a group of us have been working on a build of Windows 10 focusing on privacy and stability.
All telemetry and windows update functionality has been entirely deleted from the system (about 2GB removed). We also removed all default apps (Edge, Cortana of course, Windows Media Player etc…) and replaced them with FOSS alternatives.
Give it a try: https://actrons.info/ame.html
A clonezilla image is provided, simply clone it to a disk and expand C to the rest of the disk.
the default USER and PASSWORD are test
I have no way of proving that this is not "fishy". However, feel free to try it in a VM and monitor it's activity, there is also a pdf on the site documenting everything we did to AME.
>>1412> a build of Windows 10 focusing on privacy and stability.
Is that a joke?
some people need to use windows for any number of reasons. Some of these people might appreciate an operating system that both supports certain specific software natively, and also is, while still doubtless imperfect, less of a mess than default installs.
Windows 7 is quite old at this point, and has many of the modern spyware features ported to it if you have the latest updates installed.
Windows 7 will also not run on modern hardware very well.
Windows 10 has a bunch of improvements under the hood.
One feature for example, is that it can be made portable, that is an install can be transplanted into different hardware or into a VM without ANY issues.
Understandably, would you mind sharing a few of those, as I might be able to address them.
I'm not interested in having my concerns about this project addressed. I'm interested in staying as far away from this as possible, and migrating anyone I know who might use it to Linux. This looks like a malware vector, because modified versions of Windows available for free download have been malware vectors for literally decades.
Tell me, why do you ship most of tweaks as a bat script a user is supposed to run on proprietary system that gives no full acknowledge if these settings are actually applied or not instead of running them from Linux with mounted partition. Is it because you are too stupid to even rewrite obviously not your script in bash and add folder removal from step 14 there, but too smart to soykaf on Stallmann and porr old man's world views?
Also, why are you distributing an unknown exe file in a zip archive. Should I trust your "FOSS" ideology whatever it means and believe it is really>required for the script to run
because you said so?
What is this Windows 10 Build 1511 even? Why not LGBT version which already comes without most bloatware and has better update policies?Don't read his blog posts guys, they gave me cancer. He writes like pretentious homosexual, probably American.
I am not saying this is a good implementation of a well secured windows distro, simply that it seeks to fill a niche for which there is an audience, small no doubt but present.
What are you doing man? Promoting an unmatched Windows 10 1511 build?
That's just asking for trouble (see KB4038783 )
An exercise in futility.
Assuming you meant "unpatched", the security concerns are covered on the page in the OP.
Perhaps, but as >>1426
pointed out, I believe it will have it's audience.
That audience would be better served by airgapping, not by this super-sketchy "private Windows" nonsense.
Then he shouldn't be touting it as a Windows 10 build that focuses on privacy.
>It's a shame you put so much effort only to get hounded by countless neets and morons who are incapable of understanding why an os with proper support and usability in all cases is necessary.
There's two possibilities here. Either op is pushing malware, or op is sincere.
If op is pushing malware, we're done here.
If op is sincere, they need to publish the source of their mystery exe required to run their script, and await a reasonably professional audit of the source. What precisely
is this doing? Why do dozens of highly reputable security groups and companies (many of whom publish source and document their modifications) make no guarabtees regarding their own privacy-hardening tools? Who is op and their friends, aside from some people who can afford a .info and a VPS somewhere?
This isn't some random little phone app. This is a goddamn operating system
, with the keys to the kingdom of all of one's personal info. I need far more proof of intention and capability than "lol trust us, we love the FOSS".
op here, there is not way for me to prove that AME isn't infested with some sort of malware or miner, other than my word.
However we did publish our entire documentation how to master an AME install yourself here: https://actrons.info/pdf/win10_ame_15-10-2017_doc.pdf
This represents the only way in which we can build trust: Have independent anons build it themselves and compare it to our images.
>to publish the source of their mystery exe required to run their script
If you are referring to the security center removal tool, which is downloaded as part of the script referenced, the source code IS included in the download (it is just deleted when it completes). Simply download the .zip here, which includes the sources code as well. https://actrons.info/files/SecCenterv2.zip
This file is actually an legacy and part of an outdated effort to maintain privacy using the attached script, which, for a number of reasons, turned out to not be possible.
Thank you, this means a lot.
I understand your concerns, and I very much agree with you. Nobody should ever adopt anything that's just been made public. But I feel the response to the project has been extremely hostile and very few are willing o grant op the benefit of the doubt.
If op is pushing malware, then we should continue to investigate until such malware is determined so that we can be aware of the danger and close this particular case.
If its genuine, then this should by no means be ignored or pushed aside. Windows 10 is an unusable piece of soykaf, but for many people the microsoft os suite is critical. If we can render it as safe as possible, or at the very least usable, we should strive to do so. Linux and foss will never be widely adopted by the masses in the forseeable future; if we have an alternative for the public we need to push it as hard as possible.
Even if it turns out a disappointment, a project like this should exist and is extremely valuable to everyone - foss people and normals alike and can serve as a common ground where everyone can agree on something. At the very least its adoption might sway microsoykaf to tone it down a little on the spyware.
>>1438>we should continue to investigate until such malware is determined>until such malware is determined
Here, I found one, it's called Windows 10>but for many people the microsoft os suite is critical
I do not understand how using harmful unethical bloated software may be critical. You want to write documents and print them? Use latex. Want to run games? Use Wine.>If we can render it as safe as possible
Airgapped machine only. Maybe a VM without network access will do the trick too, but even Rutkowska tells us not to trust hypervisors.>a project like this should exist and is extremely valuable to everyone
Go to github or google and search for "windows 10 telemetry removal", a million and one similar projects pops up with history dating back to 2015.
>>1436>includes the sources code
The source code should prove that there's no virus, right?
unless you have some binary blob in it or something, i don't see what the problem is.>>1438>everyone can agree on something
what can we agree on?
>Founder of the FSF, and creator of the GNU userland, Richard Stallman, holding a somewhat controversial position, has nevertheless garnered much respect from the open source software community. (emphasis mine)
I think rms would take issue with that.
its not like they did a couple of regedit memes, hid cortana, and called it a "build". they removed rather large and integral parts of the OS. >>1412
OP, how are updates run with WUS being removed? do i just have to store all of my data to D: and reapply the image every so often?
Thank you, we are incorporating this into the latest build.
Well "open source" is older than rms, he is the one that introduced the idea of free/libre, so the statement is kind of accurate: he got respect from those doing open source software.
Great! Now all that's left to do is replace the kernel and userspace with something libre, oh wait. Linux distrobutions already do that.
I wish this project was still a thing and there was an updated build…
just use windows 10 enterprise ltsb as a base and from there harden the system yourself. on top of that block telemetry domains and ips with an external network firewall and a dns sinkhole. but note that ltsb does not have latest windows defender features such as emet, virtualization based security etc. so it is a trade-off.
don't be the paranoid ever-fearful libre-user. learn threat modeling and proper opsec measures instead. compartmentalize your work environment, have different action plans for different scenarios. there is no way of hardening a system against every possible way of attack. that's a fucking unicorn you cannot catch.
I use Arch Linux on my main machines (desktop and laptop) even for games wine has come a long way with Vulkan now. It's just sad to see a project like this popup with a single release and then disappear.
It's completely normal they stop. Have you seen the reaction they collected over different chan? People trash talk them saying it was useless etc.
They must have been discourage and though it was useless when in fact it was pretty good move from them.
I (and many others) have learned the hard way for the past two decades that "unofficial mystery Windows variant from anonymous sources" equals "malware nightmare waiting to happen". I don't care about the intentions of the people behind this project. This whole thing looked super-sketchy from the get-go.
If their goal was to create a secure and private OS centred around running legacy Windows software, they could have a) contributed to ReactOS development, or b) taken a reputable Linux distro and focused their efforts on polishing Wine and VM configs.
I agree with you. It doesn't mean that what they did shouldn't be applaud none the less. It's beautiful idea that was put together. We don't know the extend of the skill of the creator and so this initiative naive or malicious still deserve some recognition that people didn't acknowledge.
OP here, we are not finished.
The website is merely down temporarily.
A direct download link to the latest "build" can be found here:
Changelog for 15.7.2018>Updated cygwin theme to look like cmd>added an option in the right click menu to allow MPV to play all files in a folder (right click on a folder to play items inside)>dot net 3.5 from the installer ISO>all vc redist 2005, 2008, 2010 32 and 64 bit>directx package from chocolatey
We also have a telegram group for those interested:https://t.me/joinchat/CR-xFBGQKVt7HPZKgZfbxg
I don't understand why you're distributing ISOs. Is your set up process not fully reproducible?
It is reproducible, we have compressed a .vhd to a .wim and injected it into a stock windows ISO just for convenience.
Distributing an ISO is far more convenient to most people who just want to install their OS rather than do make several reboots, boot into linux to remove files, install several applications, and make multiple registry edits. The most important modifications to most of the OS file cannot be made while booted into Windows, otherwise this project would have remained a batch script. I implore you to read the documentation as that will further clear up why we had to do things this way.
Distribute Linux scripts and a live ISO that contains them for those who don't want to dig in.
Distributing pirate copies of WIndows is asking for trouble, also it attracts questions of concerned users like in this thread.
Should probably stop playing vidya for two minutes and look over this system. I'll check my firewall logs later and report back if I see anything weird. My old windows install was soykafting on me like it always does after a 8~ months so I gave it a shot.
I have it installed on a separate disk and haven't been on it in a minute. I remember that powershell was broken, and chocolatey returned some error. I'll post again with more info.
Pretty refreshing user experience though (for windows that is.) Nice to have a usable start menu again.
You had better be talking about a hardware firewall. If you don't trust the OS, you can't trust a firewall running on the OS.
Cool project, OP.
People here are so negative.
>>2058>People here are so negative.
People here are so CAREFUL, and with good reason. Modified closed-source OSs from pseudonymous sources have been malware vectors for decades.
But hey, if potential users of this project want to LARP as cyberpunk outlaws but keep Windows around so that they can play videogames and run photoshop, no skin off my back. Ain't my machine at risk.
Yes, hardware firewall. Separate systems entirely.>>2062
>People here are so CAREFUL, and with good reason. Modified closed-source OSs from >pseudonymous sources have been malware vectors for decades.
And rightly so…
And I forgot that my password manager is saved to drive windows can't see…>>1412
Got a segmentation fault when running choco for anything at all. Literally just "Segmentation fault." Looks like I'm on my own.
Powershell just ends with a generic "Powershell has stopped working."
>>2064>Yes, hardware firewall. Separate systems entirely.
That's a funny way to spell "air gap" or "inside a faraday cage".
Heyyo, it's vidya boi again. Haven't had my system cryptographically locked yet. Comparing traffic metrics alone nothing looks out of the ordinary so far. I need to change my logging settings to keep records for longer though.
Gonna play some more games and check logs again to see if I notice anything different.
Running Windows without security patches strikes me as a particularly risky idea, unless you keep it completely offline.
But why Win 10 and not Win 7 or even XP? It looks very ugly and cold and unattractive.
why not just use linux at this point lmao
for windows-specific applications, aka the only reason to use windows at all
This reminds me of those old custom XP installs
The idea is not bad but theres only so much you can do with win10 since its closed source
Still I'm not touching this without a public repo where I can see what the modifications are.>>1422
Win7 and previous were already "portable" in that you could take your HDD and plug it in another PC. Meanwhile win10 locks you through hardware and you can't do that, if you buy a new rig you have to migrate everything which sucks, specially if your old rig suddenly died.
So has anybpdy actually tested this and got reports to show? Or is everybody just going to soykaf talk OP?
I don't think anyone qualified to do a thorough pcap analysis on this would bother.
Cautioning people who may not have been around for the heydey of trojan'd Windows ISOs about the dangers of trusting one's GODDAMN OPERATING SYSTEM to random anonymous people is not "soykaf talking".
Run sourced-from-Microsoft Windows if one desperately needs to run Windows-only programs that don't play nice in Wine. For all of Microsoft's horrific history and despicable acts, at least they don't pre-load the OS with banking trojans and other soykaf like that.
I've said it before and I'll say it again: the time and effort that these AME people put into this dubious project would have been better spent on testing Wine or Virtualbox configurations.
Im glad some people are at least trying. Wine is a meme that never fucking works for anything more complicated than calculator.exe. Gaming on linux is a complete and utter joke that anyone involved in linux development should be ashamed of.
Yeah, I love Linux and use it for everything, but I tried wine 2 times this year, and both times it failed completely, not even giving me meaningful error messages or anything. One of these was a simple music player. I don't know.
>>2374>Gaming on linux is a complete and utter joke that anyone involved in linux development should be ashamed of.
I've actually spoken to Linus about this. It's a source of great personal shame that GTA V under Wine is worse than it is under Windows. I asked him if he was okay and he said he was, but you could tell. You can always tell…
I generally have pretty good luck with Wine. Are you using an older version?
And you can run Assetto Corsa Competizione with VR and Fanatec's steering wheel, can you?
Until they release the scripts that produce an deterministic iso, it's completely untrustworthy. I'm not wasting my time with mystery meat
>>2387>pretty good luck
I guess thats what it boils down to. Luck.
>>2374>Gaming on linux is a complete and utter joke that anyone involved in linux development should be ashamed of.
Except that whatever platform the game studios and nvidia/AMD decide to support has literally nothing to do with Linux or Linux developers. You also don't seem to have any clue how much effort they go through to get anything working at all even on a single platform.https://www.dsogaming.com/news/ex-nvidia-driver-developer-on-why-every-triple-a-games-ship-broken-multi-gpus/>>2376>I've actually spoken to Linus about this. It's a source of great personal shame that GTA V under Wine is worse than it is under Windows.
Not sure which is worse, actually complaining to the lead kernel developer about a userspace emulator or just lying about it.
Woah, hey, you calling me a liar? Are you saying I didn't talk to Linus Torvalds about Grand Theft Auto under Wine and that he wasn't barely holding back tears? Well you're right. Good catch.
Pretty good idea tbh, though i already heard about such projects. But honestly if you would be able to not only unbloat, that can be done with just a few programs like shutup10 or winaero tweaker, but if you could add easy customization options too , it would be great. I successfully unbloated and customized my win10 pc, no telemetry, no bloat, custom icons, and GET ONLY SECURITY UPDATES, it can be done just by using wsus. I have to use win 10 because i have a wmr that can be launched only on win10. Anyway gl with your project lain.
>>2688>I successfully unbloated and customized my win10 pc, no telemetry
What did you do to verify this?
>>2691>>I successfully unbloated and customized my win10 pc, no telemetry>What did you do to verify this?
I'm assuming they air-gapped it with a faraday cage, because that's literally the only way to make sure a Win10 PC with radio hardware of any kind isn't phoning telemetry home.
Dear Win10 users: You can not keep anything private from Microsoft. Just rip that bandaid off and install some flavour of Linux or BSD. Heck, even has-some-issues Ubuntu is lightyears ahead of Win10 on the privacy front. Just do it!
Okay so about this. I put simplewall on it, that works just as a firewall should, with this, i can block every telemetry and other bullsoykaf windows has to send to nsa lmao. it's so powerfull that the win store and update button are broken now, giving some errors. But if it was the only problem. with winaero i did some cleaning on it, disable updates so i can peacefully get only security updates just using wsus. disabled ads that pop up on menu, disabled the option that makes windows download games on ur fucking computer, disabled cortana of course, i was too lazy to uninstall it but disabled is good enough.
I did all this cleaning in cases i have to turn off simplewall, in example when something cant run somewhy, i dont want to get waves of bloat in seconds in this case.
The question wasn't which snakeoil magic buttons did you pressed.
The question was what did you do to verify it's working?
"Some windows thingies seem to be broken" is not a very high bar.
imagine caring about privacy and not using linux/openbsd holy fuck you retards are sad
Here's an interesting question: What's the best way to run a real Windows 10 environment (not Wine) without compromising privacy? Networkless VM?
>>2730>imagine caring about privacy and not using linux/openbsd holy fuck you retards are sad
Privacy, networking, Windows. Pick two.
I verified it with a pretty stupid but working way, connected to the phone wifi and downloaded something like wireshark on the phone. >>2732
i can't deny that linux (system d haha) is much better than windows in terms of privacy, but as you see if you spend about a week to make your win10 a fine OS then you're fine. though it still eats about 3gb of ram holy tomatoes.
Everything you are doing is pointless, and everything you are saying is dumb. My hopes are twofold:
1. I hope that you someday realize just how pointless and dumb your imaginary "private Windows" project is. Windows simply cannot be made "a fine OS". You cannot accomplish what you imagine that you've accomplished.
2. I hope people who are reading this thread and considering mimicking your actions realize just how pointless and dumb those actions are.
The backlash on this project really astounds me. Keep up the good work, I've used your image for several occasions that I've needed Windows 10 but didn't want the full shebang.
Obviously using any amount of proprietary software, especially that by Microsoft, isn't going to be as private as using any Linux distro. But people really need to keep into consideration the reason that someone may actually be interested in an image like this. It allows people to run Windows applications with a minimized footprint (both resourcefully and telemetry wise). Sometimes, you just need to be practical about things.
It's really just not practical to be running Linux 24/7 for everything. Wine isn't perfect and some people may have perfectly valid professional reasons to run Windows. This project makes that a more bearable thing to have to do.
I expected people here to be more savvy than this. Apparently I was very mistaken. In the future, when
running this comes back to bite you in the butt, don't say you weren't warned.