Setup Simple Wall. Block everything by default unless you choose to allow either: One-time, period of time, or permanently. Works great, light-weight and stops everything.
@@hlgshm Really happy with it. I send the guy a few bucks a year to help with the development. It's crazy how much garbage Windows 11 wants to connect to the internet for. I also use Chris Titus Tech: Ultimate Windows Utility for stripping out a lot of garbage from windows, blocking telemetry, delaying feature but not security updates to Windows as well. He's here on RUclips if you want to check him out. Oh and you can even strip out Microsft Edge, Bing and One-Drive permanently and set a new default browser like Brave or whatever you want instead of Edge. Even for crap in Windows that would normally open in Edge!
1. install windows 11 fresh without an internet connection using rufus-method. 2. Go trough all privacy settings 1 by 1 in windows (there are more hidden than you think) 3. Install (via usb stick) Tinywall firewall, delete all allowed programs (ie explorer and edge etc). And only allow apps that really need internet (firefox with noscript and adblock plus for example...ofcourse check your privacy settings in firefox). Allow ms updates and smarscreen. Ofcourse install full firefox via that same usb-stick. I've got a map on a usb-stick with all these programs to install on new/reinstalled computers. 4. Dont't connect to a MS account 5. Use pi-hole with a privacy respecting (let's hope so) dns-server in your network. Monitor and block traffic you don't need. At my home it blocks about 85% of all traffic....think about that. 6. Install a hardware-firewall behind your router that blocks all ipv6-traffic so you have full control over your ipv4 traffic. 7. Sit back and be amazed at how much crap is being blocked.
In the early 2000s we use to complain about spyware and ad ware, but it seems virtually every program we install is now spyware or adware, including Windows, I think it'll soon be time to switch to Linux, and hopefully do away with all this crap of spying on users.
Linux is really the best answer. I am a Security Professional and i try to get all my clients to use Linux if they are open to the idea. My prefered distro is Zorin OS since it is much more polished than Linux Mint in my opinion. The piece of mind you get from using Linux is huge to me and my clients. It's not perfect but it's a huge step away from constant spyware in Windows products.
@@klwthe3rd I first use Linux about 20 years ago, so I'm not unfamiliar with the OS, but the only reason I still use windows is because of the apps I use, but the way software is going with spying on us especially Microsoft it won't be long before I'm on Linux.
@@cougar02000 I too have to retain a Windows 11 machine for alot of the jobs i do. But for all things personal or non work related i use Linux. You should try Zorin OS when you're ready to make the full move. You will love it.
I would recommend you to choose Linux Mint Xfce edition, it's lightweight (uses idle 600MB RAM, 900 with task manager) has much problems fixed out-of-the-box and all essential programs installed (package manager, Firefox, libreoffice, password manager and even torrent and mail client) combined with similar to windows interface giving pretty much windows-but-better experience. Im using it for half a year now and I didn't regretted it still, the only problem can be some apps not written for Linux but we have wine and proton
I think this really demonstrates how awful modern computing has gotten. I've been wondering in recent years where my enthusiasm went and well... here's the answer.
@@igorthelight I'm already dual booting Linux Mint. I'm slowly migrating things over to it as I find satisfactory replacements or as compatibility allows but ultimately compatibility is the biggest issue. For the workflows it does allow for, far better experience than Windows.
Fortunately we have a plethora of open source Linux distros we can use. Developers have made huge strides in user friendliness lately without sacrificing what makes Linux special, the true ownership of your OS.
On the Mac there was a great firewall called little snitch, what I love about it was it would pop up anytime an app tried to connect, and you could allow or deny, and also allow once only, or allow always. What I liked is it let’s you know what is happening, and most apps work if you Deny them, so you can then change that to the default for said app.
As mentioned, updates don't necessarily come with security updates or bug fixes. If security is a big concern, you should wait a while after an update to do it yourself. Let everyone else be the test subjects. Once you're satisfied that nothing nefarious made it through to the latest version of software, go ahead and update.
Fortunately you can change this in the bios on first boot, i learned this last time i used an asus board. It had a different issue though.. a capacitor exploded.
Kaspersky's firewall interface isn't the snappiest to navigate, but one thing I like is that software is automatically grouped by vendors. Making it easy to deny everything from for instance Adobe. 😋
I also like that by default it will block apps access to the internet and a window will show up asking whether you want to allow the app access to the internet. Same with microphone usage, it will explicitly let you know when an app is using your microphone
I’m so glad you brought up the Armoury Crap example. I built a YOLO Asus $5,000+ system and if I had known the BS that Armoury Crap was going to plague me with for the rest of my life I’d have happily stayed loyal to the MSI brand. Easily the biggest build mistake I have ever made was going to Asus. My $1,000 Asus motherboard will not maintain my lighting settings which are NO LIGHTS WHEN POWERED OFF … so when I power it off to dark mode (no lights) it insists on lighting to ridiculous rainbow cycle when the system is OFF. Junk vendorware.
I use Malwarebytes Windows Firewall Control. It uses windows firewall but has better interface/control of it including connection log. I block all by default and choose to continue blocking or allow if something want to connect for the first time (whitelist).
I wish updates would be split in security updates and feature updates. I know it's not easy, as a software developer myself.. but it's definitely best for the user. Easier way to rollback to previous version and ability to still get security fixes is really useful
I feel like we have already lost the battle. even I think it is too much work to be left alone an most people don't even care. Companies can do whatever they want, cause there are no protection for the users. And the user needs to be an expert in everything now. Food, chemicals, child labor, animal welfare, it security, dynamic prizing, dark pattons and it just keeps going on and on.
No matters how many times you switch off settings and make changes on your windows if the next update rolls back everything, the only thing you can do to have more privacy is not use products from microsoft, meta and google but for many people that is almost impossible because convenience is stronger than common sense. You can reduce a lot the amount of data they collect from you but never to 0%, every piece of tech that has a SIM or use login credentials have the potential to spy on you and they do not compete, all of them work together and share data between them (sorry if my english is not so good).
Sure will be a friend with you connecting through discord also another effective method is using system utilities by windows and portmaster which effectively blocks unwanted connections and services from running which drains your system resources
I got torched on reddit when I pointed out that brave have telemetry enabled by default. Until calling brave several times they now show it in the first software run. And even with that there is still one flag they refuse to disable by default. Proton has analytics as well by default without notifying you that you have to disable manually. I'm so sick of people down playing this.
I really like your videos on cybersecurity and I learn something new every time. By the way, if possible, could you make a video about programs (information theft) that work in the background or services that were created by them in the background for loading during work. For a week now after updating Windows 10, I have been trying to understand what can load at an interval of 7-8 seconds (a loading icon appears near the mouse even in a game if the cursor has not changed). I use antivirus Malwarebytes but it doesn't detect any threats
Made a video on this two years before but not enough views or encouragement from my friends and family more shocking when I went to a cybersecurity company for interview even they downplayed this one but to everyones surprise when I worked at my client's location I stopped an unremovable virus from connecting to the internet using this method and that user thanked me fornit. It's sad how worthy, simple and effective methods like these go unnoticed or unappreciated even by security pros like in my case. Thank you for this video brother.🎉❤🙏👌👏💯
there is a catch, though. sometimes its not obvious which .exe is running - the program or service just copied all over the place in several folders. Some of them are cache and backups, some - newly downloaded versions e.t.c, making it extremely hard to choose what to block or requiring you to set blocking rules for all of them. It whould be much better to use some whitelist and enable programms to access network one by one. Everything else must be blocked by default. Is it possible to use windows firewall in a whitelist mode?
I did this by simply using Linux Mint and not choosing to use an OS that disrespects my privacy to begin with. Give it a shot and test your software and some alternatives to your Windows software. If you don't like it just reinstall Windows with your key. You could though have an overall better experience on Linux!
Dose comodo firewall take care of this or is it still something and add rules too windows firewall. Can you do a deeper dive into comodo firewall please !!!!
this channel actually has videos about comodo ) use a search field at the channel if you have difficulties to find it using other search tools. The last video seems to be 2 year ago, "free security tools everyone should use" there will be probably no more videos about it cause comodo is now Xcitium
Yes, not all apps require Internet to fully function what actual user wanted. If it works, and if that app does nothing 'good' if it accesses Internet, cut it off. Especially, paid software updater that no longer support additional updates until you pay next major version of it.
Blocking all connections and using only a whitelist in Windows Firewall should be the default action. However, this may be very annoying to some users. Additionally, I'm not sure if the Windows Firewall will block any Windows system applications.
the short answer is : you can't. used to be advanced HIPS like Comodo, but those mostly went away, only decent remaining one is Eset's but only for security (and not as powerful as it used to be), not privacy.
@@ТоварищКамрадовСоциалистКоммун I am completely uninterested in "cLoUd EdR" or other spyware. even if I was interested in it, most solutions are not available to users, only to companies, they wont even reply to your emails if you ask. and while HIPS is still available even in some non-enterprise solutions, almost all of them have a small subset of monitored actions that they used to.
a lot of MS apps use svchost to communicate. and you have to set the main page to default to blocking if you want to disable updates getting access due to the exe file name changing.
Svchost is not only for applications but actually it is only one software in Windows that connects you to Internet provider using UDP connection, in same time travels hackers against us like hidden next connections actually Windows is changed hardly like Windows updates and others won't be working if svchost.exe will be blocked just in that way we must allow svchost.exe to run it's way.
it's not a program specific. It will block on not block just an ip address or web site. and won't allow you to get a neat control of how when which apps may get access to the web
pihole for every device on network blocks 99% telemetry ads etc etc. also turn in defender /firewall if you don't have a wall etc for everything trying to connect non ms wise.
Quick q, how is this any different from using Portmaster and selecting Block Connections? Is doing it via Firewall more reliable or just the same? Thanks!
Fire those programs that are not added to the firewall automatically (see below), it's likely because the program does not request access to public networks, only your private one, which is the one you use daily. Public networks can be both wired and wireless depending on configuration, but you can generally think of a private network as a WiFi with password protection and a public one as a open WiFi network. Some programs are well known and safe to use, and therefore part of the default rules. These are mostly part of Windows itself. Others might be signed with a certificate from a vendor that has a contract with Microsoft after being verified and found trustful, such as some of the major software developers or some of the device driver related programs. These are added to the firewall permission list when they are detected during first time installation.
Stopped using a PC unless I need to over a year ago. Not eco, too many processes burning CPU, too many updates. Yes, this video is right, why should you pay to help people be nosey? Every connection slows down the PC, and costs resource, energy, and time.
What is the best way to back up software before a software update in case it turn out to be worse than before like you mentioned it could be turning into a subscription software or ad adds that weren't there before? Because I think it's not enough to copy the .exe and the folder that .exe is in because of different locations it might save data like the appdata folder or registry etc.?
@@evilleader1991 Although you put yourself at higher risk of downloading malicious software, I hope that there is an option to back up the current software. Thought about a complete PC backup, this would work but isn't practical because you want to use your PC.
One thing vitje be to make a system restore point before installing the new version if you suspect things like this to happen. If you don't suspect such things to happen and don't have a recent enough restore point to be useful, the only way is to use a previously downloaded installation program for a version without unwanted "features" after uninstalling the most recent version.
Choose the most sane route for privacy. Install Linux. Learn Linux. Use Linux. Love Linux. The initial learning curve for the absolute noob will payoff in the long run..
If I can ever play my online games with Linux I will happily switch. Linux is getting a lot better with gaming and single player games work just fine. However every multiplayer game has anticheat and it’s a no go on Linux sadly.
I know it's quite simple to block connections by the windows firewall. But isn't there some software that can do this easily by turning a switch? I know that a antivirus program that I've used in the past could block programs by its own firewall. But my current AV (Eset) doesn't seem to have that. So is there any software out there that can do that easily?
what you talk about is the so called interactive mode. It's present in any advance firewall, including simplewall, Safing Portmaster and other. It might be included in an AV package if you got a good one (usually paid version, but might be exclusions)
@@Gateastrologykc yeah ) still not worth to go with them to my opinion ) many good firewalls available for free, but if you got a premium security package you most likely got a decent firewall included there
i would like to disable the apps that are running (connecting to internet)in the background while i dont use them but when i fire them i would like them to work but one closed by me: they will not connect to the internet. your usecase is just blocking apps while working in the background for all the time.
if you are happy that every time you start your app it first tries to get an update and propose you to wait for a while, then don't install any background service/updater of the apps. In most programs it's an available option, you just need to dig the menus to find it, or find the updater running and change its options
processes don't just migrate by themselves. it's either you or your sysadmin let them do it, or your OS allows them to do it uncontrolled. Might be both reasons as well )
Setup Simple Wall. Block everything by default unless you choose to allow either: One-time, period of time, or permanently. Works great, light-weight and stops everything.
Thanks for posting this! I was going to suggest Zonelabs Firewall, but it has changed over the years.
This! ^ This! ^ This! ^ This! ^ This! ^ This! ^ This! ^ This! ^ This! ^ This! ^ This!
I use simple wall too. So handy
@@hlgshm Really happy with it. I send the guy a few bucks a year to help with the development. It's crazy how much garbage Windows 11 wants to connect to the internet for. I also use Chris Titus Tech: Ultimate Windows Utility for stripping out a lot of garbage from windows, blocking telemetry, delaying feature but not security updates to Windows as well. He's here on RUclips if you want to check him out. Oh and you can even strip out Microsft Edge, Bing and One-Drive permanently and set a new default browser like Brave or whatever you want instead of Edge. Even for crap in Windows that would normally open in Edge!
WOW. Just how does this work? One needs to start from scratch with what they already have etc. I will check out/Thanks
1. install windows 11 fresh without an internet connection using rufus-method.
2. Go trough all privacy settings 1 by 1 in windows (there are more hidden than you think)
3. Install (via usb stick) Tinywall firewall, delete all allowed programs (ie explorer and edge etc). And only allow apps that really need internet (firefox with noscript and adblock plus for example...ofcourse check your privacy settings in firefox). Allow ms updates and smarscreen. Ofcourse install full firefox via that same usb-stick. I've got a map on a usb-stick with all these programs to install on new/reinstalled computers.
4. Dont't connect to a MS account
5. Use pi-hole with a privacy respecting (let's hope so) dns-server in your network. Monitor and block traffic you don't need. At my home it blocks about 85% of all traffic....think about that.
6. Install a hardware-firewall behind your router that blocks all ipv6-traffic so you have full control over your ipv4 traffic.
7. Sit back and be amazed at how much crap is being blocked.
you mean, Firefox and uBlock Origin, right?
Ehh just use memory tech tips script for windows install debloat and privacy tweak.
Just run chris titus wintool
And Firefox sucks for privacy
Can you explain your point 6? Whats wrong about ipv6 traffic?
If you dont have a pi-hole, you could use dnscrypt-proxy instead as your own dns server instead with blocklists from firebog
7:00 - Finally someone said it
Nice, thanks for keeping people informed.
In the early 2000s we use to complain about spyware and ad ware, but it seems virtually every program we install is now spyware or adware, including Windows, I think it'll soon be time to switch to Linux, and hopefully do away with all this crap of spying on users.
Linux is really the best answer. I am a Security Professional and i try to get all my clients to use Linux if they are open to the idea. My prefered distro is Zorin OS since it is much more polished than Linux Mint in my opinion. The piece of mind you get from using Linux is huge to me and my clients. It's not perfect but it's a huge step away from constant spyware in Windows products.
@@klwthe3rd I first use Linux about 20 years ago, so I'm not unfamiliar with the OS, but the only reason I still use windows is because of the apps I use, but the way software is going with spying on us especially Microsoft it won't be long before I'm on Linux.
@@cougar02000 I too have to retain a Windows 11 machine for alot of the jobs i do. But for all things personal or non work related i use Linux. You should try Zorin OS when you're ready to make the full move. You will love it.
Windows suks hard, sorry
I would recommend you to choose Linux Mint Xfce edition, it's lightweight (uses idle 600MB RAM, 900 with task manager) has much problems fixed out-of-the-box and all essential programs installed (package manager, Firefox, libreoffice, password manager and even torrent and mail client) combined with similar to windows interface giving pretty much windows-but-better experience. Im using it for half a year now and I didn't regretted it still, the only problem can be some apps not written for Linux but we have wine and proton
I think this really demonstrates how awful modern computing has gotten. I've been wondering in recent years where my enthusiasm went and well... here's the answer.
Try Linux Mint ;-)
It has none of this bullshit!
@@igorthelight I'm already dual booting Linux Mint. I'm slowly migrating things over to it as I find satisfactory replacements or as compatibility allows but ultimately compatibility is the biggest issue. For the workflows it does allow for, far better experience than Windows.
Fortunately we have a plethora of open source Linux distros we can use. Developers have made huge strides in user friendliness lately without sacrificing what makes Linux special, the true ownership of your OS.
On the Mac there was a great firewall called little snitch, what I love about it was it would pop up anytime an app tried to connect, and you could allow or deny, and also allow once only, or allow always. What I liked is it let’s you know what is happening, and most apps work if you Deny them, so you can then change that to the default for said app.
I'm glad you're talking about this with your audience. Thanks.
Port Master, it's One of the Best Free software firewall.
Yeah, this one is definitely one of top tier apps
Im getting blue screen of death when im using it when downloading via torrent large files.
Portmaster is hands down the best!
@@Rene-Channel Same. A couple of days ago I got BSOD after updating once. I reinstalled and didn't face any issues since.
Not free but I love to use W10FC (formerly known as Vista Firewall Control) by Sphinx.
As mentioned, updates don't necessarily come with security updates or bug fixes. If security is a big concern, you should wait a while after an update to do it yourself. Let everyone else be the test subjects. Once you're satisfied that nothing nefarious made it through to the latest version of software, go ahead and update.
The funniest part was where you mentioned Discord and spying applications in the same sentence. But not I the way I expected 9:40
2:35 Armoury Crate is an absolutely terrible application / virus installed automatically by the firmware of your motherboard.
Fortunately you can change this in the bios on first boot, i learned this last time i used an asus board. It had a different issue though.. a capacitor exploded.
@@asksearchknock it’s not indeed as Dave says
A long time ago, I got a message asking, "Do you want to allow Notepad to access the internet?" What? Hell no.
Kaspersky's firewall interface isn't the snappiest to navigate, but one thing I like is that software is automatically grouped by vendors. Making it easy to deny everything from for instance Adobe. 😋
I also like that by default it will block apps access to the internet and a window will show up asking whether you want to allow the app access to the internet. Same with microphone usage, it will explicitly let you know when an app is using your microphone
there are so many processes and apps its hard to know what to close and what will break your computer
What happened to the part 2 of testing kaspersky and other apps on ransomware?
Your mom happened. His turn finally came up and he got distracted.
Feels like privacy is getting harder to protect every day.
I’m so glad you brought up the Armoury Crap example. I built a YOLO Asus $5,000+ system and if I had known the BS that Armoury Crap was going to plague me with for the rest of my life I’d have happily stayed loyal to the MSI brand. Easily the biggest build mistake I have ever made was going to Asus. My $1,000 Asus motherboard will not maintain my lighting settings which are NO LIGHTS WHEN POWERED OFF … so when I power it off to dark mode (no lights) it insists on lighting to ridiculous rainbow cycle when the system is OFF. Junk vendorware.
I use Malwarebytes Windows Firewall Control. It uses windows firewall but has better interface/control of it including connection log. I block all by default and choose to continue blocking or allow if something want to connect for the first time (whitelist).
I wish updates would be split in security updates and feature updates.
I know it's not easy, as a software developer myself.. but it's definitely best for the user. Easier way to rollback to previous version and ability to still get security fixes is really useful
I feel like we have already lost the battle.
even I think it is too much work to be left alone an most people don't even care.
Companies can do whatever they want, cause there are no protection for the users. And the user needs to be an expert in everything now. Food, chemicals, child labor, animal welfare, it security, dynamic prizing, dark pattons and it just keeps going on and on.
Thank you for explaining how to setup firewall
nice, I still hope the EU will fors app`s to stop the spyware in apps.
the great European firewall? just like a chinese one, but filled with democracy?
I use tinywall. I can't stand Windows firewall UI.
Its horrendous and convoluted.
Is there better free alternatives to Tinywall? @@ultimatums1
As a person who used, Ubuntu and arch Linux. Stick to windows if you want to and avoid Linux cultists if you can.
nice I use this since I use windows
there is a batch script to block everything
No matters how many times you switch off settings and make changes on your windows if the next update rolls back everything, the only thing you can do to have more privacy is not use products from microsoft, meta and google but for many people that is almost impossible because convenience is stronger than common sense. You can reduce a lot the amount of data they collect from you but never to 0%, every piece of tech that has a SIM or use login credentials have the potential to spy on you and they do not compete, all of them work together and share data between them (sorry if my english is not so good).
Sure will be a friend with you connecting through discord also another effective method is using system utilities by windows and portmaster which effectively blocks unwanted connections and services from running which drains your system resources
Background auto-updates have never been trustworthy or useful, not even 15 years ago. You'd think modern computer users would know better by now.
I got torched on reddit when I pointed out that brave have telemetry enabled by default. Until calling brave several times they now show it in the first software run. And even with that there is still one flag they refuse to disable by default. Proton has analytics as well by default without notifying you that you have to disable manually. I'm so sick of people down playing this.
I really like your videos on cybersecurity and I learn something new every time.
By the way, if possible, could you make a video about programs (information theft) that work in the background or services that were created by them in the background for loading during work.
For a week now after updating Windows 10, I have been trying to understand what can load at an interval of 7-8 seconds (a loading icon appears near the mouse even in a game if the cursor has not changed). I use antivirus Malwarebytes but it doesn't detect any threats
Made a video on this two years before but not enough views or encouragement from my friends and family more shocking when I went to a cybersecurity company for interview even they downplayed this one but to everyones surprise when I worked at my client's location I stopped an unremovable virus from connecting to the internet using this method and that user thanked me fornit. It's sad how worthy, simple and effective methods like these go unnoticed or unappreciated even by security pros like in my case. Thank you for this video brother.🎉❤🙏👌👏💯
Ya, it's a battle to try to control what goes online.
Could we get a video on UltraAV? The antivirus that is replacing the Kaspersky
Thank you for all you do. ❤
Will you be doing an UltraAV test?
What do you think about simplewall?
in fact to the internet (but in the real to direct IP addr host) connecting DLL or other components, and not the main app! you must understand this!
there is a catch, though. sometimes its not obvious which .exe is running - the program or service just copied all over the place in several folders. Some of them are cache and backups, some - newly downloaded versions e.t.c, making it extremely hard to choose what to block or requiring you to set blocking rules for all of them. It whould be much better to use some whitelist and enable programms to access network one by one. Everything else must be blocked by default. Is it possible to use windows firewall in a whitelist mode?
I did this by simply using Linux Mint and not choosing to use an OS that disrespects my privacy to begin with.
Give it a shot and test your software and some alternatives to your Windows software. If you don't like it just reinstall Windows with your key. You could though have an overall better experience on Linux!
For improved security, use equipment from last century, don't connect to the internet, and work in a well earthed Faraday cage. Use a Commodore Amiga?
I've been using tiny wall to do exactly that for years now it's simpler and more powerful
Pi-hole will also assist with this in some aspects but FW is defiatly the best way.
Very informative, Sir.
Dose comodo firewall take care of this or is it still something and add rules too windows firewall. Can you do a deeper dive into comodo firewall please !!!!
this channel actually has videos about comodo ) use a search field at the channel if you have difficulties to find it using other search tools. The last video seems to be 2 year ago, "free security tools everyone should use"
there will be probably no more videos about it cause comodo is now Xcitium
Comodo does this well, and you set it to ask when new things try to connect. But I haven't seen an update in quite some time.
@@SireSquish sounds good thanks!
The number of updates and internet connections “calculator” makes has always left me wondering…
Yes, not all apps require Internet to fully function what actual user wanted. If it works, and if that app does nothing 'good' if it accesses Internet, cut it off.
Especially, paid software updater that no longer support additional updates until you pay next major version of it.
Blocking all connections and using only a whitelist in Windows Firewall should be the default action. However, this may be very annoying to some users. Additionally, I'm not sure if the Windows Firewall will block any Windows system applications.
The Shure app you go on about is a local host IP, both send and receive. It is NOT connecting to the internet in the lines you highlight.
I've used this a lot in work. I've become unfirable.
the short answer is : you can't. used to be advanced HIPS like Comodo, but those mostly went away, only decent remaining one is Eset's but only for security (and not as powerful as it used to be), not privacy.
Comodo is now called Xcitium, HIPS packages are also available in many different security packs
@@ТоварищКамрадовСоциалистКоммун I am completely uninterested in "cLoUd EdR" or other spyware. even if I was interested in it, most solutions are not available to users, only to companies, they wont even reply to your emails if you ask. and while HIPS is still available even in some non-enterprise solutions, almost all of them have a small subset of monitored actions that they used to.
why don't you use an older version of the app you like? internet remembers everything, just in case if you don't have your own downloaded collection )
@@ТоварищКамрадовСоциалистКоммун using a very outdated AV is not very wise, and probably impossible due to kernel and system API changes
you don't have to use an outdated AV ) get an AV that you like, a firewall that suits your needs, and a HIPS utility of your choice )
Dang, I didn't know windows firewall could do that.
Do you have any videos on how to improve network connection? Im on wifi and it would help a lot
Can you make a video on the whole kaspersky & ultraAV situation that happened recently?
Hey,what about Postmaster?? Is it still a good firewall??
a lot of MS apps use svchost to communicate. and you have to set the main page to default to blocking if you want to disable updates getting access due to the exe file name changing.
Svchost is not only for applications but actually it is only one software in Windows that connects you to Internet provider using UDP connection, in same time travels hackers against us like hidden next connections actually Windows is changed hardly like Windows updates and others won't be working if svchost.exe will be blocked just in that way we must allow svchost.exe to run it's way.
Thanks 😊😊😊
theres a rightclick tool for win , where you can block traffic
You need to do a video with the best monitoring tool
How about blocking connections via the host file?
it's not a program specific. It will block on not block just an ip address or web site. and won't allow you to get a neat control of how when which apps may get access to the web
@ТоварищКамрадовСоциалистКоммун Agreed. I use my host file to permanently block connections that I know I won't be turning back on.
We need new ui for firewall, so everyone can easily setup things. This one is very old and not user friendly imho, glasswire is a good example.
does VPN stop apps from spying on me? or at least make it not connected to me?
What Logitech options? I feel like they bundle the mouse functionality with all the other processes like, “app agent” or “app broker.”
I wonder if simply disabling auto-updates removes most programs from this network access list
Hi. Windows firewall seems to re-enable back some of the apps.
Good stuff keep it up friend...
It would be interesting to see what information they actually collect. Isnt it just hardware information?
pihole for every device on network blocks 99% telemetry ads etc etc. also turn in defender /firewall if you don't have a wall etc for everything trying to connect non ms wise.
I use NextDNS way more easy
Pihole is a godsend
How do you feel about Snort as an IDS?
what about if the exe uses a .dll that deals with the connection to internet?
But that doesnt allow the app to connect to the internet. We want the app to stop sending info not stop working right?
Kaspersky Bitdefender and most security suites have firewalls
instead of using those 3rdparty tools with kernel access, you should use built in windows stuff.
what do you think of Fort Firewall?
Can a program bypass it somehow by launching some kind of script or another app that isn't blocked by firewall?
Quick q, how is this any different from using Portmaster and selecting Block Connections? Is doing it via Firewall more reliable or just the same? Thanks!
They do the same thing in the end.
simple fixes to take back control of are devices is always a good thing.👍✌
Why windows firewall only asks network permission for some but not all programs?
Fire those programs that are not added to the firewall automatically (see below), it's likely because the program does not request access to public networks, only your private one, which is the one you use daily. Public networks can be both wired and wireless depending on configuration, but you can generally think of a private network as a WiFi with password protection and a public one as a open WiFi network.
Some programs are well known and safe to use, and therefore part of the default rules. These are mostly part of Windows itself.
Others might be signed with a certificate from a vendor that has a contract with Microsoft after being verified and found trustful, such as some of the major software developers or some of the device driver related programs. These are added to the firewall permission list when they are detected during first time installation.
Thisbwould take quite a lot of time though, is there a simple way to instead block all BUT a few apps?
Stopped using a PC unless I need to over a year ago. Not eco, too many processes burning CPU, too many updates. Yes, this video is right, why should you pay to help people be nosey? Every connection slows down the PC, and costs resource, energy, and time.
You can just use
Henry's simplewall firewall
What is the best way to back up software before a software update in case it turn out to be worse than before like you mentioned it could be turning into a subscription software or ad adds that weren't there before? Because I think it's not enough to copy the .exe and the folder that .exe is in because of different locations it might save data like the appdata folder or registry etc.?
You can prolly find the old setup files online
@@evilleader1991 Although you put yourself at higher risk of downloading malicious software, I hope that there is an option to back up the current software.
Thought about a complete PC backup, this would work but isn't practical because you want to use your PC.
One thing vitje be to make a system restore point before installing the new version if you suspect things like this to happen.
If you don't suspect such things to happen and don't have a recent enough restore point to be useful, the only way is to use a previously downloaded installation program for a version without unwanted "features" after uninstalling the most recent version.
Choose the most sane route for privacy. Install Linux. Learn Linux. Use Linux. Love Linux.
The initial learning curve for the absolute noob will payoff in the long run..
If I can ever play my online games with Linux I will happily switch. Linux is getting a lot better with gaming and single player games work just fine. However every multiplayer game has anticheat and it’s a no go on Linux sadly.
Just dual boot. 2 separate OS on same drive, or on different drive. If your games don't work in Linux, reboot into Windows. Best of both worlds
@@Vagabond_Etranger I probably should. Admittedly I am lazy haha. Serious question I for work use VDI with VMware. That’s available on Linux ?
Steam is putting in work for this one. @@gregm1855
I know it's quite simple to block connections by the windows firewall. But isn't there some software that can do this easily by turning a switch? I know that a antivirus program that I've used in the past could block programs by its own firewall. But my current AV (Eset) doesn't seem to have that. So is there any software out there that can do that easily?
simplewall
what you talk about is the so called interactive mode. It's present in any advance firewall, including simplewall, Safing Portmaster and other. It might be included in an AV package if you got a good one (usually paid version, but might be exclusions)
@@ТоварищКамрадовСоциалистКоммун i don't like avast but it's in their free version as well
@@Gateastrologykc yeah ) still not worth to go with them to my opinion ) many good firewalls available for free, but if you got a premium security package you most likely got a decent firewall included there
Kaspersky AV does that for me
How to stop windows spying using this method?
reddit: having no firewall is enough
enough for what?
Can you please make another video on bitdefender using the mal-x app the one with the gui
But how do I stop Windows from spying on Windows?
i would like to disable the apps that are running (connecting to internet)in the background while i dont use them but when i fire them i would like them to work but one closed by me: they will not connect to the internet.
your usecase is just blocking apps while working in the background for all the time.
if you are happy that every time you start your app it first tries to get an update and propose you to wait for a while, then don't install any background service/updater of the apps. In most programs it's an available option, you just need to dig the menus to find it, or find the updater running and change its options
I used to use this feature but any app which is made by Windows will remove this rule on a new Update. at least in my experience.
Step 1: switch to linux 😂
Don't worry i like your channel and your advice has helped
why would you comment this if this is for Windows?
@@DOOMAnimate-sh1ou because I am a fool
What??? Threre's apps that spy on you, even if you are on Linux, wtf is this take ???
switch to Loonix
yeah, id rather have a worse than average experience! Thank you!
@@ImSimpIicity kernel drivers that are baked into linux and most open source ones will not be after your data unlike in windows.
Thank you...
What obout processes that migrate its self to genuine app or process or even hide itself. Curious saw in the metasploit exploits development
processes don't just migrate by themselves. it's either you or your sysadmin let them do it, or your OS allows them to do it uncontrolled.
Might be both reasons as well )
@@ТоварищКамрадовСоциалистКоммун thanks for the info
Little Snitch works great on a Mac. Is there something similar for windows?
Tiny, simple wall, portmaster
Windows Firewall Control, Glasswire
@@evilleader1991 glasswire sends data to USA servers
I wish windows had a version of little snitch. But its macosx only.
Why do you have msedge running?
Probably testing reasons. As an IT-Supporter I have it on my working computer running, too.
why not? tune its access rights in firewall the way you like )
@@ТоварищКамрадовСоциалистКоммун I have to test stuff in all usual browsers; privately I don't use it at all
Stop using Windows.
So great tyvm
But how do i stop windows from spying on me.
even your mic sends the data?!?!
turn off the power to the device.... much simpler
then change the SSD/HDD to new, install other OS
I would totally block Armoury Crate. What an absolute piece of garbage software.