Ancile is a script-based Windows 7/8 telemetry-blocker
Increasing concern over Windows "spying" technologies has brought a host of free tools claiming to disable them, but are they safe to use? It’s often hard to tell, as developers don’t clearly explain what they’re doing.
Ancile is easier to evaluate, at least for experienced users, because it’s just a Windows script -- open the files in your text editor of choice and it’s all there.
The package is a fork of AEGIS with bug fixes, optimizations and some welcome new features. Here’s the developer’s list of what it does right now on Windows 7 and 8.x (it’s not for Windows 10).
- Disable ceip/gwx/skydrive(aka onedrive)/spynet/telemetry/wifisense
- Disable/hide Windows 10 download directory
- Uninstall/hide 47 Windows updates (list available on the site)
- Disable 31 scheduled tasks (optional components that phone home to Microsoft)
- Uninstall diagtrack
- Disable remote registry
- Block 163 Microsoft-related hosts (248 ip’s)
- Change Windows update settings to check/notify but do not download/install.
Making this happen is very easy -- just unzip the download, find and run Ancile.cmd -- but life gets much more interesting when you start browsing the various scripts to see how they work.
This might start by modifying Ancile’s operation. Here’s a few lines from Ancile.cmd.
:SCRIPTS
@REM Take ownership of registry keys
CALL "%SCRIPTDIR%\registry\regown.cmd"
@REM Disable unwanted services
CALL "%SCRIPTDIR%\disableservices.cmd"
@REM Disable automated delivery of internet explorer
CALL "%SCRIPTDIR%\inetexplore\disableie.cmd"
@REM Block malicious hosts
CALL "%SCRIPTDIR%\hosts\blockhosts.cmd"
The first "Take ownership of Registry keys" script has to be left alone for everything else to work, but otherwise it’s easy to strip out functions you don’t need.
If you don’t want Ancile to update your HOSTS file, for instance, either delete the final CALL "%SCRIPTDIR%\hosts\blockhosts.cmd" line, or add an @ as the first character (@CALL… treats it as a comment, like the preceding line).
If that’s too drastic, take a look at the individual script. Blockhosts.cmd blocks the hosts contained in two plain text files, hostsdns.txt and hostsip.txt. Remove some the domains from the list, or add a few others and Ancile will block those instead.
Ancile also has some useful tricks which you can employ in your own scripts. Here’s how to check whether you’re running as an administrator.
@REM Make sure we’re running as an administrator
net session >nul 2>&1
IF %ERRORLEVEL% NEQ 0 ECHO This script requires Administrative privileges. Exiting. & PAUSE & EXIT 1
Or maybe you’d like your scripts to optionally create a system restore point? Here’s what Ancile does.
:RESTOREPOINT
@REM Create a system restore point
wmic.exe /namespace:\\root\default path systemrestore call createrestorepoint "%APPNAME% v%VERSION%", 100, 12 >> %LOGFILE% 2>&1IF %ERRORLEVEL% equ 0 DO SET /A ANCERRLVL=ANCERRLVL+1 & GOTO RESTOREEND
SET yesno=N
SET /P yesno="Failed to create system restore point. Retry? (y/N): "
IF /I "%yesno:~,1%" equ "y" GOTO RESTOREPOINT
IF /I "%yesno:~,1%" equ "Y" GOTO RESTOREPOINT
You’ll need to tweak this a little -- "%APPNAME% v%VERSION%" should be replaced or set up with your own application name and version -- but it’s a good starting point, and there are plenty of other interesting ideas here to reuse.
Ancile is a script for use on Windows 7 and 8.x, but many of its ideas can be applied to other Windows versions.