Quote:
Originally Posted by an0rma1
@surferxyz: i am using here shutup10. Do you think is best to user other program? I thought this was very complete. Thanks
|
I think shutup10 is alright as a quick way to setup a new windows 10 install, I haven't seen any research on exactly what communication is remaining from windows to microsoft after these tools are run.
But I can confirm that with shutup10 the "WpnService" (windows push notification service) is still running after you used the tool, resulting in a persistent connection to microsoft, which I feel like should be an option to turn off in the tool (and therefore I would say it is not doing a very good job/living up to its name). However I found basically all the other similar tools had the same deficiency.
I don't think any are "very complete", and I'd like to see a good technical review of what communication remains, and exactly what risks are involved with allowing unfiltered windows update communication.
Also I had the idea that, it might be good to intercept the windows update process, and use a out of band web of trust mechanism to confirm that everyone is also receiving the same updates (so for example preventing Microsoft from pushing out a backdoor update just targeting you/or a subset of users)
I know you can kind of do that already by using WSUS, but that seems too heavy for the simple kind of validation I have in mind.