As a Linux user forced into a temporary truce with Windows for gaming handheld compatibility, I refuse to run the OS in its “out of the box” state. I’ve put together a manual optimisation guide that skips the “one-click” de-bloat scripts and focuses on permanent Group Policy (gpedit) and system-level tweaks to make the OS semi-tolerable.

The Guide Covers:

Killing AI Spyware: Disabling the “Recall” background service, snapshot recording, and “Click to Do” screen scraping.

Telemetry Lockdown: Redirecting “Allow Diagnostic Data” to the Security level (0).

Start Menu Surgery: Decoupling search from Bing to keep local file searches actually local.

Performance recovery: Disabling Virtualization-Based Security (VBS) and background hypervisors for bare-metal gaming speed.

Edge/Widget Removal: Stopping background “loitering” and accidental UI stutters.

This is a reproducible, manual workflow for those who want a clean(er) environment without relying on third-party scripts.

  • onlooker@lemmy.ml
    link
    fedilink
    arrow-up
    18
    ·
    2 days ago

    Man, that’s a whole lot of homework just to access a Microsoft account. In addition, Windows has a nasty habit of rolling back changes every time there’s a major update (like upgrading from build 24H2 to 25H2), so the tweaks listed might not even stick.

    • TheIPW@lemmy.mlOP
      link
      fedilink
      arrow-up
      10
      ·
      2 days ago

      It is a fair bit of homework but for those of us who use Linux on a daily basis, we’d rather do the legwork once to have a private, predictable system than deal with the out-of-the-box bloat.

      Regarding updates: that’s exactly why I focused on Group Policy tweaks rather than simple registry hacks or UI toggles. Policies are designed for enterprise environments where IT managers would be furious if an update reset their security configurations, so they tend to survive major build updates much better than standard settings, it’s not foolproof but it is the best way to stay ahead!

      • onlooker@lemmy.ml
        link
        fedilink
        arrow-up
        4
        ·
        2 days ago

        Well, you seem to have given this issue considerable thought. Here’s hoping it works out for you.

      • warmaster@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        2 days ago

        Well thought out. But if you’re open to advice, don’t spend any more money on Microsoft’s ecosystem.

  • marxismtomorrow@lemmy.today
    link
    fedilink
    arrow-up
    14
    ·
    2 days ago

    Just a reminder, more likely than not Linux can do everything you do on Windows. Statistically your weird internal corpo program that was made bespoke over a decade several decades ago can just be run on a locked down VM. Everything else needs WINE, at most.

    • Dave.@aussie.zone
      link
      fedilink
      arrow-up
      1
      ·
      2 days ago

      Statistically your weird internal corpo program that was made bespoke over a decade several decades ago …

      Won’t work at all because it lives on a shared drive that needs your windows login and your PC to be joined to the domain to reach it, and IT just said “lol no” to your request to join your home made windows VM to the domain.

      • ms.lane@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        22 hours ago

        IT said no

        Affected exactly zero people ever, just ask a manager higher than the service desk manager. Then suddenly whomever said no will be doing the work with a fake smile of their face.