Andreas/noid-privacy
1
0
Fork 0
mirror of https://github.com/NexusOne23/noid-privacy.git synced 2026-02-07 04:01:52 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix: README + FEATURES accuracy - ASR 17+2, Privacy Strict, AntiAI 15 features, Strict vs Paranoid UCC

Browse source
This commit is contained in:
NexusOne23 2025-12-09 06:38:01 +01:00
parent 12cb441626
commit afab466367
2 changed files with 15 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

14
Docs/FEATURES.md
View file

@ -15,7 +15,7 @@
| **ASR** | 19 | ✅ v2.2.0 | Attack Surface Reduction rules |
| **DNS** | 5 | ✅ v2.2.0 | Secure DNS with DoH encryption |
| **Privacy** | 77 | ✅ v2.2.0 | Telemetry control, OneDrive hardening (Strict: 69 Registry + 2 Services + 6 OneDrive) |
| **AntiAI** | 32 | ✅ v2.2.0 | AI lockdown (13 features, 32 compliance checks) |
| **AntiAI** | 32 | ✅ v2.2.0 | AI lockdown (15 features, 32 compliance checks) |
| **EdgeHardening** | 24 | ✅ v2.2.0 | Microsoft Edge browser security (24 policies) |
| **AdvancedSecurity** | 50 | ✅ v2.2.0 | Advanced hardening beyond MS Baseline (incl. Wireless Display, Discovery Protocols, IPv6) |
| **TOTAL** | **632** | ✅ **100%** | **Complete Framework (Paranoid mode)** |
@ -234,9 +234,9 @@ Clipchamp.Clipchamp, SpotifyAB.SpotifyMusic
## 🤖 Module 5: AntiAI (32 Policies)
**Description:** Disable 13 Windows AI features via 32 registry policies (v2.2.0)
**Description:** Disable 15 Windows AI features via 32 registry policies (v2.2.0)
### 13 AI Features Disabled:
### 15 AI Features Disabled:
| # | Feature | Policies | Description |
|---|---------|----------|-------------|
@ -250,9 +250,11 @@ Clipchamp.Clipchamp, SpotifyAB.SpotifyMusic
| 8 | **Notepad AI** | 1 | Write, Summarize, Rewrite features (GPT) |
| 9 | **Settings Agent** | 1 | AI-powered Settings search |
| 10 | **Recall Export Block** | 1 | Prevents export of Recall data |
| 11 | **Edge Copilot Sidebar** | 3 | EdgeSidebarEnabled, ShowHubsSidebar, HubsSidebarEnabled |
| 12 | **Edge Copilot Context** | 2 | CopilotPageContext, CopilotCDPPageContext |
| 13 | **File Explorer AI Actions** | 1 | HideAIActionsMenu in Explorer context menu |
| 11 | **Copilot URI Handlers** | 1 | Blocks ms-copilot:// and ms-chat:// URI schemes |
| 12 | **Edge Copilot Sidebar** | 3 | EdgeSidebarEnabled, ShowHubsSidebar, HubsSidebarEnabled |
| 13 | **Region Policy Override** | 1 | Prevents region bypass for AI features |
| 14 | **Copilot Network Block** | 1 | Blocks Copilot endpoints via hosts file |
| 15 | **File Explorer AI Actions** | 1 | HideAIActionsMenu in Explorer context menu |
### Recall Enterprise Protection:
- **App Deny List:** Browser, Terminal, Password managers, RDP never captured

14
README.md
View file

@ -105,7 +105,7 @@
**🔒 Privacy Layer**
- DNS: Block telemetry, tracking, ads (DoH)
- Telemetry: 3 modes (MSRecommended/Strict/Paranoid)
- AntiAI: 13 features disabled (Recall, Copilot, Paint AI, Notepad AI, Edge AI)
- AntiAI: 15 AI features disabled (Recall, Copilot, Paint AI, Notepad AI, Edge AI, etc.)
- Bloatware: 24 pre-installed apps removed
**🎯 The Result:** A hardened system that's both secure against attacks and private from surveillance.
@ -120,7 +120,7 @@
|:---:|:---:|:---:|:---:|
| **Microsoft Baseline 25H2** | **AI Lockdown** | **Professional Quality** | **100% Reversible** |
| 630+ Security Settings | No Recall / Copilot / AI | 100% Verification Coverage | BAVR Architecture |
| 19 ASR Rules (Block Mode) | Telemetry & Ads Blocked | Detailed Logging | Exact Pre-State Restore |
| 19 ASR Rules (17 Block + 2 Configurable) | Telemetry & Ads Blocked | Detailed Logging | Exact Pre-State Restore |
| Zero-Day CVE-2025-9491 | DNS-over-HTTPS (DoH) | Modular Design | Designed for Zero Data Loss |
| VBS & Credential Guard | Edge Browser Hardened | Open Source / Auditable | Safe for Production |
@ -197,18 +197,18 @@
**3 Operating Modes**
- **MSRecommended** (Default) MS-supported, max compatibility
- **Strict** Maximum privacy (AllowTelemetry=0 Enterprise/Education only, Force Deny breaks UCC apps)
- **Paranoid** Hardcore (not recommended)
- **Strict** Maximum privacy (AllowTelemetry=0 Ent/Edu only, Teams/Zoom work)
- **Paranoid** Hardcore (Force Deny ALL - BREAKS Teams/Zoom!)
**Features:**
- Telemetry minimized to Security-Essential level
- Bloatware removal (policy-based on 25H2+ Ent/Edu)
- OneDrive telemetry off (sync functional)
- App permissions default-deny
- App permissions configurable per mode
### 🤖 AI Lockdown (32 Policies)
**13 AI Features Disabled (incl. Master Switch)**
**15 AI Features Disabled (incl. Master Switch)**
- **Master Switch** Disables generative AI models system-wide
- **Windows Recall** Complete deactivation (component removal + protection)
- **Windows Copilot** System-wide disabled + hardware key remapped
@ -391,7 +391,7 @@ cd noid-privacy
| **ASR** | 19 | Attack Surface Reduction Rules | v2.2.0 |
| **DNS** | 5 | Secure DNS with DoH encryption | v2.2.0 |
| **Privacy** | 77 | Telemetry, Bloatware, OneDrive hardening (Strict) | v2.2.0 |
| **AntiAI** | 32 | AI lockdown (13 features, 32 compliance checks) | v2.2.0 |
| **AntiAI** | 32 | AI lockdown (15 features, 32 compliance checks) | v2.2.0 |
| **EdgeHardening** | 24 | Microsoft Edge security (24 policies) | v2.2.0 |
| **AdvancedSecurity** | 50 | Beyond MS Baseline (SRP, Legacy protocols, Wireless Display, Discovery Protocols, IPv6) | v2.2.0 |
| **TOTAL** | **632** | **Complete Framework (Paranoid mode)** | **Production** |