The Privacy Cookbook kicks on in Chapter 6 with PCs, where we will cover the set-up on desk & laptops. This is a big chapter as we try  to cover everything from the best Operating Systems to Firewalls to DNS  to VPN to Metadata protection to encrypting data and emails. Yes, it  will be a long one.

We want  to start with the OS most people sadly use, Windows! Before we go into Windows let me point out I do not know much about Windows, if I get any  laptops or desktop that has Windows pre-installed, the first thing I do  is Install Linux! Yet some people need Windows for a variety of reasons?  A young relative claims they need it for PC Games, so if you are of the  generation that sits for 18 hours a day in front of your PC and plays  Mindcraft or any other time waster, this chapter is for you.

There is a great tool that can be downloaded to fix many of the privacy concerns that Windows 10 has! It's called W10Privacy, It disables major tracking features and is a good step toward some privacy on Windows 10. There is also WindowsSpyBlocker - an open source tool that blocks data collection. You could perhaps also have a look at securitywithoutborders/hardentools
There  is also ​Hardentools which is a set of easy-to-use fixes designed to  disable several features exposed by operating systems such as Windows  and their primary consumer applications. These features, designed for  enterprise customers, are generally useless to regular users  and actually pose a risk as they can be used by hackers to execute  malicious code. This tool is to help individuals reduce the risk of attack. It is not intended for corporate environments.

However, it does come with the following precautionary statement:

WARNING: This is just an experiment, it is not meant  for public distribution yet. Also, this tool disables a number of  features, including of Microsoft Office, Adobe Reader, and Windows, that  might cause malfunctions to certain applications. Use this at your own  risk.

Bear in mind, after running Hardentools you won't be able, for  example, to do complex calculations with Microsoft Office Excel or use  the Command-line terminal, but those are pretty much the only  considerable "downsides" of having a slightly safer Windows environment.  Before deciding to use it, make sure you read this document thoroughly  and understand that yes, something might break. In case you experience  malfunctions as a result of the modifications implemented by this tool,  please do let us know.

You have been warned!

WFN Windows Firewall Notifier

WFN started off as an extension to the embedded Windows firewall and  offers real time connections monitoring, connections mapping, bandwidth  usage monitoring and is open-source...worth looking at adding this.

Unfortunately Windows 10 sends Your Data more then 5500 times every single day. There are other horror stories exposed on Ars technical and on Techdirt.  You can find many other articles across the web that show the Data  Sharing and Privacy invasion of Microsoft. I will have them covered soon  in my Monday Blues article where we look at companies and their  unethical behaviors. But this Chapter is not about them right now, it's  about blocking some, if not all, of it.

So if you  chose or need to stick with Windows then use the two tools we recommend  but also use a Blocklist! In fact, use multiple block lists:

Microsoft - Blocks all Microsoft known call home domains
Adguard Simplified - English filter, Social media filter, Spyware filter, Mobile ads filter, EasyList and EasyPrivacy
AdAway - Blocking mobile ad providers and some analytics providers
hpHosts - Ad and Tracking servers only
CHEFKOCH - NSA Blocklist
CHEFKOCH - Canvas font fingerprinting
CHEFKOCH - Audio fingerprinting
CHEFKOCH - Canvas fingerprinting
CHEFKOCH - Trackers
CHEFKOCH - Facebook
StevenBlack - with the fakenews, gambling and social extensions
Google - Blocks all Google domains and services
Facebook & FB - Blocks Facebook and its Apps
GoodByeAds - Great list of Ads blocked
Yhosts - Great list!
Crimeflare - Cloudflare domains
The best way is to block these over AdGuardHome or a Pi-Hole, but AdGuard also has a version for your Windows PC!
Another option is to do this via a local blocklist. Search on your Notepad, then right-click on Notepad in the search results list, and choose to run it as administrator.
Once you’ve done that, open up the following file using the File -> Open feature

c:\windows\system32\drivers\etc\hosts

After which you can edit as usual when Notepad is open.

In this example, we will block all known Microsoft domains.

The next step is to use Firefox as your browser

Encrypted DNS clients for desktop



Mozilla  Firefox is supplied with DoH built-in and with Cloudflare as the  default resolver, however. it can be set up with any DoH resolver.

DNS over HTTPS can be enabled in Menu -> Preferences (about:preferences) -> Network Settings -> Enable DNS over HTTPS.
Set "Use Provider" to "Custom", and enter your DoH provider's address.


Advanced users may enable it by setting network.trr.custom_uri and network.trr.uri as the address of your DoH provider and network.trr.mode as 2.
It is also advisable to set network.security.esni.enabled to True. This allows encrypted SNI (Server Network Identification) and make sites supporting ESNI more difficult to track.

Have a list on DNS resolver and more information here

Now read the Chapter on how to harden and secure your Firefox Browser

Last but not least also read the Chapter on uBlock Origin

Alternatively we strongly recommend the Tor Browser, it is an encrypted alternative to Firefox and will keep your IP address private.

As I mentioned at the outset here, I never use Windows so I've gathered  the best guidance I can for use on a Windows driven machine, but the  Privacy Cookbook will guide you on how to replace Windows with a Linux  privacy setup and we also guide you on what software could replace your  office package etc.

Many people I have encountered in my life  are afraid of Linux, mainly as they never used it, and so swear  by Windows. Once I have set them up with a Linux machine, they  are surprised at how easy and powerful it is. So I am confident that  after Chapter 6.1 where we take on how to install Linux and how to make  it feel better then Windows will assist you in making the switch.

Remember  privacy is a human right! And your PC  is probably the machine you use  most for banking, for crypto, for many private things...so help yourself  to stay safe and just as you #degoogled, you can start to #demicrosoft

In Chapter 6 we will also guide you on how to harden your MacOS, so stay tuned as we have a lot to cover!