44r0n7/privacy.sexy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: 44r0n7:capability
Branches Tags
44r0n7:master 44r0n7:defender 44r0n7:panel 44r0n7:macosintel 44r0n7:anims 44r0n7:buildx 44r0n7:dead-urls-1 44r0n7:nvidia-308 44r0n7:services 44r0n7:unrec 44r0n7:capability 44r0n7:moremacos 44r0n7:disableservices
44r0n7:0.13.6 44r0n7:0.13.5 44r0n7:0.13.4 44r0n7:0.13.3 44r0n7:0.13.2 44r0n7:0.13.1 44r0n7:0.13.0 44r0n7:0.12.10 44r0n7:0.12.9 44r0n7:0.12.8 44r0n7:0.12.7 44r0n7:0.12.6 44r0n7:0.12.5 44r0n7:0.12.4 44r0n7:0.12.3 44r0n7:0.12.2 44r0n7:0.12.1 44r0n7:0.12.0 44r0n7:0.11.4 44r0n7:0.11.3 44r0n7:0.11.2 44r0n7:0.11.1 44r0n7:0.11.0 44r0n7:0.10.3 44r0n7:0.10.2 44r0n7:0.10.1 44r0n7:0.10.0 44r0n7:0.9.2 44r0n7:0.9.1 44r0n7:0.9.0 44r0n7:0.8.2 44r0n7:0.8.1 44r0n7:0.8.0 44r0n7:0.7.6 44r0n7:0.7.5 44r0n7:0.7.4 44r0n7:0.7.3 44r0n7:0.7.2 44r0n7:0.7.1 44r0n7:0.7.0 44r0n7:0.6.2 44r0n7:0.6.1 44r0n7:0.6.0 44r0n7:0.5.0 44r0n7:0.4.10 44r0n7:0.4.9 44r0n7:0.4.8 44r0n7:0.4.7 44r0n7:0.4.6 44r0n7:0.4.5 44r0n7:0.4.4 44r0n7:0.4.3 44r0n7:0.4.2 44r0n7:0.4.1 44r0n7:0.4.0 44r0n7:0.3.0 44r0n7:0.2.0 44r0n7:0.1.0
..
compare: 44r0n7:unrec
Branches Tags
44r0n7:master 44r0n7:defender 44r0n7:panel 44r0n7:macosintel 44r0n7:anims 44r0n7:buildx 44r0n7:dead-urls-1 44r0n7:nvidia-308 44r0n7:services 44r0n7:unrec 44r0n7:capability 44r0n7:moremacos 44r0n7:disableservices
44r0n7:0.13.6 44r0n7:0.13.5 44r0n7:0.13.4 44r0n7:0.13.3 44r0n7:0.13.2 44r0n7:0.13.1 44r0n7:0.13.0 44r0n7:0.12.10 44r0n7:0.12.9 44r0n7:0.12.8 44r0n7:0.12.7 44r0n7:0.12.6 44r0n7:0.12.5 44r0n7:0.12.4 44r0n7:0.12.3 44r0n7:0.12.2 44r0n7:0.12.1 44r0n7:0.12.0 44r0n7:0.11.4 44r0n7:0.11.3 44r0n7:0.11.2 44r0n7:0.11.1 44r0n7:0.11.0 44r0n7:0.10.3 44r0n7:0.10.2 44r0n7:0.10.1 44r0n7:0.10.0 44r0n7:0.9.2 44r0n7:0.9.1 44r0n7:0.9.0 44r0n7:0.8.2 44r0n7:0.8.1 44r0n7:0.8.0 44r0n7:0.7.6 44r0n7:0.7.5 44r0n7:0.7.4 44r0n7:0.7.3 44r0n7:0.7.2 44r0n7:0.7.1 44r0n7:0.7.0 44r0n7:0.6.2 44r0n7:0.6.1 44r0n7:0.6.0 44r0n7:0.5.0 44r0n7:0.4.10 44r0n7:0.4.9 44r0n7:0.4.8 44r0n7:0.4.7 44r0n7:0.4.6 44r0n7:0.4.5 44r0n7:0.4.4 44r0n7:0.4.3 44r0n7:0.4.2 44r0n7:0.4.1 44r0n7:0.4.0 44r0n7:0.3.0 44r0n7:0.2.0 44r0n7:0.1.0

1 Commits
capability ... unrec

Author SHA1 Message Date
undergroundwires
d49d5c81c1 Group and unrecommend disabling of update services 
Group disabling of background auto-update services under same category.

Unrecommend them from "Standard" but only on "Strict". They can possibly
break auto-updates (even when application is running) which can reduce
security by leaving the user with known vulnerabilities in older
versions.
 2023-08-04 18:05:02 +01:00
1 changed files with 84 additions and 111 deletions
Expand all files Collapse all files

195
src/application/collections/windows.yaml
View File

@@ -2572,60 +2572,89 @@ actions:
code: reg add HKLM\SOFTWARE\Policies\Mozilla\Firefox /v DisableTelemetry /t REG_DWORD /d 1 /f code: reg add HKLM\SOFTWARE\Policies\Mozilla\Firefox /v DisableTelemetry /t REG_DWORD /d 1 /f
revertCode: reg add HKLM\SOFTWARE\Policies\Mozilla\Firefox /v DisableTelemetry /t REG_DWORD /d 0 /f revertCode: reg add HKLM\SOFTWARE\Policies\Mozilla\Firefox /v DisableTelemetry /t REG_DWORD /d 0 /f
- -
name: Disable Google update service category: Disable background update check services
recommend: standard # Reduces frequent requests to third party servers
docs: # Those request reveal information like machine information (such as software version and IP address) and usage behavior
- https://websetnet.net/how-to-disable-google-chrome-automatic-updates-in-windows-10/ # Once disabled, applications only check for updates and notify when they're being used
- https://www.bleepingcomputer.com/startups/GoogleUpdate.exe-25791.html #gupdate children:
- https://www.bleepingcomputer.com/startups/GoogleUpdate.exe-26582.html #gupdatem
call:
- -
function: RunInlineCode name: Disable Google update service
parameters: recommend: strict
code: |- docs:
schtasks /change /disable /tn "GoogleUpdateTaskMachineCore" - https://websetnet.net/how-to-disable-google-chrome-automatic-updates-in-windows-10/
schtasks /change /disable /tn "GoogleUpdateTaskMachineUA" - https://www.bleepingcomputer.com/startups/GoogleUpdate.exe-25791.html #gupdate
revertCode: |- - https://www.bleepingcomputer.com/startups/GoogleUpdate.exe-26582.html #gupdatem
schtasks /Change /enable /tn "GoogleUpdateTaskMachineCore" call:
schtasks /change /enable /tn "GoogleUpdateTaskMachineUA" -
function: RunInlineCode
parameters:
code: |-
schtasks /change /disable /tn "GoogleUpdateTaskMachineCore"
schtasks /change /disable /tn "GoogleUpdateTaskMachineUA"
revertCode: |-
schtasks /Change /enable /tn "GoogleUpdateTaskMachineCore"
schtasks /change /enable /tn "GoogleUpdateTaskMachineUA"
-
function: DisableService
parameters:
serviceName: gupdate # Check: (Get-Service -Name gupdate).StartType
defaultStartupMode: Automatic # Allowed values: Automatic | Manual
-
function: DisableService
parameters:
serviceName: gupdatem # Check: (Get-Service -Name gupdatem).StartType
defaultStartupMode: Automatic # Allowed values: Automatic | Manual
- -
function: DisableService name: Disable Adobe Acrobat update service
parameters: recommend: strict
serviceName: gupdate # Check: (Get-Service -Name gupdate).StartType call:
defaultStartupMode: Automatic # Allowed values: Automatic | Manual -
function: DisableService
parameters:
serviceName: AdobeARMservice # Check: (Get-Service -Name AdobeARMservice).StartType
defaultStartupMode: Automatic # Allowed values: Automatic | Manual
-
function: DisableService
parameters:
serviceName: adobeupdateservice # Check: (Get-Service -Name adobeupdateservice).StartType
defaultStartupMode: Automatic # Allowed values: Automatic | Manual
-
function: DisableService
parameters:
serviceName: adobeflashplayerupdatesvc # Check: (Get-Service -Name adobeflashplayerupdatesvc).StartType
defaultStartupMode: Automatic # Allowed values: Automatic | Manual
-
function: RunInlineCode
parameters:
code: |-
schtasks /change /tn "Adobe Acrobat Update Task" /disable
schtasks /change /tn "Adobe Flash Player Updater" /disable
revertCode: |-
schtasks /change /tn "Adobe Acrobat Update Task" /enable
schtasks /change /tn "Adobe Flash Player Updater" /enable
- -
function: DisableService name: Disable Dropbox auto update service
parameters: recommend: strict
serviceName: gupdatem # Check: (Get-Service -Name gupdatem).StartType call:
defaultStartupMode: Automatic # Allowed values: Automatic | Manual -
- function: DisableService
name: Disable Adobe Acrobat update service parameters:
recommend: standard serviceName: dbupdate # Check: (Get-Service -Name 'dbupdate').StartType
call: defaultStartupMode: Automatic # Allowed values: Automatic | Manual
- -
function: DisableService function: DisableService
parameters: parameters:
serviceName: AdobeARMservice # Check: (Get-Service -Name AdobeARMservice).StartType serviceName: dbupdatem # Check: (Get-Service -Name 'dbupdatem').StartType
defaultStartupMode: Automatic # Allowed values: Automatic | Manual defaultStartupMode: Automatic # Allowed values: Automatic | Manual
- -
function: DisableService function: RunInlineCode
parameters: parameters:
serviceName: adobeupdateservice # Check: (Get-Service -Name adobeupdateservice).StartType code: |-
defaultStartupMode: Automatic # Allowed values: Automatic | Manual schtasks /Change /DISABLE /TN "DropboxUpdateTaskMachineCore"
- schtasks /Change /DISABLE /TN "DropboxUpdateTaskMachineUA"
function: DisableService revertCode: |-
parameters: schtasks /Change /ENABLE /TN "DropboxUpdateTaskMachineCore"
serviceName: adobeflashplayerupdatesvc # Check: (Get-Service -Name adobeflashplayerupdatesvc).StartType schtasks /Change /ENABLE /TN "DropboxUpdateTaskMachineUA"
defaultStartupMode: Automatic # Allowed values: Automatic | Manual
-
function: RunInlineCode
parameters:
code: |-
schtasks /change /tn "Adobe Acrobat Update Task" /disable
schtasks /change /tn "Adobe Flash Player Updater" /disable
revertCode: |-
schtasks /change /tn "Adobe Acrobat Update Task" /enable
schtasks /change /tn "Adobe Flash Player Updater" /enable
- -
name: Disable Razer Game Scanner Service name: Disable Razer Game Scanner Service
recommend: standard recommend: standard
@@ -2642,29 +2671,7 @@ actions:
parameters: parameters:
serviceName: LogiRegistryService # Check: (Get-Service -Name 'LogiRegistryService').StartType serviceName: LogiRegistryService # Check: (Get-Service -Name 'LogiRegistryService').StartType
defaultStartupMode: Automatic # Allowed values: Automatic | Manual defaultStartupMode: Automatic # Allowed values: Automatic | Manual
-
name: Disable Dropbox auto update service
recommend: standard
call:
-
function: DisableService
parameters:
serviceName: dbupdate # Check: (Get-Service -Name 'dbupdate').StartType
defaultStartupMode: Automatic # Allowed values: Automatic | Manual
-
function: DisableService
parameters:
serviceName: dbupdatem # Check: (Get-Service -Name 'dbupdatem').StartType
defaultStartupMode: Automatic # Allowed values: Automatic | Manual
-
function: RunInlineCode
parameters:
code: |-
schtasks /Change /DISABLE /TN "DropboxUpdateTaskMachineCore"
schtasks /Change /DISABLE /TN "DropboxUpdateTaskMachineUA"
revertCode: |-
schtasks /Change /ENABLE /TN "DropboxUpdateTaskMachineCore"
schtasks /Change /ENABLE /TN "DropboxUpdateTaskMachineUA"
- -
category: Disable Media Player data collection category: Disable Media Player data collection
children: children:
@@ -7359,44 +7366,10 @@ functions:
call: call:
function: RunPowerShell function: RunPowerShell
parameters: parameters:
code: |- code: Get-WindowsCapability -Online -Name '{{ $capabilityName }}*' | Remove-WindowsCapability -Online
$capabilityName = '{{ $capabilityName }}'
try {
# Using wildcard for version number handling
$capability = Get-WindowsCapability -Online -Name "$capabilityName*"
if (!$capability) {
Write-Host "Skipping. Capability `"$capabilityName`" is missing."
exit 0
}
if ($capability.State -eq 'NotPresent') {
Write-Host "Skipping. Capability `"$capabilityName`" is missing."
exit 0
}
Write-Host "Removing capability `"$capabilityName`""
Remove-WindowsCapability -Online -Name "$($capability.Name)" -ErrorAction Stop
Write-Host "Successfully removed `"$CapabilityName`""
}
catch {
Write-Error "Failed to remove `"$capabilityName`": $_"
}
revertCode: |- revertCode: |-
$capabilityName = '{{ $capabilityName }}' $capability = Get-WindowsCapability -Online -Name '{{ $capabilityName }}*'
try { Add-WindowsCapability -Name "$capability.Name" -Online
# Using wildcard for version number handling
$capability = Get-WindowsCapability -Online -Name "$capabilityName*"
if (!$capability) {
Write-Error "Failed to find `"$capabilityName`"."
exit 1
}
$result = Add-WindowsCapability -Name $capability.Name -Online -ErrorAction Stop
Write-Host "Successfully added `"$capabilityName`"."
if ($result.RestartNeeded -eq 'Yes') {
Write-Warning "A restart is needed to finish installing `"$capabilityName`"."
}
}
catch {
Write-Error "Failed to add `"$capabilityName`": $_"
}
- -
name: RenameSystemFile name: RenameSystemFile
parameters: parameters: