I have been watching over Windows 10 since it's release. There seem to be a lot of privacy & security concerns caused by a lot of Windows 10 features (eg: cortana search). note: make sure you use custom install so you can set the correct privacy settings (just like on windows 8.1). here is a windows 10 specific guide
Some basic tweaks for fixing/mitigating information leaking include disabling & blocking telemetry.
Disable Telemetry In Powershell:
mkdir -Force "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" sp "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" "AllowTelemetry" 0 sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\DataCollection" "AllowTelemetry" 0
A lot of people are also using a HOSTS file to block the servers.
Disabling Services #
To save time doing this manually I have coded a powershell script. The default options disable a lot of services relating to information exposure/leaking. I have layed out the services list to be easily edited depending on the environment, eg: people who use Windows 10 for gaming may want to use the Xbox Live services.
Services Considered To Have Spying/Leaking Capabilities:
Data Collection and Publishing Service Microsoft (R) Diagnostics Hub Standard Collector Service Diagnostics Tracking Service Sensor Monitoring Service WAP Push Message Routing Service Geolocation Service Downloaded Maps Manager Net.Tcp Port Sharing Service Routing and Remote Access Remote Registry Internet Connection Sharing (ICS) Distributed Link Tracking Client Windows Biometric Service Windows Media Player Network Sharing Service Windows Search
Most of these are self explanatory.
A little more detail on **Windows Search** Cortana in Windows 10 references internet history from Edge, metadata from emails, indexed files on local filesystems, email contacts & applications installed. (cortana also stores location based information long/lat & the time the location was visited) A lot of the Microsoft core applications use EDB databases to store information making it easier for Cortana to access it (which also means data recovery/surveillance specialists can access it with relative ease).
Disabling Built-in Tasks #
By default there are also a lot of scheduled tasks within Windows 10. The main ones to note are Customer & Application Experience tasks.
TaskPath TaskName State -------- -------- ----- \Microsoft\Windows\AppID\ SmartScreenSpecific Disabled \Microsoft\Windows\Application Experience\ Microsoft Compatibility Appraiser Disabled \Microsoft\Windows\Application Experience\ ProgramDataUpdater Disabled \Microsoft\Windows\Autochk\ Proxy Disabled \Microsoft\Windows\Customer Experience Impr... Consolidator Disabled \Microsoft\Windows\Customer Experience Impr... KernelCeipTask Disabled \Microsoft\Windows\Customer Experience Impr... UsbCeip Disabled \Microsoft\Windows\DiskDiagnostic\ Microsoft-Windows-DiskDiagnost... Disabled \Microsoft\Windows\DiskDiagnostic\ Microsoft-Windows-DiskDiagnost... Disabled \Microsoft\Windows\PI\ Sqm-Tasks Disabled
Powershell Scripts #
I have coded 2 Powershell scripts to automate disabling of services and scheduled tasks. Both of the scripts are available for download on my github. They are both layed out very similarly making it easy for people to comment out (or add) to the lists.