Windows 10 Security and Privacy, and How to Turn Off Windows Defender

Windows 10 Security and Maintenance Control Panel

Before we get into the exact mechanics for firewall management, how to activate and how to deactivate Windows Defender and other critical tasks, we'll have a look at the management center for all security functions in Windows 10. To get to the correct control panel, simply type in 'security and maintenance' in the Windows search bar and click on the 'Best Match' that comes up.

The Windows Security and Maintenance console provide status and links to firewall protection, virus protection, and User Account Control (UAC).

UAC is the popup that appears whenever a program tries to change the settings of Windows in some way. This might be when a program is installed, or a utility needs to tweak a system setting.

To change the default User Account Control settings, simply move the slider to select the right protection level. The four levels are:

Always Notify:

Notifies when programs try to install software or make changes to the computer.

Notifies when the user makes changes to Windows settings.

Freezes other tasks until priority alerts are dealt with.

Notify of Application Changes:

Notifies when programs try to install software or make changes to the computer.

Freezes other tasks until priority alerts are dealt with.

Notify of Application Changes (No Freeze or Dim):

Notifies when programs try to install software or make changes to the computer.

Never Notify (Disable UAC):

Turns off UAC entirely.

Unless there are severe problems with the system that will cause crashes or lag spikes on the security check, either of the top two settings for UAC is recommended.

The other option that can be reached via the Security and Maintenance interface is the Windows Security control panel.

The menu on the left side brings up most of the core security options for Windows 10.

Virus and Threat Protection is pretty straightforward, giving the user options to do an immediate virus scan, update the virus records, turn on Cloud virus protection, and change the options for when and how virus scans are carried out.

App and Browser Control is fairly simple. All Reputation-Based Protection should be turned on at all times. All Exploit Protection should be on at all times. Unless specific compatibility issues are occurring, sourced from a highly trusted application, there's no need to touch these settings.

Firewall and Network Protection is an on/off switch for various parts of the user's network. Unless there are specific reasons that the user's network topology doesn't allow or require the use of it, Windows Firewall should be turned on for all network segments.

Windows Defender Firewall

To get to the correct panel, simply type in 'defender' in the Windows search bar and click on the 'Best Match' that comes up.

The default notification settings for Windows Defender will alert the user when something is blocked for the first time. The behavior can be modified in the Change Notification Settings menu.

Usually, the Advanced Settings menu is only for those with some network administration knowledge. It allows for specific inbound and outbound traffic to be blocked based on port, packet type, application, profile, state, or group of origin. It can also be used to manually set up tunnels, proxies, and advanced routing options. The Windows 10 advanced Defender firewall guide can provide some tips on how to properly use these settings.

Before messing with any firewall settings, it is highly recommended that the user backs up the current ruleset. To do this:

● Type 'cmd' in the Windows Search bar.

● Right click on the 'Command Prompt' option.

● Select 'Run As Administrator' from the menu.

● Click 'Yes' at the security warning.

● Type the following on the command line: netsh advfirewall export "%userprofile%\Desktop\WindowsFirewallSettingsBackup.wfw"

● Press Enter.

A new file should appear on the user's desktop with the name: WindowsFirewallSettingsBackup.wfw unless another name was specified at the end of the command.

Back that file up to an encrypted USB stick or a secure network drive. It can be used to restore the old Windows Defender firewall settings if something goes horribly wrong.

Speaking of something going horribly wrong…

How to Disable Windows Defender

If the firewall rules ever become inexplicably restrictive, shutting off the Internet and perhaps even local network traffic, the user might want to know how to disable Windows Defender. The process is simple. But just a reminder: The user will need Windows Administrator privileges on the system in question.

First, get to the Defender control panel by typing in 'defender' in the Windows search bar and clicking on the 'Best Match' that comes up. Then click on Turn Windows Defender Firewall On or Off.

For each part of the network that needs to be accessed, click on the option that says Turn Off Windows Defender Firewall (not recommended). Then click 'OK'.

Make the appropriate network changes as needed, including possibly restoring the backed-up firewall settings mentioned in the last section. As soon as the sane operation has been restored, come back to the same location and turn the firewalls back on.

If this is a permanent change (because a third-party software or hardware firewall is being used instead of the Windows Defender firewall for example), it is suggested that the settings be backed up both before and after the changes are made, with new descriptive names for the backup configuration file each time. Once those configurations are stored in a safe, encrypted place, continue with the setup of the alternative firewall solution.

Now that we've covered how to deactivate Windows Defender, let's move on to matters of privacy.

Windows 10 Privacy Settings

The privacy settings in Windows 10 are not secure by default. Most of them apply only to the local system, network communication between the system and Microsoft, or settings in the Edge browser.

Go to the Privacy control panel by typing in 'privacy' in the Windows search bar and click on the 'Best Match' that comes up.

Unless absolutely required, it is suggested that all of the general options be turned off. More detailed information on the impact of these settings can be found on the Microsoft Privacy Dashboard online.

The Speech section only has one option. If the user is not using speech recognition, this setting should always be turned off. If the online enhancement isn't required, then this setting should be turned off.

Similarly, the Typewriting and Inking section has only one option. It is suggested that this feature be turned off.

For Diagnostics and Feedback, unless there is a strong reason to share such things with Microsoft, it is suggested that this setting be set to Required Diagnostic Data only.

Finally, for Activity History, uncheck the box that says 'Send My Activity History to Microsoft'.

The default settings for all of these privacy options are far too permissive, and more in Microsoft's interest than the user's. Take the time to go through these settings in order to increase user privacy and reduce network chatter.

Something else to note: Cortana has already been severely limited in the EU. But elsewhere in the world, it's functioning the same as it ever was. Use the Search Bar and type 'Cortana', then select the 'Best Match' that comes up. Go into the Cortana settings and restrict the kind of information flowing back to Microsoft. In Cortana, Settings, Privacy, there are Calendar integration options that the user can turn off unless they need that functionality. Under Talking to Cortana, change the input type to a key combination unless absolutely necessary.

Finally, users should be aware that there is a separate privacy setting for location tracking. Use the Search Bar and type 'location', then select the 'Best Match' that comes up. Go through the various application settings and only activate geolocation capabilities for the apps that absolutely need it.

Gaps in the Protection Provided by Windows 10

Other than the settings already mentioned that are 'On' by default and may pose a privacy risk, there are certain safeguards that are simply missing from the operating system.

Fingerprinting, or the ability to track who a user is even without the user of third-party cookies, is possible on every browser other than Brave and Tor. Windows itself has done nothing to obfuscate the detection of hardware and driver parameters, nor do they give an option to do so. They have a certain subset of features that can bar the passthrough of privacy information to apps, but there's no toggle on a per-app basis, and there's no blanket setting to bar that kind of system polling.

The main ways third-parties 'look' at hardware to develop a unique fingerprint for each user are:

Hardware Properties: Screen size, screen orientation, OS version, aspect ratio, and other vital hardware statistics are freely passed from Windows to the browser, and then from the browser to the third party.

HTML 5 Canvas: By accessing the WebGL functions, a third party can make the browser draw a brief, invisible image. From this third parties can get the GPU type, driver, and card manufacturer.

Audio Benchmarking: By issuing a brief sound inaudible to the human ear, the third-party script can determine things about the audio driver and firmware to further drive the browser fingerprint towards a unique combination of elements.

There are some anti-fingerprinting plugins for the major browsers, but they don't go far enough either. Forget about learning how to turn off Windows Defender… these days a user needs to know how to prevent massive advertising agencies from knowing every detail about their lives.

Using Hoody to Close the Gaps

Some say that these doors have been left open intentionally so that applications and scripts can better adapt to a user's hardware and software capabilities. But Apple's Tim Cook said it best:

“If you put a key under the mat for the cops, a burglar can find it, too. Criminals are using every technology tool at their disposal to hack into people's accounts. If they know there's a key hidden somewhere, they won't stop until they find it.”

Wise words that apply equally to backdoors in software and to exposing a user's private information.

Browser fingerprinting will be the main way that third-party advertisers and phishing scams get a hold of personal information starting in 2022 when Chrome joins the other browsers in banning third-party cookies. When that time comes, users will need a utility that is up to the task of scrambling their browser fingerprint without ruining their online experience.

Hoody can do that. When users activate Hoody, they can generate and send random browser information and system data to third parties who continue to invade peoples' personal lives.

Because Windows 10 doesn't have all of the options required to limit passthrough data about its hardware, firmware, drivers, and installed components, a separate app is required. Hoody certainly fits the bit.

In Conclusion

Windows 10 was made in the era of third-party cookies, and perhaps the team at Microsoft hasn't reacted as quickly as they should to the times. Or perhaps they feel that passing fingerprint information to browsers and apps is simply a function of the OS, and limiting its use should be the responsibility of the developers who create the software.

In either case, after tuning Windows' built-in privacy and security settings, a user is still not fully covered. It's vital that they seek out the right privacy software to seal the gaps in Windows 10's armor.