Main Area and Open Discussion > General Software Discussion
Windows 10 Privacy Concerns
4wd:
* The Windows Update Powershell Module installed.-4wd (September 01, 2015, 01:14 AM)
--- End quote ---
Do you think the terms of the Module mentioned above would allow bundling?-ewemoa (September 21, 2015, 08:14 AM)
--- End quote ---
Since the Windows Update Powershell Module doesn't include a specific license agreement that I can find, I guess this part of the TechNet terms of use comes into effect:
CONTENT
All Content is the copyrighted work of Microsoft or its suppliers. Use of the Content is governed by the terms of the license agreement, if any, that accompanies or is included with the Content.
If any Content is made available to you on this web site without a license agreement, then you may make a reasonable number of copies of the Content for your internal use in designing, developing, and testing your software, products and services. You must preserve the below copyright notice in all copies of the Content and ensure that both the copyright notice and this permission notice appear in those copies.
Accredited educational institutions, such as K-12 schools, universities, private or public colleges, and state community colleges, may download and reproduce Content for distribution in the classroom for educational purposes. Publication or distribution outside the classroom requires express written permission.
Except as provided above in this section, no portion of the web site may be copied, imitated, published, transmitted, broadcast or distributed, in whole or in part.
--- End quote ---
Followed by the Copyright section at the end:
2. Grant of Rights
(A) Copyright Grant - Subject to the terms of this license, including the license conditions and limitations in section 3, each contributor grants you a non-exclusive, worldwide, royalty-free copyright license to reproduce its contribution, prepare derivative works of its contribution, and distribute its contribution or any derivative works that you create.
(B) Patent Grant - Subject to the terms of this license, including the license conditions and limitations in section 3, each contributor grants you a non-exclusive, worldwide, royalty-free license under its licensed patents to make, have made, use, sell, offer for sale, import, and/or otherwise dispose of its contribution in the software or derivative works of the contribution in the software.
3. Conditions and Limitations
(A) No Trademark License- This license does not grant you rights to use any contributors’ name, logo, or trademarks.
(B) If you bring a patent claim against any contributor over patents that you claim are infringed by the software, your patent license from such contributor to the software ends automatically.
(C) If you distribute any portion of the software, you must retain all copyright, patent, trademark, and attribution notices that are present in the software.
(D) If you distribute any portion of the software in source code form, you may do so only under this license by including a complete copy of this license with your distribution. If you distribute any portion of the software in compiled or object code form, you may only do so under a license that complies with this license.
(E) The software is licensed “as-is.” You bear the risk of using it. The contributors give no express warranties, guarantees or conditions. You may have additional consumer rights under your local laws which this license cannot change. To the extent permitted under your local laws, the contributors exclude the implied warranties of merchantability, fitness for a particular purpose and non-infringement.
(F) Platform Limitation - The licenses granted in sections 2(A) and 2(B) extend only to the software or derivative works that you create that run on a Microsoft Windows operating system product.
--- End quote ---
Naturally, IANAL so it might pay to ask the original contributor for clarification - it can't hurt.
ewemoa:
Thanks -- I'd started looking at the license terms but didn't allocate the energy to continue far :)
I was contemplating the idea of making your script "installable" via Scoop and was wondering what to do about the module it depends on. I guess there may be an option to make the module "installable" by Scoop too and create a dependency for it...
4wd:
I was contemplating the idea of making your script "installable" ...-ewemoa (September 22, 2015, 05:37 AM)
--- End quote ---
Still playing around with the next version, kind of got side-tracked (Real Life ... who needs it) I'll try and get it done in the next day or two.
The following requires:
* An elevated Powershell console (it will immediately exit if the console isn't elevated);
* The Windows Update Powershell Module installed.
* Minimum Powershell version required should be v2+ since that's what WUPM requires, (I'm not sure if there's any specific cmdlets that require a later version).
* Some knowledge of Powershell ExecutionPolicy so I'm not answering questions :)
PoSh-Update.ps1
--- Code: PowerShell ---<#.SYNOPSIS Performs Windows updates with removal of unwanted installed and pending updates..DESCRIPTION Reads a list of unwanted KB numbers from PoSh-Update.ini and uninstalls them from the system and hides them in pending updates. Optionally installs any other pending updates..REQUIREMENTS Powershell v2+ Windows Update Powershell Module (https://gallery.technet.microsoft.com/scriptcenter/2d191bcd-3308-4edd-9de2-88dff796b0bc) Elevated Powershell console.INSTALLATION Extract files to a folder, PoSh-Update.ini is to reside in the same folder as PoSh-Update.ps1 See included PoSh-Update.ini for format. .PARAMETER <paramName> None.EXAMPLE C:\PoSh-Update> powershell.exe -noprofile -executionpolicy bypass -File ".\PoSh-Update.ps1"#> #Requires -runasadministrator $ErrorActionPreference = 'silentlycontinue' # Prevent error messages screwing up my nice output$global:restart = $false # Flag for restart requirement on (un)install # Checks passed KB number against updates installed on system, attempts to uninstall if foundFunction Check-Installed { Param( [String]$KB ) if (!(Get-HotFix -Id $KB)) { Write-Host $KB": Not installed" -ForegroundColor yellow -NoNewline Return $false } else { Write-Host $KB": Found, attempting uninstall" -ForegroundColor red -BackgroundColor Black -NoNewline $command = "wusa.exe" $args = "/uninstall /quiet /norestart /kb:" + ($KB -replace "kb","") $proc = Start-Process $command -ArgumentList $args -Wait -PassThru switch ($proc.ExitCode) { 0 { Write-Host " Successful " -ForegroundColor Green -BackgroundColor Black } 3010 { Write-Host " Successful - restart required " -ForegroundColor Green -BackgroundColor Black; $global:restart = $true } default { Write-Host " Failed (Exit code:" $proc.ExitCode")" -ForegroundColor Red -BackgroundColor Black; Write-Host "See https://support.microsoft.com/en-us/kb/290158 for an explanation" } } Return $true }} # Function to search list of pending updates for occurance of passed KB number from# unwanted listFunction Check-Pending { Param( [string]$KB ) for ($i = 0; $i -lt $updCol.Count; $i++) { if ($updCol[$i].KB -imatch $KB) { Write-Host ", " -ForegroundColor Yellow -NoNewline Write-Host "found pending," -ForegroundColor Red -BackgroundColor Black -NoNewline# Try hiding the update Hide-Update $KB# Remove from Update collection regardless of result since we don't want it $global:updCol.Remove($updCol[$i]) # | Out-Null# Return TRUE if it was found Return $true } }# If it wasn't found then there's no reason to hide it Write-Host " or pending" -ForegroundColor Yellow Return $false} # Function to hide an update using KB numberFunction Hide-Update { Param( [string]$idKB ) $test = (Hide-WUUpdate -KBArticleID $idKB -Confirm:$false) if ($test.Status -match "H") { Write-Host " successfully hidden" -ForegroundColor Green } else { Write-Host " hiding unsuccessful " -ForegroundColor Red -BackgroundColor Gray }} Function Install-Updates {# Convert array of remaining KB IDs to string using Output Field Separator ($ofs)# then pass to Get-WUInstall $ofs = '","' $KBList = '"'+[string]$updCol.KB+'"' Get-WUInstall -KBArticleID $KBList -AcceptAll -IgnoreReboot -Verbose} # Read list of unwanted KBs into an object$uwList = Get-Content PoSh-Update.ini# Fetch list of available updates into an objectWrite-Host "Fetching list of pending updates from Microsoft servers ... please wait" -BackgroundColor Black$updates = Get-WUList -MicrosoftUpdate -IsNotHidden -NotCategory DriverWrite-Host $updates.Count "pending update(s)" -BackgroundColor Black $global:updCol = {$updates}.Invoke() # Copy object array to collection so we can remove items$init = $updCol.Count # Initial number of updates before cull # For each item in the Unwanted list, iterate through collection to check for installed/pending$uwList | foreach { if (!(Check-Installed $_)) { Check-Pending $_ | Out-Null }} # Results of cullWrite-Host ""Write-Host "PoSh-Update.ini contained a total of" $uwList.Count "update(s) to ignore." -BackgroundColor BlackWrite-Host "A total of" ($init - $updCol.Count) "update(s) removed from pending update list." -BackgroundColor BlackWrite-Host "There is/are" $updCol.Count "update(s) left to install." -BackgroundColor BlackWrite-Host "" # If a restart was indicated during uninstallation, indicate it otherwise offer to install# remaining updatesif ($restart) { Write-Host "A restart was indicated to complete uninstallation of one or more updates." -ForegroundColor Yellow -BackgroundColor Black Write-Host "Please do so before attempting installation of further updates." Write-Host "" Write-Host "You may re-run this script after a restart."} else { Write-Host "Preparing to install remaining updates:" $updCol | Format-Table KB, Status, Size, Title -AutoSize # Simple Yes/No requester $a = new-object -comobject wscript.shell $intAnswer = $a.popup("Continue with installation:", 0, "", 4) If ($intAnswer -ne 6) { Exit # No } else { Install-Updates }}
Execution:
Extract PoSh-Update.ps1 and PoSh-Update.ini to a folder.
Open an elevated Powershell console, change to the folder:
powershell -noprofile -executionpolicy bypass -File "PoSh-Update.ps1"
What it does:
Checks for the existence of certain KB hotfixes, (read from the file PoSh-Update.ini, one per line), if it finds one it will attempt to uninstall using WUSA, it will also mark the update as Hidden so it's not downloaded in the next auto-update.
NOTE: Checking and uninstalling updates takes a few minutes, don't be impatient.
Sample output:
Windows 10 Privacy Concerns
USUAL DISCLAIMER: It works for me.
ewemoa:
Sadly, the only reference I have handy at the moment is a rather dryly written college text book sitting on my bookshelf. I can tell you that all versions of Windows have "let's naively use the MAC address to create our IPv6 address!!" disabled by default...
-Innuendo (September 06, 2015, 01:59 PM)
--- End quote ---
Found the following:
Privacy extensions are enabled by default in Windows (since XP SP1), OS X (since 10.7), and iOS (since version 4.3). Some Linux distributions have enabled privacy extensions as well.
--- End quote ---
via: https://en.wikipedia.org/wiki/IPv6#Privacy
FWIW, was examining an Android device with Cyanogenmod 12.x on it, and for the one in question, the extensions didn't seem to be enabled as a portion of the mac address appeared to be easily readable off of the IPv6 address of a network interface.
Innuendo:
FWIW, was examining an Android device with Cyanogenmod 12.x on it, and for the one in question, the extensions didn't seem to be enabled as a portion of the mac address appeared to be easily readable off of the IPv6 address of a network interface.
-ewemoa (September 25, 2015, 11:57 PM)
--- End quote ---
I found an excellent Q&A on SuperUser here that goes into detail about how to turn on privacy extensions for nearly every desktop OS.
If anyone running Windows is curious to know if the privacy extensions are enabled on their PC, one can open a command prompt and type the following:
netsh interface ipv6 show privacy
--- End quote ---
As for mobile OSes, it's quite a bit more murky. I found an Android app on the Play Store called IPv6Configthat will show if your device is using privacy extensions and offer to enable them, but it requires root. Unfortunately, my ISP does not use IPv6 routing so I was unable to test it.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version