Windows 10 version 1803: privacy improvements
The next feature update for Windows 10, Windows 10 version 1803, will feature new privacy settings and improvements that give users and administrators more control over data on the device.
Windows 10 users and admins may change privacy-related settings in several ways on machines running Windows 10. They may change some privacy options under Settings > Privacy, make modifications using policies, or change Registry keys related to privacy.
The privacy options in Settings controlled application access to data up until now almost exclusively. You could turn a feature, say access to the microphone or notifications, off completely, or allow access on an individual basis only.
Microsoft started to improve the privacy settings in the Fall Creators Update. If you open the Location controls in that version of Windows 10, you will notice that disabling location will make it unavailable to apps, Windows, and services.
The most recent Windows 10 Insider Build, version 17074, features three new entries under privacy in the Settings application.
Windows 10 version 1803: privacy improvements
You find the new entries Videos, Documents and Pictures there. All three allow you to block application access to the system folders but you may also notice that you may deny Windows access to these folders as well.
The description reads:
Allow access to the documents/videos/pictures library on this device.
If you allow access, people using this device will be able to choose if their apps have documents/videos/pictures library access by using the settings on this page. Denying access blocks Windows and apps from accessing the documents/videos/pictures library.
A click on the change button turns access on or off on the device. You may also turn off application access only by flipping the preferences switch under "allow apps" on the page.
This prevents applications from accessing the library but not Windows.
Last but not least, you may allow specific applications access but deny access to all other apps.
What happens if you disable access for Windows? It is unclear at this point in time. I ran a quick test after disabling access to the pictures library but did not notice any issues.
Using File Explorer, I could still browse the folder and apps. I fired up Paint 3D and could load images using drag and drop, and could also save files to the folder. Windows Defender scanned the folder as well.
It is possible that the functionality is not fully implemented yet, or that the access restriction only applies to automated processes.
Now You: What's your take on the changes? (via Deskmodder)
Related articles:
- Windows 10 privacy changes announced
- Comparison of Windows 10 Privacy tools
- DoNotSpy10 – Configure Windows 10 Privacy settings
- Microsoft: Privacy improvements in Windows 10 Fall Creators Update
- Windows 10 and Privacy
That same website where you got the Peerblock IP list has a tutorial on how to remove Windows 10 telemetry. The page requires membership, but worth it: https://encrypt-the-planet.com/completely-disable-windows-10-telemetry/
@ Sophie,
There’s a suggestion here to disable lock screen ads by disabling Windows Spotlight: http://www.thewindowsclub.com/disable-tips-lock-screen-windows-10
@ TelIV – thank you. I’ll have a look, but I’m sure I tried just that…a while ago, and you are still forced to see that lock screen, regardless. At least on 1607 with no GP.
Of course, MS wanted to make it this way, so they could show what they want on that screen….right into the future.
Yeah, the problem is that even if you find a workaround, M$ can change the configuration at will via an automatic update which users can’t reject.
Let’s hope the EU’s competition chief, Margrethe Vestager comes up with something: https://www.politico.eu/article/margrethe-vestager-technophobe/
Interesting article….TeIV, thanks for that!
@ TeIV – yes, but not quite….in that I have successfully blocked all updates since early 2017, freezing at 1607, and now no longer feeling insecure that MS will ever turn my updates back on again…as its been 9, nearly 10 months of peace.
So they can’t change [my] configuration….but I totally get you that this particular area (that of the lock screen) is very likely in their sights as an area to keep targeting. Who knows what might get “showcased” here in the future, which is exactly why they’ve removed GP and Registry hacks to get rid of it.
On a side note, I have a Lenovo X61s, with Windows 10 on it….the very first +1 release, I think it may be 1510? I’d need to switch it on to check….but either way, its a super-early version of Win10. On there, you absolutely can remove the lock screen….and my login on that PC goes straight to the password. I froze that too, at that version….and have not had a peep out of it. Works like a dream, with no updates, and no messing around from Microsoft. It’s so old now, that version, that many of those config screens are missing a ton of stuff that they later introduced. Love it! :: Message to Satya….”get your hands off my stuff”!!!!
As I thought, Windows 10 belongs inside VirtualBox on Linux with internet connection disconnected to Windows 10 VM.
Agreed. :)
However I use VMware Player on Linux Mint 18.3 MATE.
There is also QEMU which offers near native performance and also supports GPU passthrough, you can use it with Virt-Manager.
Another one is Gnome Boxes which also uses QEMU but is for beginners.
Guest tools are called “spice guest tools” and “Windows Virtio Drivers”.
Thanks dark. :)
My friend uses QEMU on his Arch Linux PC.
My VMs run better in VMware Player on Linux Mint, than they do using VMware Workstation on W7.
> Using File Explorer, I could still browse the folder and apps. I fired up Paint 3D and could load images using drag and drop, and could also save files to the folder. Windows Defender scanned the folder as well.
This company has created a caste system. Enterprise are able to lock down their devices from the built-in surveillance and/or “telemetry”. Peons? Not so much. They won’t even let you buy their non-snooping version. The tech industry is completely out of control.
@jake
No, Enterprise is not able to fully lock down everything either.
>Enterprise are able to lock down their devices from the built-in surveillance
imgur.com/CTA4W8V
Who could be crazy enough to store personal documents on a machine running Windows 10.
Seems like more access to privacy settings for Win 10 home users, turn the faucet on so it barely drips while continuing to hide the hundreds of background settings. Win 10 Pro has many, many more accessible privacy settings in the gp manager. Win 10 Pro is the only version I’d buy after spending lots of time with both and it only costs a little more. Home acts completely differently than Pro.
The “disable access for windows” is probably just the “computer” administrative template settings in gp manager vs. the same sets for individual users. “computer” turns off a setting for all users, one of which is “system” or windows.
Of course, since Windows is a service, whatever that means, in order to get it to stop biting back, even with Pro, one has to spend hours changing gp settings, uninstalling all those dreadful apps, installing a good firewall, autoruns and tracking blocker to stop it. Windows settings, for the most part, only affect the OS, all your programs may do the same thing and hide it well. Then there are browsers, little OS’s that need the same treatment as Windows with different blockers.
The latest NVidia driver update (just the driver) installed five telemetry settings, one was visible in Services, the other four were hidden Tasks. Yeah, there are LOTS of hidden tasks that Task Manager doesn’t show, try this and have fun turning off stuff (be sure you know what the task is, first)
http://www.nirsoft.net/utils/task_scheduler_view.html
To me, this looks like the opposite. By telling windows to not look at your files, you are basically telling them that you are hiding something. In theory of course.
What absurdity is this? I keep reading people claiming that because you choose to not let abc look inside y, then you must be hiding something and then this means youre guilty just because.
This sort of thinking is absurd, its almost like telling everyone not to wear clothes anymore to hide their genitals and so on, after all if you decide not to show them you must have something to hide and are guilty of something.
Privacy has nothing to do with blame, but apparently wanting some is wrong these days.
Not only that, but literally everyone on the planet has something that is best kept hidden. Wanting to keep some things secret does not imply that those things are illegal or even unsavory.
It sounds promising and I would like to think that Microsoft may well be changing course when it comes to privacy especially after all the flak they’ve had aimed at them. Only time will tell.
You mentioned running a quick test Martin, but do you still see ads on the lock screen on startup? And what about Cortana. I’ve read elsewhere that Microsoft removed the toggle to switch it on and off, but that it can still be turned off using a registry hack. But why should users have to resort to such drastic means in order to disable it?
@ TelIV – I have completely stopped Cortana. Its not even resident in Task Manager. Gone….goodbye, not even active. Fully disabled.
Action Center………gone, fully disabled….no prompts or nags from Microsoft.
Lock screen Ads on startup……..on 1607, can’t get rid of it, like you could before 1607. On the other hand, no ads, nothing….nice and static, and my own wallpaper on it, just its just a press of the keyboard to advance forwards.
But look…………why do we all have to fight so hard to get things the way we want? yes, no need for answer, I answered my own questions a long time ago.
“I would like to think that Microsoft may well be changing course when it comes to privacy”
So would I, but I’m seeing no real evidence of it.
“But why should users have to resort to such drastic means in order to disable it?”
To never disable it, of course. When Microsoft pushes Win10, automatically their clientes became their products. And now we are just big data providers to Satya Nadella & Co.
That’s exactly my point Ivan. Microsoft likes to give the impression that they’re moving in the right direction at last, but they don’t make changes which will affect the amount of data they can collect.
You call this privacy improvement? I call this another gimmick with no real actual changes in real privacy settings.
Windows 10 is still same old same old, bugs go unfixed and these things get center stage occupying dev time, Ive purposefully held back upgrades and will stick to Windows 1607 until 2023, and then with some luck Linux will have caught up and Ill be able to ditch this stupid OS for good.
Yes, I am also on 1607, and have frozen there since Feb/March 2017. I have no intention of moving to a later version. None.
It works, it ‘aint broke, so please don’t try to “fix” it. I’ll take care of any other threats myself, thank you.
I agree; Martin wording in headline here isn’t best one – these are just some random sliders which mean nothing actually
The real privacy improvements would address telemetry issues – because these are still there.
Ah, they put more buttons to slide and nothing happens. Pumping all your data to Microsoft servers to sell third-parties and show ads. Nothing new here.
Windows 10 and the word PRIVACY can’t be used in the same sentence…. Windows 10 were, is and always will be a malware !
Recently checked Windows 10 FCU 1709 with PeerBlock loaded with ip blocklist from here: encrypt-the-planet.com/windows-10-anti-spy-host-file/
and i see Windows 10 phoning to various servers every few seconds.
Thanks for this IP Peerblock list.
Just looking at it now………the last time I tried to introduce an ‘MS’ Peerblock list, it messed a few things up. Can’t quite remember what, or to what extent.
Wondering if this list might be any better, and thanks for the pointer.
US tech companies have lost their minds. Apple, Google, MS, Adobe, etc. Not just blatant spying, but their subscription extortion “software as a service” schemes and planned obsolescence schemes. They’ve been trying to do this for decades, the infrastructure just wasn’t there yet. Now it’s there and they’re trying to bring down the hammer to monopolize everything. They’re using unrelated products like graphics software to play the data collection game. Even more ridiculous Nvidia putting it in their drivers. Why does the Nvidia driver need to know what you had for breakfast? They say it’s for our benefit. LOL The UN or some other international body needs to start regulating these things because the US government will not voluntarily reform it’s tech monopolies.
So true….so incredibly true. It’s a fight….but only for those of us ‘in the know’.
Do they let us turn off telemetry yet?
If they did, we wouldn’t trust that they do anyway. Such a feature would only be so normies can into privacy
It’d be really simple to tell, though.
Don’t think so.