Considering move from Group A to Group B, advice appreciated

Topic

New Reply

Hi all,

Thanks for opening this post, I guess you get myriads like it. However I was not able to find a case sufficiently similar to mine, so here goes.
I am looking for advice on whether it makes sense to switch habits from “paranoid Group A” to “Group B”. If you feel like it, additional suggestions are always welcome! So here goes.

I have W7 x64 and have been paranoid about Windows Update for the past years. However I have occasionally/regularly been urged into installing Rollups when there were sufficient threats patched, usually RCE. The general situation of my PC is as follows:

• Patched until February Security rollup + 4100480 Total Meltdown fix
• Opted out of CEIP
• Disabled several telemetry issues using group policy
• Torched Tasks and Services with fire using online checklists
• Blocked known MS telemetry domains using HOSTS
• Blocked DiagTrack traffic using firewall
• More generally, vigilant firewall asking me about any unknown communication
• (Silently ashamed of procrastinating/being too lazy to set up a proper backup/restore procedure)

Given the above, does it make sense to move to Group B? If so, what are the advantages over my current approach? Are there any gaping security holes I’m missing?

Thanks for bearing with me! I’m looking forward to your advice!

Reply | Quote

Replies

First, stop feeling ashamed, and back up that data! For your own good…

Then, check out AKB 2000007 Turning Off the Worst Windows 7 and 8.1 Snooping, by Woody.

For a very detailed article, PKCano’s KB 2952664 Telemetry in Win7 and 8-1 KB2952664, KB2977759, KB2976978, KB3150513, covers history, testing done, and recommendations, with relevant links for even more information.

MrBrian is a wonder when it comes to real world testing. Click on his avatar somewhere, and check out his topics and posts. He has made specific recommendations regarding hiding all patches you don’t want to apply, based on testing that shows some updates are never offered unless all other updates that arrive checked, are either installed or hidden. If you don’t allow automatic updating, you may be missing some of these.

Actually, you can click on anyone’s avatar (even their generic one) and go to their profile page, and find topics they have started, and posts they have made. That way, if you find someone who thinks along the same lines as you, you can check out their posts, without having to go through page after page in the forums, looking for them. There are a lot of different tech experts here, with views from Canadian Tech keeping steady on the Group W bench, to Ch100 who recommends following Microsoft’s guidelines for the best experience. You mention using a firewall, so check out Noel Carboni, too. He manages to prevent his system from contacting anything he doesn’t approve. It gives him control and stability, and a very secure system. Some people are moving to a Linux distro for on-line access, and dual booting or running Windows in a virtual machine. Interested? Take a look at  Other Platforms for Windows Wonks. Mr.JimPhelps has reported on his experiences with several different distros, in detail.  There is more than one way to configure and use your computer… and it should be your values, and your choice (are you listening, Microsoft?).

Looking forward to hearing about your journey, your choices, and your results… It would be easier to follow if you registered, or even sign your anonymous posts in a consistent matter. There are an awful lots of anonymous postings out there, and it can be easy to mix them up… just saying (I was anonymous for years, so who am I to talk?)… but you do get better responses to your posts if you identify yourself some way (speaking from experience, you  see).

 

 

Non-techy Win 10 Pro and Linux Mint experimenter

5 users thanked author for this post.

Cybertooth, Speccy, AlexEiffel, amraybt, MrBrian

Reply | Quote

“What evidence exists that Group B gets less telemetry than Group A?”

Reply | Quote

If it worth anything to you, I was group B at the beginning and ended up on group A.

I didn’t feel at some point that group B offered me any tangible benefits for sure and I was afraid that it could create more issues, as most installations would be A anyway and typical large scale testing would be on those. To me, group B was more hassle, having to keep note of what I installed and skipped. I also didn’t think being on A I would get many unwanted new features, having experienced with Vista Ultimate how Microsoft definition of extras is not much. So, that was a positive to me to not receive changes in the OS and mostly security updates. To me, it is just simpler to delay the patching a bit to make sure everything is fine, and then apply later, unless there are special situations that commands a deeper analysis like the Spectre/Meltdown and Total Meltdown issues.

The question of telemetry is a sensitive one for me. I really despise the forced use of telemetry. I have it on the Windows 10 stations I have, although I tried to kill it as much as I could too. My Windows 7 work PC is set to opt-out of CEIP and all that. I just hope that the telemetry will be very basic, but I feel a bit powerless against Microsoft ability to do whatever they want anyway by introducing many alternate means for it and I already feel like I was fighting a loosing battle over Microsoft on Windows 10. Today, I devote more energy learning Linux than trying to tame Windows. It seems the advice of ch100 has finally caught up on me: if you don’t like it, don’t expect that you have much power over it, maybe you shouldn’t use it. Microsoft won’t move away easily from everything I hate about Windows 10, unless there is a clear uproar. Given the amount of people using Facebook, those wiretap home speakers and lots of other online services, I am not very optimistic on the consumer side. I see my future as a mix of OSes, maybe, and Windows in a VM with no Internet access on some stations.

Don’t think I didn’t do a lot. I have a ton of tweaks and scripts and group policies I prepared to set-up 10 the way I wanted it to be, but I find it depressing that with each feature upgrade, I still need to manually look at so many things that can be disabled now or reenabled if I had disabled them. I find the peace of group A on 7 much nicer than anything 10.

You seem like you devoted lots of energy trying to reduce telemetry. If you stay A, you might want to check more often what can change, but then again, are you sure you will avoid telemetry? I would spend more time doing backups instead, especially with the ongoing issues we had with security vulnerabilities and patches. If a Total Meltdown type malware hits you, I’m sure you will be more happy to have backups than having tried to disabled telemetry.

Noel Carboni has a good post about how he does backups.

Good luck!

Reply | Quote

Thanks all for your informative contributions! I’ve been madly busy the past time so I didn’t manage to write a proper thank you message until now — my apologies.

There is a lot of information in the posts, and they are very comprehensive. I highly appreciate this and the fact that there are many different viewpoints existing side-by-side on a forum without stuff getting derailed. Job well done, I’m impressed!

As to the topic at hand, I have been convinced by especially Alex’s story to stay in group A together with my current set of measures. I additionally have moved backups way up my priority list, I’ll take a closer look at things when my schedule is a bit more permissive.

In short, thanks for the wealth of information and for managing to kick my a** into movement regarding the backup topic. I’ll surely stay around and when I feel that I can contribute something I’ll register and give back what you’ve so generously given.

2 users thanked author for this post.

AlexEiffel, Elly

Reply | Quote

I’ve always been in Group B, to avoid the telemetry/snooping aspects of Windows 7 rollups. Somebody please correct me if I’m wrong, but my understanding of it is that the snooping will persist for as long as the rollups containing it remain installed on your PC. So if you were to make the jump over to Group B, you may want to consider undoing the rollups that you’ve installed to date and replacing them with their corresponding month’s “security only” updates, as listed in PKCano’s rundown. While you’re at it, bear in mind MrBrian’s “unofficial” but highly useful procedure for going about installing the updates.

 

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

2 users thanked author for this post.

MrBrian, Elly

Reply | Quote

“What evidence exists that Group B gets less telemetry than Group A?”

Reply | Quote

And don’t forget to install all the “special” updates you missed by not installing the Rollups.

Reply | Quote