Category Archives: Privacy

Seven to ten to seven

Seven to ten to seven

“Seven to ten to seven”

As you undoubtedly know, for now my recommendation about Windows 10 is: Stay put when you’re on 7, upgrade when you’re on 8/8.1. If you disagree, that’s fine: do what works for you. Of course, there is an “if”, namely, you’d better upgrade to 10 in order to secure the 10 upgrade for free before the promotion ends. As such, I’ve been a busy bee, taking Windows 7 machines, making an image of their disk, then upgrade and the revert to the 7 image.
Technically, you can upgrade to 10, ensure your machine is activated and then click the “revert to 7” button in the “Upgrade” section somewhere. You have 30 days to do this. Now, personally, I prefer the “image-upgrade-restore” process because you do not know what Microsoft does when you click the rollback button. Is your machine hash flagged? Well, you get to say what you think of 10, but there is most likely not a human soul that will ever see these complaints.

Being more the Unix guy, I automated my work as far as possible. The automation consists of three parts: an imaging script and two windows scripts (reg and cmd). The first script is actually rather old and was originally written for other purposes: image newly bought PCs. It uses parted, so I assume that it should work on GPT partition layouts, but I have never tested this.

Now, to be entirely honest, you’re not going to manage to do the imagining without a little crash course on devices and the Linux command line. (Only tested on Ubuntu 14.04 LiveUSB. Dependencies are: ntfsclone, dd, dmidecode, hdparam and probably another few)
Basically, you’ll run it as following: sudo ./generate-image.sh /dev/sda
However, this assumes a few things: your working directory has my script, that in this working directory you have enough space to store the generated images and that the disk you want to image is /dev/sda (which it most likely will be, but I cannot say for sure). You also need to be sure that no partition of /dev/sda is not mounted. (Hey, now that’s something I could add to my script…)
When you run that script, it will create a directory based on your machines information, and will attempt to image the mbr (full and without partition table), and all partitions. For vfat it reverts to dd, for ntfs it reverts to ntfsclone and it generates a restore.sh script for your convenience for easy restoration. I’d say: cool, but you may think otherwise.

Nevertheless, I have decided to publish it here for the nerdier guys.

So, then you upgrade to 10, wait until it’s activated and that’s the last you’ll see from Windows 10.

Now, you boot back to your LiveUSB, go to the image directory the script created and run sudo ./restore and it will restore everything magically. If you want to use the backed up partition table, give any parameter (it’s a bit dumb, yes…).

When it’s all done… Reboot. You’re back to your Windows 7 machine as if nothing ever happened.

Now for the part any Windows user can do. The two scripts in the privacy.zip, are privacy.cmd and privacy.reg. The reg file you can just double-click, and it will essentially mark your machine as being “not interested in Windows 10, don’t bother me any more”. It disables GWX (the Windows 10 notification icon), disables the upgrade function, disables reservation and disables the fact that recommended updates are treated like important updates. This is important, because Microsoft used the “recommended” channels to push these -let’s just say “annoying”- patches to your computer.

The privacy.cmd script does something entirely different. If you haven’t been living under a rock the last months, you know that Microsoft pushed patches that adds a tracking services to your pristine Windows 7 installation. Now the script starts off with stopping that service, and then disabling it. I do this, because the uninstallation of the offending patches might fail for some reason. At least, then you’re sure the service is off. After it has done this, the script tries to uninstall the patches related to the Windows 10 upgrade and the tracking service.
Be advised, in order for the privacy.cmd script to work you need to run it as Administrator. Right click on it, then select “Run as Administrator”. It might take a while.
Congratulations, the nagging for the upgrade should stop, until Microsoft decides to push it as an important upgrade. After a reboot, you may want to manually mark these patches as hidden. Perhaps I should try to figure out, whether you can do that with a registry patch too.

On shared computer accounts.

“I read your email” used to be a popular system administrators t-shirt. It probably still is.  Ever since I started playing system administrator, for home systems, it was one of the things I didn’t do.  It’s user data, you don’t touch user data and it’s the way it should be.

Way back in those days, the typical home computers did not have significant user accounts.  Stuff was shared, and I do remember one occasion of one of my family member going through our Eudora account and being angry at something I wrote.  I don’t even remember what it was, it must have been quite petty.  It is then that we separated everything for everyone: everyone got his/hers account,  password protected, preferably with the screen saver locking out access.  All this even got better when we switched to Windows NT 4.0 and later (the best operating system coming from Redmond, ever) Windows 2000.

It brought fun stuff like, having your own colour scheme, your own wallpaper and you could organize your data as you wanted.  The downside was having to log out and the log in when another user wanted to use the machine.  I mean, I am talking pre-Windows XP, here.  When we did switch over to XP (rather late, SP2 was just released), the “Fast User Switching” feature was one of the biggest arguments.  That, and the superior wireless handling.

Why, do I write this?  It’s 2014, and I just found out, by reading into the context, that a certain branch of my family uses a shared computer account.  Today, around 20 years after we started separating our accounts.  They don’t even have the technological hurdles, we used to have!  When I pointed them out that this was not a good idea, I got the typical “we have nothing to hide to each other”.  Well, neither do I… Not really, at least, but you might need the occasional brain bleach if you do go meddling in my data.  For me this is about respect:  I respect your part of the computer and you respect mine.  Just as I respect your sock drawer and you respect mine.  I can look in it, but I won’t.  Because I respect you.  It’s the same reason, my wife won’t ever take my phone without asking me, and I won’t do that with hers either.

In that sense, it’s about trust: I trust you enough to give you your privacy.  I expect the same from you.  Let’s say it a bit differently: You may have nothing to hide, but you should still value your privacy.  Even from loved ones.

As you see, I don’t even touch on global spying, where the NSA and other governments try to track your every move and violate your privacy continuously.  That’s the big picture, but really, you won’t get the big picture if you fail to see the issues within your own four walls with your loved ones.