Additional telemetry blocking

[jddcef]

Hi,

Should the script not disable some of these telemetry items?:

V-220826

The Application Compatibility Program Inventory must be prevented from collecting data and sending the information to Microsoft
https://stigviewer.com/stig/windows_10/2021-03-10/finding/V-220826

echo | set /p=Disable Windows Customer Experience Improvement Program 
reg add "HKLM\SOFTWARE\Policies\Microsoft\SQMClient\Windows" /v "CEIPEnable" /t REG_DWORD /d 0 /f > nul
reg add "HKLM\SOFTWARE\Policies\Microsoft\SQMClient" /v "CorporateSQMURL" /t REG_SZ /d "0.0.0.0" /f > nul
echo [OK]

echo | set /p=Disable Application Telemetry 
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppCompat" /v "AITEnable" /t REG_DWORD /d 0 /f > nul
echo [OK]

echo | set /p=Disable Inventory Collector 
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppCompat" /v "DisableInventory" /t REG_DWORD /d 1 /f > nul
echo [OK]

echo | set /p=Disable Steps Recorder 
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppCompat" /v "DisableUAR" /t REG_DWORD /d 1 /f > nul
echo [OK]

Or the one's from this issue that seems to be acknowledged but never implemented?

Originally posted by @tumpio in #4 (comment)

Some projects that do similar:

https://github.com/madbomb122/Win10Script/blob/84a604db3e2d8e1b80a1fa19eed80755e54e7ce5/Win10-Menu.ps1#L1663

https://github.com/undergroundwires/privacy.sexy

Thanks for the awesome script by the way.

[aelfwine88]

Why would I want to disable Steps Recorder?
Also from #4 there is a few lines that are actually nothing to do with telemetry, like PreventDeviceMetadataFromNetwork or DontOfferThroughWUAU.

[jddcef]

Why would I want to disable Steps Recorder?
Privacy and less vectors and all that sort of thing. https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-microsoft-windows-10-version-1909-workstations

OK, it just feels like there's more bloat that can be chopped

[aelfwine88]

"Steps Recorder (called Problems Steps Recorder in Windows 7), is a program that helps you troubleshoot a problem on your device by recording the exact steps you took when the problem occurred. You can then send this record to a support professional to help them diagnose the problem."

Afaik it is a program that runs only manually when the user specifically runs it to record and collect data, then pack it up and the user can send it to someone to analyze.

So I ask it again: why someone would want to disable Steps Recorder completely?
Without any proper explanation it is like disabling msinfo32.exe since it can display and export private information from the system.