Code: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection] ;Off - Enterprise "AllowTelemetry"=dword:00000000 ;Basic "AllowTelemetry"=dword:00000001 ;Enhanced "AllowTelemetry"=dword:00000002 ;Full "AllowTelemetry"=dword:00000003
But telemetry CAN be disabled for non Enterprise by using other methods i.e. by disableing/deactivating/removing tasks and/or services?
Have you-all seen the github W4RH4WK/Debloat-Windows-10 set of Powershell scripts? The scripts accomplish all the standard spy killing stuff and the code is well-commented and easy to tweak. There is a MDL member also named W4RH4WK, but he doesn't seem to be very active on this forum.
Cody, in my testing, disabling telemetry, app toast, defender cloud, and defender sample were enough to block most of the garbage spying. The apps still connect to ms when you run them, but we expected that.
I too would like to know what firewall you are using. I tried Tinywall. I'm sure a firewall is safe, but it kills OS functionality. Plus, with program cross pollination, if you allow one app freedom, you risk freeing up several more without knowing it. You open the barn door to let out the horse and the cows and the pigs slip free as well! I'm using the portable Acrylic DNS Proxy. Acrylic allows you to use a wildcard hosts file. Here is a domain example line: 0.0.0.0 *spynet* This line blocks spynet2.microsoft.com, spynettest.microsoft.com, spynetalt.microsoft.com and any other spynet server MS has now now or will ever have in the future. An adaptable 43 line Acrylic host file handles 200+ lines of the normal OEM one. Spoiler 127.0.0.1 *.*ad*.msn.com 127.0.0.1 *2mdn* 127.0.0.1 *choice.microsoft* 127.0.0.1 *feedback.* microsoft.* 127.0.0.1 *i1.services.social* 127.0.0.1 *metaservices.microsoft* 127.0.0.1 *mscrl* 127.0.0.1 *settings*.data* 127.0.0.1 *spynet* 127.0.0.1 *statsfe* 127.0.0.1 *telemetry* 127.0.0.1 *vortex* 127.0.0.1 *watson.microsoft* 127.0.0.1 >adnexus.net 127.0.0.1 >adnxs.com 127.0.0.1 >adtech.de 127.0.0.1 >atdmt.com 127.0.0.1 >doubleclick.net 127.0.0.1 >flashtalking.com 127.0.0.1 >footprintpredict.com 127.0.0.1 >msads.net 127.0.0.1 >msecn.net 127.0.0.1 >msecnd.net 127.0.0.1 >msedge.net 127.0.0.1 >msftncsi.com 127.0.0.1 >nsatc.net 127.0.0.1 >serving-sys.com 127.0.0.1 >v0cdn.net 127.0.0.1 134.170.30.202 127.0.0.1 137.116.81.24 127.0.0.1 204.79.197.200 127.0.0.1 23.218.212.69 127.0.0.1 23.218.212.69 127.0.0.1 65.39.117.230 127.0.0.1 65.55.108.23 127.0.0.1 compatexchange.cloudapp.net 127.0.0.1 corp.sts.microsoft.com 127.0.0.1 corpext.msitadfs.glbdns2.microsoft.com 127.0.0.1 diagnostics.support.microsoft.com 127.0.0.1 feedback.windows.com 127.0.0.1 rad.live.com 127.0.0.1 s.gateway.messenger.live.com 127.0.0.1 watson.live.com Note1: You can see that only half the hosts file is handled using wildcards (* and >) Note2: You must be somewhat cautious in the use of wildcards or you will break things. Note2: You could block heaps more using *microsoft.com and *live.com, but then you may as well change to Linux OS Note3: You can use either 127.0.0.1 or 0.0.0.0 in the Acrylic host file. The Acrylic DNS Proxy binds host domains to 0.0.0.0. It comes with a portable console, where you can watch all the telemetry/vortex stuff getting blocked in real-time! It's pretty easy to set-up, but if there is interest, I can post my steps. Secret wish: The hosts file accepts Regular Expressions and if the smart MDL code warriors were to take an interest in this Acrylic DNS privacy solution, they could probably come up with a 10 line Acrylic hosts file that would put a knee on MS's neck and snap it!
To use wildcards in a hosts file, you have to run your network through the free portable Acrylic DNS Proxy. The host domains are actually in the AcrylicHosts file. Your OS hosts file remains untouched or you can use that as well if you want to. Acrylic DNS proxy checks both the regular OS hosts file and it's own AcrylicHosts file. However, you can only use wildcards and Regular Expressions (if you know how to write the code!) in the AcrylicHosts file. Acrylic DNS Proxy is a solution that has been around for many years. I used it years ago to block malware and add-ware domains. I used the wildcard feature to reduce a several thousand line malware hosts file to a few hundred lines! I stopped using Acrylic DNS when add blocking extensions got better and it was just another thing that you had to include in your 'troubleshooting checklist.' Now, with windows 10 (and, it seems, windows 8 and windows 7), you can't escape having some software or changed parameter added into your 'troubleshooting checklist'. Pick your poison! Now, when something breaks, you either have to look at changing back the settings and registry tweaks you did, or messing around with some firewall parameters, or--in my case--stopping Acrylic DNS Proxy and seeing if that solves whatever problem is going on. Turning off Acrylic DNS Proxy takes two steps, so it's actually fairly effortless. Plus, it's portable, so once you turn it off, you know it's off! I've seen some people comment that using a proxy can cause problems with going to certain sites? I never had any problems when I used this solution years ago and haven't had any recently. Anyone know of any issues with using a simple domain cache proxy program?
Thanks for the heads up mate for this program. Can you please document the steps you took to setup Acrylic DNS proxy portable and then the steps to block all Windows spying stuff with it? Also how to monitor if this tool is actually doing what it's supposed to do? Also if I use this, I don't have to worry about disabling any other stuff like registry edits or disabling/removing packages? Thanks and waiting for your response.
@lomticksoftoast Thank you for the tips! How to run acrylic proxy both with dns crypt proxy? Thank you!
Spoiler Over time I believe M$ will try to bypass its own Windows Firewall. New firewall blocks or methods or 3rd party sol. must be needed. In the meantime I'll follow your recommendation Cody. Btw I use WFC too.
CODY, 1. Is it good to make use of WFC too, to delete all rules that aren't "Core Networking" I feel much more comfortable using WFC for such tasks. I ask because you said "before I use it" so I think you are talking about WFC, or WF itself? lol 2. After deletion I believe a lot of prompts will pop up asking for permission in WFC. For my apps and programs piece of cake, how about Windows services, processes, I think a myriad of unknown programs will ask for permission so which ones to allow, which ones to deny/block. Do you have a blacklist or a whitelist is a better approach?