diff --git a/CHANGELOG.md b/CHANGELOG.md index 3cdcbee..51c65d5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -157,7 +157,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - ConfigMgr detection for compatibility **DNS** (5 checks) - Secure DNS with DoH encryption -- 3 providers: Cloudflare (default), Quad9, AdGuard +- 3 providers: Quad9 (default), Cloudflare, AdGuard - REQUIRE mode (no unencrypted fallback) or ALLOW mode (VPN-friendly) - IPv4 + IPv6 dual-stack support - DNSSEC validation diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 31e7763..3493e9b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -622,6 +622,7 @@ Invoke-YourModule -WhatIf # Dry run # Alternative: Einfacher Runner fΓΌr alle Tests .\Tests\Run-AllTests.ps1 +``` ### Manual Testing Checklist diff --git a/Docs/FEATURES.md b/Docs/FEATURES.md index 9b10b80..1ca4214 100644 --- a/Docs/FEATURES.md +++ b/Docs/FEATURES.md @@ -3,7 +3,7 @@ **Framework Version:** v2.2.0 **Total Security Settings:** 632 (Paranoid mode) **Modules:** 7 (All Production-Ready) -**Last Updated:** December 7, 2025 +**Last Updated:** December 8, 2025 --- @@ -738,5 +738,5 @@ Framework Completion: πŸŽ‰ 100% COMPLETE --- -**Last Updated:** December 7, 2025 +**Last Updated:** December 8, 2025 **Framework Version:** v2.2.0 diff --git a/Docs/SECURITY-ANALYSIS.md b/Docs/SECURITY-ANALYSIS.md index 74e093f..256b777 100644 --- a/Docs/SECURITY-ANALYSIS.md +++ b/Docs/SECURITY-ANALYSIS.md @@ -102,4 +102,4 @@ If an app fails to launch: --- **Conclusion:** -NoID Privacy transforms a "leaky" Home edition into an "Enterprise Fortress" for everyday use, ohne die FΓ€higkeit zu verlieren, Spiele zu spielen oder normal zu surfen. Die wenigen Reibungspunkte (USB, Makros, alte Protokolle) sind bewusst gesetzte Sicherheitstore. +NoID Privacy transforms a "leaky" Home edition into an "Enterprise Fortress" for everyday use, without losing the ability to play games or browse normally. The few friction points (USB, macros, legacy protocols) are intentionally placed security gates. diff --git a/README.md b/README.md index 4bbd0f4..8d6d871 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,7 @@ - Critical errors **Backup Tools:** -- Windows Backup (Settings System Storage Backup) +- Windows Backup (Settings β†’ System β†’ Storage β†’ Backup) - System Image (wbadmin, Macrium Reflect, Acronis) - Hyper-V/VMware: Checkpoint/Snapshot @@ -124,7 +124,7 @@ | Zero-Day CVE-2025-9491 | DNS-over-HTTPS (DoH) | Modular Design | Designed for Zero Data Loss | | VBS & Credential Guard | Edge Browser Hardened | Open Source / Auditable | Safe for Production | -** [3-Minute Quick Start](#-quick-start)** **[Full Feature List](Docs/FEATURES.md)** +πŸ‘‰ [3-Minute Quick Start](#-quick-start) β€’ πŸ“– [Full Feature List](Docs/FEATURES.md) @@ -140,10 +140,10 @@ | **BAVR Pattern** | **Backup β†’ Apply β†’ Verify β†’ Restore (all modules)** | Audit + HailMary apply + partial restore | System Restore point (no verify) | System Restore + profile export | | **Verification** | **630+ automated compliance checks** | Audit mode with severity scoring | No compliance scan | No compliance scan | | **Dependencies** | **Zero (runs on stock PS 5.1/7+)** | PowerShell only | winget/chocolatey required | Portable EXE (closed-source) | -| **AI Lockdown** | **32 policies (Copilot+/Recall/24H2)** | No dedicated AI profile | Individual AI tweaks | Multiple AI/Copilot toggles | +| **AI Lockdown** | **32 policies (Copilot+/Recall/25H2)** | No dedicated AI profile | Individual AI tweaks | Multiple AI/Copilot toggles | -** BAVR = Backup-Apply-Verify-Restore** (Every change is reversible) -** Air-Gapped Ready** No LGPO.exe, no DLLs, no external downloads +πŸ”„ **BAVR** = Backup-Apply-Verify-Restore (Every change is reversible) +✈️ **Air-Gapped Ready** β€” No LGPO.exe, no DLLs, no external downloads --- @@ -291,7 +291,7 @@ ### ⚑ One-Liner Install (Recommended) **Step 1:** Open PowerShell as Administrator -- Press `Win + X` Click **"Terminal (Admin)"** +- Press `Win + X` β†’ Click **"Terminal (Admin)"** **Step 2:** Run installer @@ -336,7 +336,7 @@ cd noid-privacy # Follow prompts: # 1. Select modules (all or custom) # 2. Choose settings (DNS provider, Privacy mode, etc.) -# 3. Automatic backup apply verify +# 3. Automatic backup β†’ apply β†’ verify # 4. Reboot prompt ``` @@ -398,16 +398,16 @@ cd noid-privacy **Release Highlights:** - **v2.2.0:** 100% verification coverage (all 630+ settings verified) - **v2.2.0:** Improved Advanced Security module with SRP .lnk protection - **v2.2.0:** Enhanced RDP hardening with TLS + NLA enforced - **v2.2.0:** Legacy protocol blocking (SMBv1, NetBIOS, LLMNR, WPAD, PowerShell v2) - **v2.2.0:** TLS hardening (1.0/1.1 OFF, 1.2/1.3 ON) - **v2.2.0:** Windows Update interactive configuration - **v2.2.0:** Finger Protocol blocked (ClickFix malware protection) - **v2.2.0:** Enhanced Registry Backup (Smart JSON-Fallback for protected system keys) +- **v2.2.0:** 100% verification coverage (all 630+ settings verified) +- **v2.2.0:** Improved Advanced Security module with SRP .lnk protection +- **v2.2.0:** Enhanced RDP hardening with TLS + NLA enforced +- **v2.2.0:** Legacy protocol blocking (SMBv1, NetBIOS, LLMNR, WPAD, PowerShell v2) +- **v2.2.0:** TLS hardening (1.0/1.1 OFF, 1.2/1.3 ON) +- **v2.2.0:** Windows Update interactive configuration +- **v2.2.0:** Finger Protocol blocked (ClickFix malware protection) +- **v2.2.0:** Enhanced Registry Backup (Smart JSON-Fallback for protected system keys) -** [Detailed Module Documentation](Docs/FEATURES.md)** +πŸ“– [Detailed Module Documentation](Docs/FEATURES.md) --- @@ -650,7 +650,7 @@ Edit: Modules/ASR/Config/ASR-Rules.json **Solution:** Temporarily set the rule to AUDIT mode (warns only, doesn't block) **Step 1: Disable Tamper Protection** (GUI method - easiest) -1. Press `Win` key Type "Windows Security" Enter +1. Press `Win` key β†’ Type "Windows Security" β†’ Enter 2. Go to: **Virus & threat protection** 3. Click: **Manage settings** 4. Scroll down to: **Tamper Protection** Toggle **OFF** @@ -848,7 +848,7 @@ The authors are not responsible for any damage or data loss. ## πŸ“ˆ Project Status **Current Version:** 2.2.0 -**Last Updated:** December 5, 2025 +**Last Updated:** December 8, 2025 **Status:** Production-Ready ### Release Highlights v2.2.0 @@ -860,7 +860,7 @@ The authors are not responsible for any damage or data loss. - Pre-Framework ASR snapshot - Smart Registry Backup with JSON fallback -** [See Full Changelog](CHANGELOG.md)** +πŸ“‹ [See Full Changelog](CHANGELOG.md) --- diff --git a/SECURITY.md b/SECURITY.md index 59d27ab..a06c97d 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -174,5 +174,5 @@ For licensing questions, see [LICENSE](LICENSE) or open a [Discussion](https://g --- -**Last Updated**: December 5, 2025 +**Last Updated**: December 8, 2025 **Policy Version**: 1.1 diff --git a/assets/framework-architecture.png b/assets/framework-architecture.png index d641e0b..22f15bb 100644 Binary files a/assets/framework-architecture.png and b/assets/framework-architecture.png differ