Locking Down Windows

I’ve recently moved Back to Windows for my desktop computing. But Windows 10 comes with enormous privacy and security issues that people need to take into account…and get under a semblance of control. Here’s how I did it.

There has been much written on this subject, so what I’m including here is more of a digest of what I’ve found elsewhere with perspective on how it worked out for me over time.

Windows Tweaker

This is a pretty good tool that does what Windows should do out of the box: give you one-stop access to all Windows’ settings. As it is, Windows 10 has spread out many settings, including those for Privacy, to the Settings screen as well as Registry Editor and Group Policy Editor.

There are dozens of look and feel tweaks, including an easy way to force Windows to use the hidden Dark Theme.

The Privacy Tab, however, is the single most important. There, you can easily turn of all the nasty privacy holes in Windows 10, such as how the OS sends things like keystrokes (that’s right!) back to Microsoft. The list of holes it will close is long: Telemetry, Biometrics, Advertising ID, Cortana, etc.

Cortana

Speaking of Cortana, I was really excited that this kind of virtual assistant was embedded in Windows 10. I looked forward to trying it out. But then I read the fine print.

Cortana is a privacy nightmare. She can’t be trusted. She’s a blabbermouth and repeats back everything you tell her to not just Microsoft, but indirectly to all of their advertising partners. And who knows where all that data goes and how secure it is in the long run.

Yuck!

Turn her off. Pull the plug. Zero her out.

The easiest way to disable her is to set up a Local Account. But there’s more info out there, including this at PC World.

Local Account

When you first install Windows 10, unplug the ethernet and shut down wifi. Then, when you’re certain that all of MSFT’s listeners can’t communicate with your machine, go through the Installation Set Up process and when asked to create/log in to your Microsoft Account, don’t. Instead, use the Local Account option.

The down sides of going this route are that you can’t sync your experience, accounts and apps across devices. You also won’t be able to use Cortana.

The up sides are that using a Local account means you will be far more secure and private in whatever you do with your computer (as long as you maintain the many other privacy settings).

Reduce Risk and Streamline Your PC

Windows 10 comes crammed with many programs you may not want. Some of these may even be tracking and sharing, so if you don’t actually use it, why not lighten the load on your system and remove them.

You can do this the slow way, one app at a time, or you can use the Powershell nuclear option and kill them all at once.

I did this and haven’t regretted it one bit. So fire away…

Privacy Settings

I won’t go into all of this. There is plenty of solid advise on reducing your exposure on other sites (like at PC World) and some lengthy YouTube videos which you can easily find.

But it is critical that you go into the Settings panel and turn everything off at the very least. That’s my feeling. Some tell you that you even need to set up IP blocks to keep your machine from reporting back to Microsoft and its advertising partners.

Others say this is somewhat overblown, and not unique to Windows, like over at LifeHacker, so I’ll leave it to you to decide.

Conclusion

It’s really too bad that operating systems have gone down this road. Our PCs should be tools for us and not the other way around.

Imagine if everything that happened on your device stayed private. Imagine if it was all encrypted and nobody could hack into your PC or Microsoft’s servers or their advertisers’ databases and learn all kinds of things about you, your family, your work, your finances, your secrets. And yet, this is precisely what Microsoft (and iOS, Android and others) did, intentionally.

Frankly, I think its bordering on criminal negligence, but good luck suing when your data gets exploited.

Better safe than sorry…that’s my take. Do a little work and lock down your computer.

Good luck out there…

 

Return to Windows

There’s a Windows machine back in my house. That’s right, after 14 years of Mac OS, I’ve shifted my OS back to Windows…on my primary computer!

Windows? WTF?

So, Mac OSX is still a superior operating system. But the gap between Windows and OSX has shrunk considerably with the launch of Windows 10, but that’s hardly a good reason to leave behind the most simple, well-designed and usable OS out there.

But Apple is steadily closing the noose on what computer users can do with their machines and this has really rubbed me the wrong way.

Besides, I had a dream. A dream to build a dream machine, that is. I wanted to build my own ‘Adobe Machine’ for home use and also be able to swap out hardware over time. In Apple’s ultra-controlled ecosystem, building such a device would be very, very costly and also fail to really expand over time. And for very practical reasons, relying on a finicky Hacitosh was out of the picture.

So, fed up with the self-imposed limitations of Mac, I went back to Windows…and this is my experience.

First Impressions

desktopSo, the design of Windows 10 is actually quite pleasant. The modern ‘Metro’ UI is very pleasant (I only wish it was applied uniformly across the OS–more on that later).

The Start (menu) is actually a great way to tuck all of your most important apps out of sight. And I love that it’s flexible, allowing you to organize apps and folders however you want. There are even ways to label and group apps however you wish. The librarian in me sings with these kind of organizational features.

I’ve found that I actually use the Start Menu as a replacement for not only my Desktop but also the Task Bar, which I only keep visible so I have the clock visible.

Maybe it’s the OSXer in me, but there are parts of Windows 10 that feel like redundant re-thinks of more familiar features. For example, the Action Center has quick access icons for things like VPN and creating Notes, all of which, one would expect would be handled by the Start Menu. There’s also the little arrow-thingy on the task bar where certain background apps live. Why?

An Unfinished OS?

As I began customizing and exploring Windows 10, I began to realize that Microsoft must have pushed Windows 10 out the door before the pain was dry. There are odd discontinuities you the pleasantly designed Metro aesthetic ends and you’re suddenly thrown into some god-awful old-school Windows environment. This happens in the Settings panel often, for example, once you get a couple levels down.

Uh, guys, the Metro thing really works. Did you not have time to reskin the old Windows 7/XP UI sections? Please do this soon. It’s like you drove up in a super sweet ride, with designer shades on your face and then you get out of the car and you’re not wearing pants! Actually, you’re wearing tighty-whities.

Also, what’s up with the VPN workflow? As it currently works, it takes no less than four clicks to connect to my VPN. This should be one or two clicks, really. Please fix.

There’s a very nice dark theme, but, alas, it only applies to certain top-level sections of the OS. The File Explorer (a heavily used part of the UI), actually does not inherit the dark theme. There are hacks out there, but seriously, this should be as universal as setting your color scheme.

Can’t wait for Windows 10 to get all grow’d up.

Privacy

I’m going to write an entire blog on this, but Privacy is the biggest issue with this OS. Readers of my blog will know my personal feelings on this issue run strong. So I spent considerable time fighting Microsoft’s defaults, configuring privacy settings, messing with the registry (really?) and even doing a few hacks to lock this computer down.

Microsoft is really doing a number on its users. Windows 10 users are handing over unconscionable amounts of personal information over to Microsoft’s servers, their advertising partners and, if this info ever gets hacked (won’t happen, right?), to whoever wants to do a number on Windows 10 users.

Anyway, needless to say, I had to forgo using Cortana, which is sad because I’m very interested in these kinds of proto-AI tools. But as long as their phoning home, I just unplug them. Did the same to all the “Modern Apps” like Maps, News, etc.

Bottom Line

Breaking up with OSX was actually not as painful as I had expected. And I’m really enjoying Windows 10, save for a few frustration points as outlined above. Overall, it’s well worth the trade offs.

And my Dream Machine, which I christened Sith Lord (because it’s a big, dark beast), is running Adobe CC, rendering at light speed and could probably do the Kessel Run in less than 12 Parsecs.