From e1b40b753209ea581449ca620306bf919f44eb26 Mon Sep 17 00:00:00 2001 From: Simon Moser Date: Mon, 27 Dec 2021 01:10:44 +0100 Subject: [PATCH] Adding script --- .gitignore | 3 + README.md | 33 +++ check_keys.ps1 | 156 ++++++++++++ data.json | 663 +++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 855 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100644 check_keys.ps1 create mode 100644 data.json diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..08e58f2 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +*.log +telemetry.tex +.idea/ \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..e5b1439 --- /dev/null +++ b/README.md @@ -0,0 +1,33 @@ +# Windows 10 Telemetry Checker + +Dieses Tool überprüft anhand der Registry, ob datenschutzfreundliche Einstellungen in Windows gesetzt wurden. + +## Usage + check_keys.ps1 [[-Privacy] ] [[-DataFile] ] [[-TexFile] ] [[-LogFile] ] [-Verbose] + -Privacy spezifiziert, wie genau die Einstellungen angeschaut werden + 0: dieser Aspekt wird nicht überprüft + 1: diese Schlüssel werden im Projekt SiSyPHuS des BSI[1] genannt (Standard) + 2: weitere Schlüssel, die die Übermittlung personenbezogener Daten verhindern[2][3] + 3: dazu umfangreiche Einschränkungen von Apps + -Security spezifiziert, wie genau die Einstellungen angeschaut werden + 0: dieser Aspekt wird nicht überprüft (Standard) + 1: Schlüssel, die die Sicherheit in Windows erhöhen[4] + -DataFile aus dieser Datei werden die Schlüssel gelesen (Standard: ".\data.json") + -TexFile in diese Datei wird die LaTeX-Ausgabe geschrieben (Standard: ".\telemetry.tex") + -LogFile in diese Datei wird das Log geschrieben (Standard: keine Log-Datei) + -Verbose es werden ausführlichere Informationen ausgegeben + +Das Skript sollte als Admin ausgeführt werden und funktioniert auch über Web Delivery. Vorher muss man die JSON-Datei in den aktuellen Ordner runterladen. + + (JSON-Datei runterladen) + PS > IEX (new-object net.webclient).downloadstring("http://droopy/check_keys.ps1") + +## WIP +* Security Levels/checks ergänzen + +## Referenzen + +1. https://www.bsi.bund.de/EN/Topics/Cyber-Security/Recommendations/SiSyPHuS_Win10/AP4/SiSyPHuS_AP4.html?nn=453882 +2. https://docs.microsoft.com/en-us/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services +3. https://it-sicherheit.uni-hohenheim.de/fileadmin/einrichtungen/it-sicherheit/Orientierungshilfe_Windows10_01.pdf +4. https://wiki.greenhats.com/de/Best-Practice/Windows-10-Client-Hardening \ No newline at end of file diff --git a/check_keys.ps1 b/check_keys.ps1 new file mode 100644 index 0000000..d89e1be --- /dev/null +++ b/check_keys.ps1 @@ -0,0 +1,156 @@ +Param( + [int] $Privacy = 1, + [int] $Security = 0, + [string] $DataFile = ".\data.json", + [string] $TexFile = ".\telemetry.tex", + [string] $LogFile = $null, + [switch] $Verbose +) +# Powershell does not catch "non terminating errors" -> make all exceptons "terminating" +$ErrorActionPreference = "Stop" + +function logV([string] $text) +{ + if ($Verbose) + { + log($text) + } +} +function log([string] $text) +{ + Write-Host $text + if ("" -ne $LogFile) + { + Write-Output $text | Out-File -Append -FilePath $LogFile + } +} + +function check_key($key) +{ + $message = "`nTesting key: $( $key.path )\$( $key.name )`n" + $out = "" + Try + { + $entry = Get-ItemProperty -Path $key.path -Name $key.name + $value = $entry.($key.name) + if ($value -eq $key.value) + { + logV("$message Correct value set: $value") + return $out + } + else + { + log("$message Incorrect value: $value; Expected: $( $key.value )") + } + } + Catch [System.Security.SecurityException] + { + log("$message Access denied, try again as administrator") + return $out + } + Catch [System.Management.Automation.ItemNotFoundException] + { + log("$message Key Not Found") + $value = $null + } + Catch [System.Management.Automation.PSArgumentException] + { + log("$message Subkey not found") + $value = $null + } + Catch + { + log("$message Unexpected error") + log($_.Exception) + return $out + } + $out += $texItemTmpl -f$($key.path -replace "\\", "\\"), $( $key.name -replace "_", "\$&" ), ` + $( $key.type -replace "_", "\$&" ), $key.value, $( if ($null -eq $value) + { + "Not set" + } + else + { + $value + } ) + return $out +} + +$user = [Security.Principal.WindowsIdentity]::GetCurrent(); +$isAdmin = (New-Object Security.Principal.WindowsPrincipal $user).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator) +if (-not$isAdmin) +{ + logV("Started as a non admin") + Write-Host "--------------------------------------------------------------------" + Write-Host "!!! Your are running this Script as a non Admin !!!" + Write-Host "Access to several registry keys might be denied" + Write-Host "This will be shown in the resulting output" + Write-Host "It is recommended to start this script as admin" + Write-Host "--------------------------------------------------------------------" + Write-Host "Press any key to continue ...`n" + $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") | Out-Null +} + +if (("" -ne $LogFile) -And (Test-Path $LogFile)) +{ + logV("Clear old log file") + Remove-Item $LogFile +} + +logV("Reading JSON file from $DataFile") +$data = Get-Content -Encoding UTF8 -Raw -Path $DataFile | ConvertFrom-Json + +$texOut = "\begin{landscape}`n\section{Windows 10 Telemetry}`n" +$texCatTmpl = "\multicolumn{{5}}{{l}}{{\textbf{{\textrm{{\ifgerman{{{0}}}{{{1}}}}}}}}}\\`n" +$texItemTmpl = "\url{{{0}}} & {1} & {2} & {3} & {4}\\`n" + +ForEach ($scope in "Security", "Privacy") +{ + if ($( Get-Variable -Name $scope -ValueOnly ) -eq 0) + { + logV("`nSkipping scope '$scope'") + continue + } + $texOut += "\subsection{$scope}`n\begin{sytable}[\ifgerman{Abweichende Registrierungsschlüssel}{Differing registry keys}]{X-l-l-l-l} +{ \ifgerman{Schlüsselpfad}{Key path} & Name & \ifgerman{Typ}{Type} & \ifgerman{Soll}{To-be} & \ifgerman{Ist}{As-is} }`n" + ForEach ($cat in $data.$($scope.tolower() )) + { + if ($cat.level -gt $( Get-Variable -Name $scope -ValueOnly )) + { + logV("`nSkipping category '$( $cat.name.en )'") + continue + } + logV("`nProcessing category '$( $cat.name.en )'") + $first = $true + # Processing keys + ForEach ($key in $cat.keys) + { + $retValue = check_key($key) + if ($retValue -eq "") + { + <# check local GPO as well: + for "HKLM:\SOFTWARE\Policies\Microsoft\Windows\X" + check "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\X"#> + if ( $key.path.Contains("SOFTWARE\Policies\Microsoft\Windows")) + { + $key.path.Replace("Policies\Microsoft\Windows", "Microsoft\Windows\CurrentVersion\Policies") + $retValue = check_key($key) + } + if ($retValue -eq "") + { + continue + } + } + if ($first) + { + $texOut += $texCatTmpl -f $cat.name.de, $cat.name.en + $first = $false + } + $texOut += $retValue + } + } + $texOut += "\end{sytable}`n" +} +$texOut += "\end{landscape}`n`n" + +Out-File -InputObject $texOut -FilePath $TexFile diff --git a/data.json b/data.json new file mode 100644 index 0000000..0016967 --- /dev/null +++ b/data.json @@ -0,0 +1,663 @@ +{ + "privacy": [ + { + "name": { + "en": "Disable telemetry", + "de": "Telemetrie deaktivieren" + }, + "level": 1, + "keys": [ + { + "path": "HKLM:\\SYSTEM\\CurrentControlSet\\Services\\DiagTrack", + "name": "Start", + "type": "REG_DWORD", + "value": 4 + }, + { + "path": "HKLM:\\SYSTEM\\CurrentControlSet\\Services\\dmwappushservice", + "name": "Start", + "type": "REG_DWORD", + "value": 4 + }, + { + "path": "HKLM:\\SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\AutoLogger-DiagTrack-Listener", + "name": "Start", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\DataCollection", + "name": "AllowTelemetry", + "type": "REG_DWORD", + "value": 0 + } + ] + }, + { + "name": { + "en": "Disable application telemetry", + "de": "Anwendungstelemetrie deaktivieren" + }, + "level": 1, + "keys": [ + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppCompat", + "name": "AITEnable", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppCompat", + "name": "DisableInventory", + "type": "REG_DWORD", + "value": 1 + } + ] + }, + { + "name": { + "en": "Cortana and Windows Search", + "de": "Cortana und Windows Suche" + }, + "level": 2, + "keys": [ + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search", + "name": "AllowCortana ", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search", + "name": "AllowSearchToUseLocation ", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search", + "name": "DisableWebSearch ", + "type": "REG_DWORD", + "value": 1 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search", + "name": "ConnectedSearchUseWeb ", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKCU:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Search", + "name": "BingSearchEnabled ", + "type": "REG_DWORD", + "value": 0 + } + ] + }, + { + "name": { + "en": "Device metadata retrieval", + "de": "Abrufen von Geräte-Metadaten" + }, + "level": 2, + "keys": [ + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Device Metadata", + "name": "PreventDeviceMetadataFromNetwork", + "type": "REG_DWORD", + "value": 1 + } + ] + }, + { + "name": { + "en": "Find My Device", + "de": "Mein Gerät suchen" + }, + "level": 2, + "keys": [ + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\FindMyDevice", + "name": "AllowFindMyDevice", + "type": "REG_DWORD", + "value": 0 + } + ] + }, + { + "name": { + "en": "Font streaming", + "de": "Streaming von Schriftarten" + }, + "level": 2, + "keys": [ + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\System", + "name": "EnableFontProviders", + "type": "REG_DWORD", + "value": 0 + } + ] + }, + { + "name": { + "en": "Insider Preview builds", + "de": "Insider Preview builds" + }, + "level": 2, + "keys": [ + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\PreviewBuilds", + "name": "AllowBuildPreview", + "type": "REG_DWORD", + "value": 0 + } + ] + }, + { + "name": { + "en": "Internet Explorer", + "de": "Internet Explorer" + }, + "level": 2, + "keys": [ + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Suggested Sites", + "name": "Enabled", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer", + "name": "AllowServicePoweredQSA", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Explorer\\AutoComplete", + "name": "AutoSuggest", + "type": "REG_SZ", + "value": "No" + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Geolocation", + "name": "PolicyDisableGeolocation", + "type": "REG_DWORD", + "value": 1 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\PhishingFilter", + "name": "EnabledV9", + "type": "REG_DWORD", + "value": 0 + } + ] + }, + { + "name": { + "en": "Microsoft Edge", + "de": "Microsoft Edge" + }, + "level": 2, + "keys": [ + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main", + "name": "DoNotTrack", + "type": "REG_DWORD", + "value": 1 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\SearchScopes", + "name": "ShowSearchSuggestionsGlobal", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\PhishingFilter", + "name": "EnabledV9", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\ServiceUI", + "name": "AllowWebContentOnNewTabPage", + "type": "REG_DWORD", + "value": 0 + } + ] + }, + { + "name": { + "en": "OneDrive", + "de": "OneDrive" + }, + "level": 2, + "keys": [ + { + "path": "HKLM:\\SOFTWARE\\Microsoft\\OneDrive", + "name": "PreventNetworkTrafficPreUserSignIn", + "type": "REG_DWORD", + "value": 1 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\OneDrive", + "name": "DisableFileSyncNGSC", + "type": "REG_DWORD", + "value": 1 + } + ] + }, + { + "name": { + "en": "Privacy settings", + "de": "Datenschutz-Einstellungen" + }, + "level": 2, + "keys": [ + { + "path": "HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\AdvertisingInfo", + "name": "Enabled", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo", + "name": "DisabledByGroupPolicy", + "type": "REG_DWORD", + "value": 1 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\System", + "name": "EnableCdp", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\LocationAndSensors", + "name": "DisableLocation", + "type": "REG_DWORD", + "value": 1 + }, + { + "path": "HKCU:\\Software\\Microsoft\\Speech_OneCore\\Settings\\OnlineSpeechPrivacy", + "name": "HasAccepted", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\DataCollection", + "name": "DoNotShowFeedbackNotifications", + "type": "REG_DWORD", + "value": 1 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent", + "name": "DisableWindowsConsumerFeatures", + "type": "REG_DWORD", + "value": 1 + }, + { + "path": "HKCU:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent", + "name": "DisableTailoredExperiencesWithDiagnosticData", + "type": "REG_DWORD", + "value": 1 + }, + { + "path": "HKCU:\\Software\\Microsoft\\InputPersonalization", + "name": "RestrictImplicitTextCollection", + "type": "REG_DWORD", + "value": 1 + }, + { + "path": "HKCU:\\Software\\Microsoft\\InputPersonalization", + "name": "RestrictImplicitInkCollection", + "type": "REG_DWORD", + "value": 1 + } + ] + }, + { + "name": { + "en": "Software Protection Platform", + "de": "Softwareschutzdienst" + }, + "level": 2, + "keys": [ + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform", + "name": "NoGenTicket", + "type": "REG_DWORD", + "value": 1 + } + ] + }, + { + "name": { + "en": "Sync your settings", + "de": "Synchronisierung der Einstellungen" + }, + "level": 2, + "keys": [ + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\SettingSync", + "name": "DisableSettingSync", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\SettingSync", + "name": "DisableSettingSyncUserOverride", + "type": "REG_DWORD", + "value": 1 + } + ] + }, + { + "name": { + "en": "Teredo", + "de": "Teredo" + }, + "level": 2, + "keys": [ + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\TCPIP\\v6Transition", + "name": "Teredo_State", + "type": "REG_SZ", + "value": "Disabled" + } + ] + }, + { + "name": { + "en": "Windows Defender and SmartScreen", + "de": "Windows Defender und SmartScreen" + }, + "level": 2, + "keys": [ + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows Defender\\Spynet", + "name": "SpyNetReporting", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows Defender\\Spynet", + "name": "SubmitSamplesConsent", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Reporting", + "name": "DisableEnhancedNotifications", + "type": "REG_DWORD", + "value": 1 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\System", + "name": "EnableSmartScreen", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\SmartScreen", + "name": "ConfigureAppInstallControlEnabled", + "type": "REG_DWORD", + "value": 1 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\SmartScreen", + "name": "ConfigureAppInstallControl", + "type": "REG_SZ", + "value": "Anywhere" + } + ] + }, + { + "name": { + "en": "Delivery Optimization for Updates", + "de": "Übermittlungsoptimierung für Updates" + }, + "level": 2, + "keys": [ + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\DeliveryOptimization", + "name": "DODownloadMode", + "type": "REG_DWORD", + "value": 99 + } + ] + }, + { + "name": { + "en": "Windows Error Reporting", + "de": "Windows Fehlerberichterstattung" + }, + "level": 2, + "keys": [ + { + "path": "HKLM:\\SOFTWARE\\Microsoft\\Windows\\Windows Error Reporting", + "name": "Disabled", + "type": "REG_DWORD", + "value": 1 + } + ] + }, + { + "name": { + "en": "Windows Spotlight", + "de": "Windows Spotlight" + }, + "level": 3, + "keys": [ + { + "path": "HKCU:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent", + "name": "DisableWindowsSpotlightFeatures", + "type": "REG_DWORD", + "value": 1 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization", + "name": "NoLockScreen", + "type": "REG_DWORD", + "value": 1 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent", + "name": "DisableSoftLanding", + "type": "REG_DWORD", + "value": 1 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent", + "name": "DisableWindowsConsumerFeatures", + "type": "REG_DWORD", + "value": 1 + } + ] + }, + { + "name": { + "en": "App restrictions", + "de": "Beschränkungen von Apps" + }, + "level": 3, + "keys": [ + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsAccessLocation", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsAccessCamera", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsAccessMicrophone", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications", + "name": "NoCloudApplicationNotification", + "type": "REG_DWORD", + "value": 1 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsAccessNotifications", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsAccessAccountInfo", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsAccessContacts", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsAccessCalendar", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsAccessCallHistory", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsAccessEmail", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsAccessMessaging", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Messaging", + "name": "AllowMessageSync", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsAccessPhone", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsAccessRadios", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsSyncWithDevices", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsAccessTrustedDevices", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsAccessMotion", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsAccessTasks", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsGetDiagnosticInfo", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\System", + "name": "EnableActivityFeed", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\System", + "name": "PublishUserActivities", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\System", + "name": "UploadUserActivities", + "type": "REG_DWORD", + "value": 0 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsActivateWithVoice", + "type": "REG_DWORD", + "value": 2 + }, + { + "path": "HKLM:\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy", + "name": "LetAppsActivateWithVoiceAboveLock", + "type": "REG_DWORD", + "value": 2 + } + ] + } + ], + "security": [ + { + "name": { + "en": "Automatic connection to non-domain networks", + "de": "Automatische Netzwerkverbindung zu domänenfremden Netzen" + }, + "level": 3, + "keys": [ + { + "path": "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\WcmSvc\\GroupPolicy", + "name": "fBlockNonDomain", + "type": "REG_DWORD", + "value": 1 + } + ] + }, + { + "name": { + "en": "", + "de": "" + }, + "level": 3, + "keys": [ + { + "path": "", + "name": "", + "type": "REG_DWORD", + "value": 0 + } + ] + } + ] +} \ No newline at end of file