Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Question

How to optimally secure a Windows-based PC.

Apr 7, 2017 11:21AM PDT

Hi all,

Trying to optimally secure a Windows-based PC for maximum online privacy and anonymity. The effective aim being to be able to use the internet without any automated programs being able to see my IP address, location, content downloaded/streamed or any other such form of leaving online traces.

HINT: Don't provide me with reasons why this can't be done or is impossible. That is unconstructive vis-a-vis the topic of the thread.

Discussion is locked

- Collapse -
Clarification Request
Hide my IP. Free today.
Apr 7, 2017 2:37PM PDT
- Collapse -
Answer
One of the easiest is using two routers
Apr 7, 2017 11:39AM PDT

one takes in the WAN, the second plugs to LAN port on first router, and computer is plugged to second computer LAN port. The second router must use different IP address range than the first, but the interesting thing you can do is give it an outside IP, since it's behind your first router. Such as set it to use Microsoft or some other IP address range instead of the normal 10.0.0.0 or 192.168.1.1 types. To tunnel to you, would require getting past two NAT protections also.

- Collapse -
Bakkadit.
Apr 7, 2017 1:39PM PDT

Any ideas beyond Tails and VPNs?

Kinda like to keep my privacy.

Otherwise they should just rename Windows something like 'Personal Hollywood Scandal Unit That You Have to Pay to Use'.

I must be doing something wrong or getting targeted by those who ARE doing something wrong.

- Collapse -
If you feel that way about windows....
Apr 8, 2017 9:17AM PDT

....then do like I did and switch to Linux.

- Collapse -
Answer
You have asked
Apr 7, 2017 11:41AM PDT
- Collapse -
Go deeper?
Apr 7, 2017 12:14PM PDT
@"You have asked"
Do I need to go deeper?

Always. Happy

@ The thread and all respondents:
I've tried VPNs but gradually became suspicious the VPN providers were not adhering to their stated privacy policy. I also found it possible that their encrypted traffic was attracting the attention of encryption-cracking enthusiasts.

That said, VPNs did seem to help a lot. Obscured my activities from a very large chunk of those who might monitor internet traffic in an automated capacity. Those that see encrypted data crossing their network as a challenge, however, remain an issue. I guess if I could identify them I'd request some routing alteration advice so as not to step on their proverbial toes.
- Collapse -
Maybe the free VPN's
Apr 7, 2017 1:10PM PDT

don't adhere to the stated privacy.
There are VPN's out there that you can pay for that make no logs , track you , or anything . Have you looked into them ?

- Collapse -
Answer
For this
Apr 7, 2017 11:47AM PDT

It won't matter which OS since if this os for the internet, you use a VPN. Let's keep it simple. You VPN and don't use any email or email login system.

There are now hundreds of VPNs to shield you but due to country specific entities you have to ask the VPN provider if they will give you up if your country asks for details.

-> Again, it's not a Windows or OS issue here.

- Collapse -
Windows problem:
Apr 7, 2017 12:16PM PDT

I think Windows has certain features which aren't particularly needed to the average user, but which increase the amount of data made public to the internet. Advice on what could constitute a privacy leak (such as Windows making public the exact drivers and model numbers of all attached hardware devices, as the simplest of examples...) and how to disable such liabilities, would be welcome.

- Collapse -
Example please.
Apr 7, 2017 12:35PM PDT

I've yet to find Windows making hardware devices available. This is news to me so you need to share an example.

- Collapse -
Sidetracked.
Apr 7, 2017 12:39PM PDT

Perhaps it doesn't. Maybe I just have someone picking my door lock at night when I'm sleeping or out.

Windows keeps a list of all hardware devices in various text or code files throughout the OS. A compromised SAM file, password or effective hack attempt can easily download a list of hardware devices and then exploit vulnerabilities/driver backdoors very quickly.

- Collapse -
What about "Tails OS."
Apr 7, 2017 1:20PM PDT
- Collapse -
Not bad.
Apr 7, 2017 1:23PM PDT

And something I use and have handy. The OP wants to secure Windows to the point of well, I'm not sure yet. They seem to be thinking there's something broken security wise.

To me, it's just a personal computer OS. Mind you I know what that is. Many do not.

- Collapse -
True Bob.
Apr 7, 2017 1:35PM PDT

You can lock it down all you like and that leaves the weakest link. The user.
Dafydd.

- Collapse -
Well , they must be hacking Linux too
Apr 7, 2017 1:55PM PDT

in one of Arianax's prior posts he/she said...

@ Kees_B
by Arianax / July 3, 2013 6:56 AM PDT
In reply to: Re: security

I already tried the Linux trick. They're onto that now.

I'd much rather identify the intrusion source and establish culpability.

Failing that, at least get a safe install of windows where I can detect further intrusion attempts. I'd much prefer to be able to trust my computer rather than have criminals exploiting my enjoyment of my time.

- Collapse -
Let's just say...
Apr 7, 2017 2:02PM PDT

we got it all locked down. Where do you buy a quality tinfoil hat these days?
Dafydd.

- Collapse -
Let's go with that.
Apr 7, 2017 1:21PM PDT

Wouldn't this mean Windows has a very limited life span? I mean, if true any day ................................................................... all gone.

- Collapse -
Just call me Windows
Apr 7, 2017 2:33PM PDT

I'm gone too ..........................................