Closed wzball closed 1 year ago
Message that will be displayed on users' first issue
My issue pertains to being able to use the MS Store - post implementation of the script.
I receive a 'Try that again', 'Page could not be loaded. Please try again later." message with error Code: 0x80131500.
Thanks for your work.
While I've ran the script and understood the constraints - there doesn't seem like an 'optional' area where the public can opt-in/opt-out to service breaking changes.
We appreciate your concerns. We've made this script as configurable as we can reasonably manage.
This is why you can opt in and out to categories of configurations as a whole. https://github.com/simeononsecurity/Windows-Optimize-Harden-Debloat#manual-install
However this script makes tens of thousands of changes. It would be impractical to do keep track of states of the configurations from both sides.
While I think running this script is imperative to privacy - there doesn't seem to be documentation relating to 'caveats' where one can run the script and then later re-enable the services they want.
This is very much untrue. We've documented some of the issues that users have run into and how to resolve them in the readme by linking to the issues in which they were resolved or by warning people of certain unsupported configurations.
https://github.com/simeononsecurity/Windows-Optimize-Harden-Debloat#additions-notable-changes-and-bugfixes https://github.com/simeononsecurity/Windows-Optimize-Harden-Debloat#notes-warnings-and-considerations
It should be said, that privacy and security come with compromises. We strive to break as few things as possible. However there are some things that can not exist and still have privacy or security.
I would suggest that the ordinary home user not use this script - as there doesn't seem to be options available to them to opt-out, not repair or fix what this script implements.
Generally speaking yes, home users shouldn't use this. For these configurations to work as expected, you need to be running Enterprise or at least Professional versions of windows. Home edition will be missing the majority of the configurations. Most "at home" users will be running Windows Home or "N" editions, which aren't supported. Additionally, anyone running this script needs to be capable of reading the readme, able to test the script on a system that isn't their primary, and capable of basic troubleshooting if they do run into issues.
Additionally, we should repeat:
This is why you can opt in and out to categories of configurations as a whole. https://github.com/simeononsecurity/Windows-Optimize-Harden-Debloat#manual-install
There tends to be issues relating to thing like using chocolatey or MS store, that this repository doesn't explain clearly how to revert nor give the option to opt-out of. I would think these be covered in the readme.md.
The issues with the MS store Chocolatey are documented in their respective issues. https://github.com/simeononsecurity/Windows-Optimize-Harden-Debloat#additions-notable-changes-and-bugfixes
In light of that - I hope others read this and don't use the script. This isn't designed for personal use - intent seems to be more corporate or business oriented. While I understand it is covering the standards - it doesn't help those trying for better privacy with options. Looks like this is one way or the high-way.
While I appreciate your concerns, we disagree. We do implement a lot of corporate and business security configurations, but we have scripts specifically tailored to that demographic. We agree that this script isn't for everyone. Again, Privacy and Security come with compromises. At a bare minimum we expect you to read the readme and be capable of testing this script before running it on your primary machine. If you can't do that, we can't say that your our intended demographic with this script.
Lastly, we should note that hardening is usually the cause of most peoples issues. We also maintain a separate version which only contains the debloat and privacy configurations, no hardening. https://github.com/simeononsecurity/Windows-Optimize-Debloat
Thanks for your work.
While I've ran the script and understood the constraints - there doesn't seem like an 'optional' area where the public can opt-in/opt-out to service breaking changes.
While I think running this script is imperative to privacy - there doesn't seem to be documentation relating to 'caveats' where one can run the script and then later re-enable the services they want.
I would suggest that the ordinary home user not use this script - as there doesn't seem to be options available to them to opt-out, not repair or fix what this script implements.
There tends to be issues relating to thing like using chocolatey or MS store, that this repository doesn't explain clearly how to revert nor give the option to opt-out of. I would think these be covered in the readme.md.
In light of that - I hope others read this and don't use the script. This isn't designed for personal use - intent seems to be more corporate or business oriented. While I understand it is covering the standards - it doesn't help those trying for better privacy with options. Looks like this is one way or the high-way.