPage"=dword:00000000 ;Disable Books Library Updating [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\MicrosoftEdge\BooksLibrary] "AllowConfigurationUpdateForBooksLibrary"=dword:00000000 ;No Font Updates Group ;Don't Update Fonts [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] "EnableFontProviders"=dword:00000000 ;Automatic certificate updates Group ;Disable Certificate Auto Update [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot] "DisableRootAutoUpdate"=dword:00000001 ;Date and Time (NTP Client) Group ;Disable NTP Client [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\W32time\TimeProviders\NtpClient] "Enabled"=dword:00000000 ;Disable Teredo (IPv6) Group ;Disable Teredo Tunneling [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\TCPIP\v6Transition] "Teredo_State"="Disabled" ;Disable Map Updates Group ;Turn off unsolicited Maps Downloads [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Maps] "AllowUntriggeredNetworkTrafficOnSettingsPage"=dword:00000000 ;Turn off Auto Maps Update [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Maps] "AutoDownloadAndUpdateMapData"=dword:00000000 ;Lockdown Internet Explorer Group ;Disable Enhanced AddressBar Suggestions [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer] "AllowServicePoweredQSA"=dword:00000001 ;Turn off Browser Geolocation [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Geolocation] "PolicyDisableGeolocation"=dword:00000001 ;Turn off Site Suggestions [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Suggested Sites] "Enabled"=dword:00000000 ;Turn off FlipAhead Prediction [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\FlipAhead] "Enabled"=dword:00000000 ; Disable Download Version List [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\VersionManager] "DownloadVersionList"=dword:00000000 ;Disable Sync of Feeds and Slices [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds] "BackgroundSyncStatus"=dword:00000000 ;Disable Compatibility View [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation] "DisableSiteListEditing"=dword:00000001 ;Disable First Run Wizard [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main] "DisableFirstRunCustomize"=dword:00000001 ;Keep New Tabs Empty [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing] "NewTabPageShow"=dword:00000000 ;Apps and Store GPO Tweaks ;Disable Store Group ;Disable the Store [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsStore] "DisableStoreApps"=dword:00000001 ;Don't Auto Update Apps [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsStore] "AutoDownload"=dword:00000002 ;Disable App Uri Handlers [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\System] "EnableAppUriHandlers"=dword:00000000 ;Lockdown Apps Group ;Don't Let Apps Access AccountInfo -- Recommended [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsAccessAccountInfo"=dword:00000002 ;Don't Let Apps Access Calendar -- Recommended [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsAccessCalendar"=dword:00000002 ;Don't Let Apps Access CallHistory -- Recommended [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsAccessCallHistory"=dword:00000002 ;Don't Let Apps Access Camera -- Recommended [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsAccessCamera"=dword:00000002 ;Don't Let Apps Access Contacts -- Recommended [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsAccessContacts"=dword:00000002 ;Don't Let Apps Access Email -- Recommended [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsAccessEmail"=dword:00000002 ;Don't Let Apps Access Location -- Recommended [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsAccessLocation"=dword:00000002 ;Don't Let Apps Access Messaging -- Recommended [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsAccessMessaging"=dword:00000002 ;Don't Let Apps Access Microphone -- Recommended [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsAccessMicrophone"=dword:00000002 ;Don't Let Apps Access Motion -- Recommended [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsAccessMotion"=dword:00000002 ;Don't Let Apps Access Notifications -- Recommended [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsAccessNotifications"=dword:00000002 ;Don't Let Apps Access Radio -- Recommended [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsAccessRadios"=dword:00000002 ;Don't Let Apps Access Tasks -- Recommended [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsAccessTasks"=dword:00000002 ;Don't Let Apps Access TrustedDevices -- Recommended [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsAccessTrustedDevices"=dword:00000002 ;Don't Let Apps get Diagnostic Info -- Recommended [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsGetDiagnosticInfo"=dword:00000002 ;LetAppsRunInBackground [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsRunInBackground"=dword:00000002 ;Don't Let Apps Sync With Devices [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy] "LetAppsSyncWithDevices"=dword:00000002 ;Block Mail and People Group ;Disable Mail App [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Mail] "ManualLaunchAllowed"=dword:00000000 ;Hide People from Taskbar -- Admin [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Explorer] "HidePeopleBar"=dword:00000001 ;Hide People from Taskbar -- User [HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer] "HidePeopleBar"=dword:00000001 ; Disable Clipboard History [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] "AllowClipboardHistory"=dword:00000001
At deafening silence ---- > How do i personaly KNOW that DNSCrypt doesnt work ......... if the ISP doesnt want it to ? Because just before christmas i was surfing on a ramada hotel wifi net that has virgin as their ISP ......... i was using DNSCrypt proxy / simple DNSCrypt ........ after checking that DNSCrypt proxy was running ....... because it doesnt always start with the system ....... and wanted to go to a test web adress ....... one that i know that virgin blocks ...... and i got a block screen that said words to the effect off ' Virgin does not allow the use of this web site ' ......... wich could not happen if DNSCrypt proxy realy works . Maybe someone can test if that still happens ?
DNSCrypt is disabled by default, after you install it, you have to turn it ON. If it is enabled and your ISP blocks it, your DNS requests would fail. Check, if your system is sending traffic via port 53, if it is, then you are using normal DNS.