
Optimizing and Securing Windows 10 - sdrinf
http://www.cyberpunkforums.com/viewtopic.php?id=3692
======
ryuuchin
Some of it is legit I suppose but a lot of it reads like snake oil. Also I'm
not sure "Securing" Windows 10 is accurate here as we'll see shortly. It seems
to really mostly be about "Optimization and Privacy" in Windows 10. I'm mostly
ok with the privacy portion or at least the attempt to do so but I would be
cautious of any "Optimization" since care must be taken to not be doing more
harm than good[1].

> You will be prompted by a User Account Control warning. Click 'change User
> Account Control settings', reduce the slider to 'never notify', and click
> 'OK' to apply the changes.

Securing Windows 10 would involve setting it to always notify. Also it should
recommend running as a standard user and having an admin account be separate.
I'm not sure I can take this very seriously as a security guide.

I wouldn't recommend messing too heavily with services aside from disabling
the ONE telemetry service. Most things which aren't used won't be running
anyway.

> If you have a desktop computer, you will want to change the power settings
> to 'High performance'

Not sure about this one... Modern processors (and Windows 10 itself) are
pretty good at it and I've yet to have any issues with it running at balanced.
If you want to disable the HDD power off feature that's fine but you can do
that just fine in the default Balanced profile. I think this "tweak" is mostly
snake oil.

Please take "guides" like this with a grain of salt as messing around too
heavily may wind up doing more harm than good. Remember that more often than
not, no you don't know better than the people who made the operating system. I
think the privacy stuff comes from the right place but the rest of it sounds
like mostly snake oil and this is definitely not a security guide so tread
carefully.

tl;dr It's mostly snake oil and certainly not a security guide.

[1] Disabling the page file is an often cited example which almost certainly
does more harm than good.

~~~
windowsworkstoo
Yep, as legit as "registry cleaners". Some of those services that are disabled
will break 3rd party software in subtle and unexpected ways.

Though my favourite was turning sounds off for a modest performance gain.
Clearly a meme guide "curated" by people with a very shallow understanding of
Windows

~~~
Chlorus
My favorite:
[https://blogs.msdn.microsoft.com/oldnewthing/20130327-00/?p=...](https://blogs.msdn.microsoft.com/oldnewthing/20130327-00/?p=4833)
People had written guides advocating for turning off certain 3D effects, which
itself would turn off hardware acceleration and slow down rendering.

------
AdmiralAsshat
This guide provides a false sense of hope, I'm afraid. Securing Windows from
Microsoft's invasive policies is basically impossible. Cortana has now become
un-removable: [http://www.pcworld.com/article/3100358/windows/you-cant-
turn...](http://www.pcworld.com/article/3100358/windows/you-cant-turn-off-
cortana-in-the-windows-10-anniversary-update.html)

And those of us who thought we were safe using Windows 10 Pro woke up today to
discover that the forthcoming Anniversary Update will actually be removing our
ability to disable many of these features via the Group Policy editor:

[http://www.ghacks.net/2016/07/28/microsoft-removes-
policies-...](http://www.ghacks.net/2016/07/28/microsoft-removes-policies-
windows-10-pro/)

~~~
kalsk
That's a bait-and-switch if I ever saw one. I suppose it's more than a
coincidence that this happens just as the free upgrade period comes to an end?

~~~
yuhong
To be honest, it was called the Anniversary Edition from the beginning.

~~~
lucb1e
It wouldn't surprise me if this was the plan from the beginning, too.

Not saying it is, just saying big corps usually plan ahead.

------
Pengwin
Doing this guide verbatim is a terrible idea to anyone who doesn't understand
what they are doing, Especially obtaining from a source like the pirate bay.
You can obtain an ISO straight from Microsoft - [https://www.microsoft.com/en-
us/software-download/windows10I...](https://www.microsoft.com/en-us/software-
download/windows10ISO).

(Ironically it seems the ISO doesn't download over https, but I'd use it over
a varying quality torrent site any day.)

------
zamalek
> Securing Windows 10

By the end of the steps, UAC has been left turned off.

------
voltagex_
Err, isn't this guide advocating piracy?

~~~
PeCaN
Pretty sure Microsoft is advocating piracy by bundling a keylogger with the
consumer editions.

~~~
yuhong
It is not actually a keylogger in the traditional sense, and I think even that
can be disabled.

~~~
CamperBob2
Yeah, traditionally your data gets shipped off to Russia or Romania, rather
than Redmond.

------
viraptor
Regardless of contents, this is a bad way to write a guide of actions to take.
Things like:

> Under the Wi-Fi tab click 'manage Wi-Fi settings', uncheck all options.

may mean something completely different in a few months in a system that's
going to evolve under a single version. What if MS adds something like "don't
automatically try to connect to devices on this network" as a new option in
the future. Uncheck that too?

------
Cameron_D
This is probably a better guide for getting started with securing Windows:

[https://decentsecurity.com/securing-your-
computer/](https://decentsecurity.com/securing-your-computer/)

------
UnoriginalGuy
> If you do not have a copy, one can be easily acquired online. However, if
> you do acquire it online[0], you will also need to download additional
> software to activate the operating system. At the time of this writing,
> KMSpic[1] is recommended as the best and safest option.

I've had to flag this article. They're advocating piracy and linking to an
activation remover and image.

[0] Link to a Windows 10 Image

[1] Link to a Windows 10 activation remover.

------
quaffapint
I you're just interested in privacy, use this free tool from O&O...
[https://www.oo-software.com/en/shutup10](https://www.oo-
software.com/en/shutup10) ...Easy to turn on/off what you would like.

------
graycat
I have three suggestions to improve the OP:

(1) Make the fonts 2-3 times larger.

(2) Make the fonts solid black.

(3) Make the background solid white.

~~~
PeCaN
White-on-black is easier to read than black-on-white IMO.

Also, if you're using Firefox you can go to Options ‣ Content ‣ Advanced
(Under Fonts & Colors) ‣ Uncheck “Allow pages to choose their own fonts,
instead of my selections above” and make the internet a much nicer place.

~~~
graycat
I do let Firefox let the pages choose their own fonts.

The page as it is is completely impossible for me to read. Even if I have
Firefox magnify the page, the combination of the fonts and the black
background means that I can't see the characters. Magnifying via Firefox
doesn't help. A magnifying glass doesn't help.

I can't read those fonts on that background. Literally, absolutely,
positively, I can't read the characters. With those fonts on that black
background, there just is not enough contrast for me to read the characters at
all. Can't read the page. I want to be clear: Literally I can't read the page.
Am I being clear enough? Still, I can't read the page.

I don't want to be obscure. The fact is, I can't read the page.

To read the text, I'd have to capture it on the clipboard and move it to my
favorite editor, but in that case I'd lose the links unless I inserted them by
hand.

I have a nice, bright CRT, 14", with 1024 x 768 pixels.

I'm not joking -- to me the page is impossible to read. Not joking. I couldn't
read the page. I gave up on reading the page.

The three simple, little changes I suggested would make the page plenty easy
for me to read.

~~~
PeCaN
> I do let Firefox let the pages choose their own fonts.

Well there's the problem. I suggested you _uncheck_ that.

------
Kenji
Something that appears to be missing: Disable Windows Defender either way.
It's a piece of garbage that is running by default, does massive amounts of
disk I/O for no reason, automatically deletes false positives like community
patches for games (how infantilizing) and slows down the PC (and no, my PC is
not infected, this is my experience across many independent machines).

