44r0n7/privacy.sexy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: 44r0n7:capability
Branches Tags
44r0n7:master 44r0n7:defender 44r0n7:panel 44r0n7:macosintel 44r0n7:anims 44r0n7:buildx 44r0n7:dead-urls-1 44r0n7:nvidia-308 44r0n7:services 44r0n7:unrec 44r0n7:capability 44r0n7:moremacos 44r0n7:disableservices
44r0n7:0.13.6 44r0n7:0.13.5 44r0n7:0.13.4 44r0n7:0.13.3 44r0n7:0.13.2 44r0n7:0.13.1 44r0n7:0.13.0 44r0n7:0.12.10 44r0n7:0.12.9 44r0n7:0.12.8 44r0n7:0.12.7 44r0n7:0.12.6 44r0n7:0.12.5 44r0n7:0.12.4 44r0n7:0.12.3 44r0n7:0.12.2 44r0n7:0.12.1 44r0n7:0.12.0 44r0n7:0.11.4 44r0n7:0.11.3 44r0n7:0.11.2 44r0n7:0.11.1 44r0n7:0.11.0 44r0n7:0.10.3 44r0n7:0.10.2 44r0n7:0.10.1 44r0n7:0.10.0 44r0n7:0.9.2 44r0n7:0.9.1 44r0n7:0.9.0 44r0n7:0.8.2 44r0n7:0.8.1 44r0n7:0.8.0 44r0n7:0.7.6 44r0n7:0.7.5 44r0n7:0.7.4 44r0n7:0.7.3 44r0n7:0.7.2 44r0n7:0.7.1 44r0n7:0.7.0 44r0n7:0.6.2 44r0n7:0.6.1 44r0n7:0.6.0 44r0n7:0.5.0 44r0n7:0.4.10 44r0n7:0.4.9 44r0n7:0.4.8 44r0n7:0.4.7 44r0n7:0.4.6 44r0n7:0.4.5 44r0n7:0.4.4 44r0n7:0.4.3 44r0n7:0.4.2 44r0n7:0.4.1 44r0n7:0.4.0 44r0n7:0.3.0 44r0n7:0.2.0 44r0n7:0.1.0
..
compare: 44r0n7:unrec
Branches Tags
44r0n7:master 44r0n7:defender 44r0n7:panel 44r0n7:macosintel 44r0n7:anims 44r0n7:buildx 44r0n7:dead-urls-1 44r0n7:nvidia-308 44r0n7:services 44r0n7:unrec 44r0n7:capability 44r0n7:moremacos 44r0n7:disableservices
44r0n7:0.13.6 44r0n7:0.13.5 44r0n7:0.13.4 44r0n7:0.13.3 44r0n7:0.13.2 44r0n7:0.13.1 44r0n7:0.13.0 44r0n7:0.12.10 44r0n7:0.12.9 44r0n7:0.12.8 44r0n7:0.12.7 44r0n7:0.12.6 44r0n7:0.12.5 44r0n7:0.12.4 44r0n7:0.12.3 44r0n7:0.12.2 44r0n7:0.12.1 44r0n7:0.12.0 44r0n7:0.11.4 44r0n7:0.11.3 44r0n7:0.11.2 44r0n7:0.11.1 44r0n7:0.11.0 44r0n7:0.10.3 44r0n7:0.10.2 44r0n7:0.10.1 44r0n7:0.10.0 44r0n7:0.9.2 44r0n7:0.9.1 44r0n7:0.9.0 44r0n7:0.8.2 44r0n7:0.8.1 44r0n7:0.8.0 44r0n7:0.7.6 44r0n7:0.7.5 44r0n7:0.7.4 44r0n7:0.7.3 44r0n7:0.7.2 44r0n7:0.7.1 44r0n7:0.7.0 44r0n7:0.6.2 44r0n7:0.6.1 44r0n7:0.6.0 44r0n7:0.5.0 44r0n7:0.4.10 44r0n7:0.4.9 44r0n7:0.4.8 44r0n7:0.4.7 44r0n7:0.4.6 44r0n7:0.4.5 44r0n7:0.4.4 44r0n7:0.4.3 44r0n7:0.4.2 44r0n7:0.4.1 44r0n7:0.4.0 44r0n7:0.3.0 44r0n7:0.2.0 44r0n7:0.1.0

1 Commits
capability ... unrec

Author SHA1 Message Date
undergroundwires
d49d5c81c1 Group and unrecommend disabling of update services 
Group disabling of background auto-update services under same category.

Unrecommend them from "Standard" but only on "Strict". They can possibly
break auto-updates (even when application is running) which can reduce
security by leaving the user with known vulnerabilities in older
versions.
 2023-08-04 18:05:02 +01:00
1 changed files with 84 additions and 111 deletions
Expand all files Collapse all files

85
src/application/collections/windows.yaml
View File

@@ -2571,9 +2571,15 @@ actions:
docs: https://github.com/privacysexy-forks/policy-templates#disabletelemetry docs: https://github.com/privacysexy-forks/policy-templates#disabletelemetry
code: reg add HKLM\SOFTWARE\Policies\Mozilla\Firefox /v DisableTelemetry /t REG_DWORD /d 1 /f code: reg add HKLM\SOFTWARE\Policies\Mozilla\Firefox /v DisableTelemetry /t REG_DWORD /d 1 /f
revertCode: reg add HKLM\SOFTWARE\Policies\Mozilla\Firefox /v DisableTelemetry /t REG_DWORD /d 0 /f revertCode: reg add HKLM\SOFTWARE\Policies\Mozilla\Firefox /v DisableTelemetry /t REG_DWORD /d 0 /f
-
category: Disable background update check services
# Reduces frequent requests to third party servers
# Those request reveal information like machine information (such as software version and IP address) and usage behavior
# Once disabled, applications only check for updates and notify when they're being used
children:
- -
name: Disable Google update service name: Disable Google update service
recommend: standard recommend: strict
docs: docs:
- https://websetnet.net/how-to-disable-google-chrome-automatic-updates-in-windows-10/ - https://websetnet.net/how-to-disable-google-chrome-automatic-updates-in-windows-10/
- https://www.bleepingcomputer.com/startups/GoogleUpdate.exe-25791.html #gupdate - https://www.bleepingcomputer.com/startups/GoogleUpdate.exe-25791.html #gupdate
@@ -2600,7 +2606,7 @@ actions:
defaultStartupMode: Automatic # Allowed values: Automatic | Manual defaultStartupMode: Automatic # Allowed values: Automatic | Manual
- -
name: Disable Adobe Acrobat update service name: Disable Adobe Acrobat update service
recommend: standard recommend: strict
call: call:
- -
function: DisableService function: DisableService
@@ -2626,25 +2632,9 @@ actions:
revertCode: |- revertCode: |-
schtasks /change /tn "Adobe Acrobat Update Task" /enable schtasks /change /tn "Adobe Acrobat Update Task" /enable
schtasks /change /tn "Adobe Flash Player Updater" /enable schtasks /change /tn "Adobe Flash Player Updater" /enable
-
name: Disable Razer Game Scanner Service
recommend: standard
call:
function: DisableService
parameters:
serviceName: Razer Game Scanner Service # Check: (Get-Service -Name 'Razer Game Scanner Service').StartType
defaultStartupMode: Manual # Allowed values: Automatic | Manual
-
name: Disable Logitech Gaming Registry Service
recommend: standard
call:
function: DisableService
parameters:
serviceName: LogiRegistryService # Check: (Get-Service -Name 'LogiRegistryService').StartType
defaultStartupMode: Automatic # Allowed values: Automatic | Manual
- -
name: Disable Dropbox auto update service name: Disable Dropbox auto update service
recommend: standard recommend: strict
call: call:
- -
function: DisableService function: DisableService
@@ -2665,6 +2655,23 @@ actions:
revertCode: |- revertCode: |-
schtasks /Change /ENABLE /TN "DropboxUpdateTaskMachineCore" schtasks /Change /ENABLE /TN "DropboxUpdateTaskMachineCore"
schtasks /Change /ENABLE /TN "DropboxUpdateTaskMachineUA" schtasks /Change /ENABLE /TN "DropboxUpdateTaskMachineUA"
-
name: Disable Razer Game Scanner Service
recommend: standard
call:
function: DisableService
parameters:
serviceName: Razer Game Scanner Service # Check: (Get-Service -Name 'Razer Game Scanner Service').StartType
defaultStartupMode: Manual # Allowed values: Automatic | Manual
-
name: Disable Logitech Gaming Registry Service
recommend: standard
call:
function: DisableService
parameters:
serviceName: LogiRegistryService # Check: (Get-Service -Name 'LogiRegistryService').StartType
defaultStartupMode: Automatic # Allowed values: Automatic | Manual
- -
category: Disable Media Player data collection category: Disable Media Player data collection
children: children:
@@ -7359,44 +7366,10 @@ functions:
call: call:
function: RunPowerShell function: RunPowerShell
parameters: parameters:
code: |- code: Get-WindowsCapability -Online -Name '{{ $capabilityName }}*' | Remove-WindowsCapability -Online
$capabilityName = '{{ $capabilityName }}'
try {
# Using wildcard for version number handling
$capability = Get-WindowsCapability -Online -Name "$capabilityName*"
if (!$capability) {
Write-Host "Skipping. Capability `"$capabilityName`" is missing."
exit 0
}
if ($capability.State -eq 'NotPresent') {
Write-Host "Skipping. Capability `"$capabilityName`" is missing."
exit 0
}
Write-Host "Removing capability `"$capabilityName`""
Remove-WindowsCapability -Online -Name "$($capability.Name)" -ErrorAction Stop
Write-Host "Successfully removed `"$CapabilityName`""
}
catch {
Write-Error "Failed to remove `"$capabilityName`": $_"
}
revertCode: |- revertCode: |-
$capabilityName = '{{ $capabilityName }}' $capability = Get-WindowsCapability -Online -Name '{{ $capabilityName }}*'
try { Add-WindowsCapability -Name "$capability.Name" -Online
# Using wildcard for version number handling
$capability = Get-WindowsCapability -Online -Name "$capabilityName*"
if (!$capability) {
Write-Error "Failed to find `"$capabilityName`"."
exit 1
}
$result = Add-WindowsCapability -Name $capability.Name -Online -ErrorAction Stop
Write-Host "Successfully added `"$capabilityName`"."
if ($result.RestartNeeded -eq 'Yes') {
Write-Warning "A restart is needed to finish installing `"$capabilityName`"."
}
}
catch {
Write-Error "Failed to add `"$capabilityName`": $_"
}
- -
name: RenameSystemFile name: RenameSystemFile
parameters: parameters: