I searched through the thread for information but I could not find anything aside from "OMFG finally an OS for the growing flat-windows-society™, anti-vaxxers, defund-the-police, coronaidiots and maga's. What started out as a 3-5% of nutjobs getting kidnapped by UEFOs, is now 30-50%. GG Linus, harness their ignorance." Perhaps the poster intended to express something meaningful about the project in a derogatory way but I do not wish to bring politics into this. My only goal is to find what is useful and can benefit everyone in the most efficient and transparent way. I have been part of the telegram group and was disappointed they chose to discontinue support for Windows 10, but I have installed their playbook on many systems in the past, for my family and friends as well, and it has worked quite well, especially on systems with very limited resources. They have put a lot of work in it since those times in 2020 and it shows. For instance, one of the most interesting things they have is a tool that lets users install apps from the Windows Store without actually having any Windows Store components installed in the system. It is true, some of the things they remove may be important for some people, for instance the Edge browser or Microsoft Defender, but their primary goals are privacy and performance, which is also mine. In their methodology they exposed just how many systems have telemetry and callback functionality inside a regular Windows 10 installation and it is quite shocking. For instance, file explorer has telemtry, the actual settings app has telemetry etc. And in any case, due to the open nature of their scripts, they can be implemented individually as per user preference.
Privacy+.apbx Spoiler: Windows Defender # ---------- Windows Defender - !status: {status: 'Removing Windows Defender'} - !taskKill: {name: "NisSrv"} - !taskKill: {name: "SecurityHealthHost"} - !taskKill: {name: "SecurityHealthService"} - !taskKill: {name: "SecurityHealthSystray"} - !taskKill: {name: "SkypeBackgroundHost"} - !taskKill: {name: "MsMpEng"} - !taskKill: {name: "msiexec"} - !file: {path: "%windir%\\System32\\smartscreen.exe"} - !file: {path: "%windir%\\System32\\smartscreenps.dll"} - !file: {path: "%windir%\\System32\\SecurityHealthSystray.exe"} - !file: {path: "%windir%\\System32\\SecurityHealthService.exe"} - !file: {path: "%windir%\\System32\\SecurityHealthAgent.dll"} - !file: {path: "%windir%\\System32\\SecurityHealthHost.exe"} - !file: {path: "%windir%\\System32\\SecurityHealthSSO.dll"} - !file: {path: "%windir%\\System32\\SecurityHealthCore.dll"} - !file: {path: "%windir%\\System32\\SecurityHealthProxyStub.dll"} - !file: {path: "%windir%\\System32\\SecurityHealthUdk.dll"} - !file: {path: "%ProgramW6432%\\Windows Defender", weight: 30} - !file: {path: "%ProgramData%\\Microsoft\\Windows Defender", weight: 30} - !file: {path: "%ProgramFiles(x86)%\\Windows Defender", weight: 30} - !file: {path: "%windir%\\System32\\drivers\\WdNisDrv.sys"} - !file: {path: "%ProgramW6432%\\Windows Defender Advanced Threat Protection"} - !file: {path: "%SystemDrive%\\ProgramData\\Microsoft\\Windows Defender Advanced Threat Protection"} # - !file: # path: "%windir%\\System32\\drivers\\cldflt.sys" - !scheduledTask: path: "\\Microsoft\\Windows\\Windows Defender\\Windows Defender Cache Maintenance" operation: delete - !scheduledTask: path: "\\Microsoft\\Windows\\Windows Defender\\Windows Defender Cleanup" operation: delete - !scheduledTask: path: "\\Microsoft\\Windows\\Windows Defender\\Windows Defender Scheduled Scan" operation: delete - !scheduledTask: path: "\\Microsoft\\Windows\\Windows Defender\\Windows Defender Verification" operation: delete
I've been using only your scripts for a long time and I'm really, really satisfied, and I have no intention of using any other application. As the results show, I made the right decision choosing you. You're number one for me. Thank you so much.
Good day @SunLion ! Thank you for your testing. I am surprised this worked on Enterprise IoT LTSC, AME team specifically says that their playbook is for Windows 10 Pro 22H2 only. Normally the AME beta.exe should deny application, but it seems that this is not the case. It is possible some parts of their scripts will not work on Enterprise IoT LTSC, as there may be nothing to remove. In any case, it's good that it works, and it's nice to know they are very close. However, my goal with sharing this was to find out if any of the individual scripts that can be extracted from the .apbx file itself would be useful to your project. Things like doing something that your project doesn't or doing something in a different way that is maybe a more comprehensive approach. I don't intend to use their playbook any longer since they will not be updating the one for Windows 10. I have not yet used Slimdown to compare them myself due to time. But I want to in the future, and also want to study their scripts, so I figured if you could also look through them before I did, it would maybe help your project and your findings could boost my efforts as well.
I didn't delve too deeply into it either, as I was just learning how they do it. But from what I understand, the process is the same. Only the format is modified. I like the CMD method because it's simple and easy for any user to understand how it works. Anyway, there's still a lot to research about this. I respect their work and we can learn a lot from it. Let's move on... Best regards
Good day all. I appreciate the responses. I took some time to consider this post as I feel I did not express my true intentions properly, in part because I did not take the time to think through them properly. The reason I wanted to bring attention to this project was because I was frustrated that, after all this time that Windows 10 has existed, I considered it somewhat shocking and depressing that there was no single project that achieved proper 100% de-parasitation of the OS. Instead, I've seen a lot of projects over the years, so many that listing them would take another post probably. They have come and gone and it feels like there was never a unifying single project that people could rally behind and make the best. Of course, it is the nature of such things, but I figured given enough time, something would have emerged by now. For a while, it seemed to me that AME was the closest to achieving this, in part because they took a very hardline stance that I appreciated. In their methodology they stated that their playbook achieved 99% network silence, which sounded amazing. So really, I just used it based on trust more than anything, just like I used other projects in the past. But after installing Wireshark a month ago for the first time and testing AME out on a new system, I was surprised to find many network connections happening, without other software installed. And since they did not want to update their project for Windows 10 any more, I was confused as to how to proceed. But really, my biggest frustration was that there was no easy answer, something like "this is the best, use this and don't bother with anything else, don't bother thinking". Of course, it was nice that they packaged it into a noob friendly manner, and I consider myself very much a noob as well. But this was just a bonus, for me it was never a problem of how a tool was packaged, I did not care if it's a cmd script tool or a dedicated executable like theirs, whatever method got the job done, I was fine with. Of course, if I had to choose, I would always consider the Slimdown approach better, because as @hoak says, it enables more understanding of the process and more customization. When I think of the "easy answer" I just think about what tool had the most consensus by the largest community, which also seemed to be AME. When this turned out to not be the case anymore, I figured I would see if there was something else and I found Slimdown. So I shared their project and hoped that SunLion would just look through all their scripts individually and take what was useful to apply to Slimdown, which would take a lot of time. But this really, was just my laziness again and it was unreasonable for me to expect this much work from someone else, so I would like to apologize to @SunLion for this. I see now that I need to do the work myself, to understand all this process for myself, go through all the projects and actually offer specific useful things to integrate, that do not impose on other people's precious time and goodwill. I have started doing this and will hopefully have something to share in the future.
@yasagani you're on the same track, and traveling the same road we all have and are still on. Unfortunately Windows is a proprietary, closed source, black box and while there are successful means to de-crapification, Microsoft is still shoveling poop back in the hole, even with Windows 10 LTSC updates (though at a more manageable rate than say Windows 11). The process is not merely challenging -- in the decentralized world of FOSS everyone is working on fixing Windows and is pursuing what's important to them and what they do best; some need a de-gunked system that will run very specific software and getting too aggressive with removing vs disabling breaks things. Others are willing to adjust their software selection for more optimal performance, privacy and security and can afford to remove more crap. So, while you and I might wish there was more collaboration that went into a one-stop-fix for everything -- that kind of collaboration is exactly what slows progress, and has even ground many projects to a screeching halt... So I'll take any progress, as fast as I can get it, by any means over something more idealistic. In objective terms it's absolutely absurd that Microsoft hadn't FOSSed Windows, it's a monopoly product that's losing that status because of Microsoft's malfeasance, and will ultimately cost them more on the current trajectory long term... Regardless of the direction you go, I hope you'll still post here with your discoveries and results, everyone's contributions count; I did not for example know AMI has in essenced abandoned Windows 10 in their Playbooks until you mentioned it -- this kind of thing is critical to where you go for the results you need! This last point is also exactly where Microsoft is the most menacing and requires a lot of constant User attention on any long term Windows install, irregardless of how you clean it up or secure it, and why I recommend an el-cheapo second PC running Linux or BSD for anything where long term privacy and security is essential especially anything that requiring financial transactions.
For my personal use case, I plan to move to Linux in the future, but this project started because I still have a lot of people in my life that I need to assist with their PCs and it would be highly impractical to move most of them to Linux. To your point, my biggest issue is the constant user attention required to keep the cancer at bay, and I am getting old enough where I simply do not have the energy or time to pursue the Windows Sisyphus lifestyle. I never thought I would end up here, but it's the shocking truth that after 35 years of using Windows, moving to Linux and almost completely re-learning how I do things seems just so much easier and less demanding. I also avoided doing the needed work for as much as I could, my old main PC still has Windows 7 on it. I will continue to provide what small discoveries I make in the process, I wish to contribute however little I can. Compared to the giants in this forum, my skills are laughable, I am just a guy that loves video games and privacy/performance with 0 knowledge of scripting, but I have profited much from their work and it would be shameful of me not to do so. I am currently focusing on creating a simple easy-to-follow process for noobs like me when Windows 10 Pro 22H2 /Enterprise IoT LTSC iso building and am exploring specific update KBs. My plan is to afterwards move to services, scheduled tasks and background processes. My plan is to go as aggressive as possible into the removal process while focusing on maximum gaming (non-xbox) compatibility, but with documenting each step so that it is understood and easily revertable. Much of my work will reference existing projects by necesity, such as Slimdown and AME.
Am I seeing it right? ExtraTweaks/Policies_for_Firefox.cmd has been removed? Can't find the script anywhere in the SD10 1.46 version anymore.
Regarding the removal process, I have also made numerous attempts, and at least 40% of the files can be safely removed.
In today's world, just as in the past, it seems there aren't many virtuous examples of respect for the end user, the consumer, or the so-called "common" people. The above is obviously just my point of view, but how can anyone else think - regardless of the respect one should have for people - that an operating system that also wants to have an Internet connection doesn't have to connect to somewhere out there? There are millions (or even billions, I don't know) of so-called "end users" of M$, and this alone protects against the first stage of paranoia, in my opinion. Frankly, I've never heard of anyone experiencing any kind of problem due to the connections Windows makes to the outside world. So, perhaps the issue is purely academic, theoretical, like a "difficult" project to devote oneself to in order to satisfy the mental part of the matter. Which I wouldn't disagree with if and when it was rational and reasonable, without criticizing anyone of course. Expecting 99% output silence is a bit like trying to create difficulties for yourself, and who would do that if they wanted to use an operating system in a way that wasn't "complete," but at least feasible and enjoyable? The side effects would be too many. Personally, I used the original Slimdown10 running Enterprise LTSC 2021 and found it absolutely satisfactory. I'd like to take this opportunity to say that I think it's wrong to have its related thread locked since it doesn't deserve that way, being at least the progenitor of subsequent forks, which I can't yet say why I've never tried them. I also believe just as said elsewhere there are other users who have done it successfully and can share their experiences with those who may be having trouble understanding some settings or other issues. I'd like to try this with Windows 11, and when I do, I could share my results. It goes without saying that if you want to use an operating system for criminal purposes, well then one should turn to other systems - I guess - than Slimdown10 and similar. However, for what it's worth, I'm one who values his own privacy and that of others, to the point where it becomes an obsession that worsens the quality of anyone's life. With all due respect to the excellent work of those who strive to make things easier to control, of course. Since without them we probably wouldn't even be here talking about it.
@Logan, I think you misunderstand the intentions of people that are seeking low network traffic quinessent behavior from an OS. Windows 10 and 11 have built-in, by intention, industrial grade spyware, and malware (that prevents you from turning the spyware off). If you imagine Windows Privacy & Security settings set to maximum privacy and security are private and secure -- you'll be very rudely disappointed. The internet traffic we're discussing is Microsoft calling home and/or calling its 'Partners' to share or sell your data. Even if you don't care that Microsoft keylogs, stores and shares your browsing history, scrapes financial transactions, concatenates, packages, and resells your data to its many 'Partners' -- you might care about the performance hit to your system that all this crap running incurs -- SSD wear, network bandwidth you pay for, CPU cycles, battery life... The added risk of identity theft from exposure of account information including: passwords, account balances, recovery keys, personal identify information that allows third parties criminal, government or corporate (same thing?) to spoof or scrape yet other accounts you own with your credentials -- is not something many of us want or would ever consent to. Many, like me, feel that an Operating System should be an OPERATING SYSTEM, for only running software you choose, not spyware and malware that spys on and monetizes you. Even if Microsoft and its 'Partners' were the most innocent, generous and benevolent entities on the planet, which seems very doubtful -- Microsoft's mal & spyware masquerading as "Experiences" offer means for yet other parties with criminal intent to exploit your system as well.
Hi, even if it doesn't seem directed at me (please find out for yourself why I say this ), it seems like you're the one who misunderstood the content of a certain post. As a matter of fact, you can read what I wrote a few weeks ago here: https://forums.mydigitallife.net/threads/seeking-help-with-telemetry.90011/#post-1902341 . Furthermore, you say you speak for many people, but I speak only for myself and, if I may, I simply say what I think. So, I think the first real and effective tool to reduce telemetry or anything similar, is your own brain. After that, and as said, one cannot help but notice the fact that the "spied on" users number in the millions, perhaps billions, and this fact alone makes things paradoxically less catastrophic than you describe, if you realize what I mean. And please, I don't want to repeat that I value my privacy (and that of other ones) very much, and I'm not saying that M$ or anyone like them are good Samaritans. I'm just saying that your doom-mongering, so etched in stone, isn't supported by the facts. First, because as we all know here, there are ways to at least reduce the scope of the issue. Second, because, as I've already said, I've never heard of M$ collecting anyone's bank details for criminal actions and its own profit. Perhaps he's committed other crimes, I don't know, but not this one, as far as I know. Rather, The world of computing (Information Technology), as everyone knows or should know, generates logs. Everything you do, write, or send over the Internet is recorded and stored in logs. This is a fact. It's common to everyone, not just M$. Have you ever wondered what your internet provider knows about you and your habits? Have you ever wondered if your email client and the messages you send and receive are ever read by "anyone"? Are you really sure that anonymous proxy servers delete their logs every 24 hours? If so, how can you be sure? Then there are the browsers, the search engines, the various sites and the related accounts that end users freely subscribe to. Once you've signed up for an account, it's so convenient to browse YouTube (or Google, or whatever), right? And when a user freely signs up for such an account, is he aware that it is as if he had freely opened a dossier in a folder with his own name on and that the provider of that "service" can dispose of at his pleasure? Should I add DNS servers or NetBIOS? Or malware and backdoors? In a scenario like the current one, I don't think M$ is the worst evil because however it allows anyone to adopt measures to reduce telemetry. Just as the topic here is telemetry, not the alleged cybercrimes perpetrated by the software house you suspect and describe. And please, I don't want to repeat that I value my privacy (and that of other ones) very much. Peace & Love.