Stop Windows Spying with one click Firewall
Вставка
- Опубліковано 23 лис 2023
- Windows 11 has several telemetry features that spy on you and shares data with 3rd party sites like scorecardresearch to study internet trends and behavior. In this video we look at Portmaster, a free firewall and privacy tool that can block spying trackers system wide. Get Crowdsec Intrusion Prevention Community Edition (free): www.crowdsec.net/?mtm_campaig... (sponsor)
Buy the best antivirus: thepcsecuritychannel.com/best...
Join the discussion on Discord: discord.tpsc.tech/
Get your business endpoints tested by us: tpsc.tech/
Contact us for business: thepcsecuritychannel.com/contact - Наука та технологія
Someone should write a software that just send random wierd data to those sites microsoft sends data to.
An interesting idea xD
Actually, that's a great idea
The only thing worse to these malicous spyware companies than not getting your data is getting all of their data junked because they don't know what is and isn't real
That's a very stupid way to get yourself prosecuted under the CFAA. Funny though.
@@ShaferHart Fuck em, worth it. lol. Have a few billion people do it at the same time. lol
There was a chrome extension which was sending random search queries to google.
Windows ignores the hosts file for certain domains related to Windows Update and Windows Defender. It's done in order to prevent malware from abusing the hosts file in order to prevent Windows from being updated.
the malware is preventing other malware from saving you
terrifying.
Thank you for this. I've been playing the same game for four years. My ping was always at 44ms. With Portmaster my ping dropped from 44 to 40-39ms. That is a nice improvement!
My concern is with any 3rd party apps is that they sometimes inadvertently block services that are required by your apps to work properly. And then comes time for long debug processes and it eventually turns out that the 3rd party app you installed was causing the problem all along.
That's another thing I like about Portmaster. It's more transparent and helpful in narrowing down what causes the problem to streamline the debugging and troubleshooting process. Or at least finding out why it's blocking something an app needs on that one machine.
I've been using portmaster for over a year now and would never use any windows computer without it ever again.
It cannot be more easy to have privacy for free.
If a program doesn't work you unblock it, it's that simple. The only exception here are vpn's, you have to unblock multiple exe's for them to work but that's not difficult either, it will all show up in the portmaster.
Any decent software vendor should tell you in their documentation what ports are needed for their app to work.
it made my pc slower, so i uninstalled it...
True. Comdo firewall
I love plug-ins that provide these type of services but always recommend a dedicated hardware firewall which protects the whole network. I use the Firewalla Gold which is extremely easy to set up and manage but of course there are others as well.
I have a Synology router which has a great way to create filters to block these web sites. It would be really nice to just have a list of the spy web sites to add to these filter without having to introduce yet another app or service. Great video and very much appreciated.
Doesn't it have scripting capabilities? I don't play in the consumer stuff so I don't know... but it seems like you should be able to pull a black list from your source of choice.
@@ShainAndrews Thanks Shain, I never thought or even knew about that.
@@DavidM2002 That's the core of the magic sauce. Manufactures curate their own "proprietary" black lists. There are quite a few robust list available... lists that assist populating the "proprietary" lists.
Sorry but I would expect you to show what this portmaster is also sending away to their servers while recommending it. I'm guessing you did your due diligence but it's better to show that to users too, because now I feel like I'm just swapping whos spying me rather than stopping it
Portmaster is open source and anyone can inspect the source code here: github.com/safing/portmaster. Due to the nature of how such firewalls work and cause the DNS is encrypted, it isn't easy to "show" what is happening in Wireshark, as it will look like gibberish to the viewer and doing an in-depth investigation of code is not going to be the kind of content that the same viewer complaining about the lack of investigation in this video is going to watch.
@@pcsecuritychannel You could make it at the end of the Video, or a quick overview but its not all about what the average viewer would watch rather than quality of the content for many peoplel, really knowing if the application is secure, and not evolving to another channel just ignoring the probaple downsides (no front here, just many channels are like this already) just objectively reviewing all of it.
@@pcsecuritychannel Fair point on code analysis, I wouldn't expect that anyway. But a short part where you could analyze if portmaster is calling any random URLs or not would be nice, and would certainly show up in wireshark as you know. As you know, just because something is open source doesn't mean that it can be clean or compiled distributed binary is 1-1 identical with what's on github. I'm not saying portmaster is shady, but you know, they can easily add something to github and distribute a different binary that does more or less same with telemetry in it.
@@pcsecuritychannel you don't have to do the in-depth analysis in a video, like you said it will be gibberish for most people - but you could tell us that "I checked and this is not sending a homing signal to its own servers with all this info" etc, OR show a 1 minute highlight of what you found, else why even recommend a tool
I agree with @jackjack3358, why should I bother with another tool that might be doing the same thing as microsoft
@@jackjack3358 The whole idea of an encrypted DNS is you can't see the URLs being visited in Wireshark or a network monitoring tool, that's part of the point of a privacy tool, so there is no way to visually "showcase" what URLs you are visiting once you install the application (unlike the Wireshark logs I showed before).
I do most of this via my firewall but going to check this out as it's always nice to have open source apps to recommend to my less tech savvy friends.
pfBlocker FTW
You can use SimpleWall to control the Windows Firewall better.
How do you do it yourself via your firewall?
@@sylverpepper Opnsense lets you use blocklists and they include most of these domains. I also blackhole a bunch of stuff via pi hole.
Holy shit this is awesome! Open source, great looking, simple with advanced settings! Great share!
What a fantastic tool! Thanks for sharing this with us :)
And did you independently verify that no spy traffic was leaving your network? Or...?
Hi Leo, I am a big fan of your channel. Thank you for all you do!
So far, so good. Thanks. Generally, if it's Open Source, I'm in, almost always more secure due to how it's developed.
Along with the transparency of anyone being able to review the code.
That's like dropping your shorts because a stranger told you they're a hooker then asking the community why it burns while you take a piss. The community will collectively agree that indeed they were a hooker... But based on your results not a clean one, nor were either party using best practices. All of this "open source contribution" occurred after the fact.
Moral of the story. There is no panacea. Anything can be open source, but open source does not equate to safe, clean, or best practices. By the time enough competent eyes review the code the damage is done.
@@ShainAndrews Interesting analogy but in this case you're the doctor with the test results. You can go see for yourself and make your own judgement about the software. Open source doesn't equate to safe, clean, or best practice per se. However, with a little due diligence, you can find out with far more ease and certainty than a proprietary piece of software.
@@ShainAndrews analogy is overkill for a pretty simple idea. open source isn't inherently secure and users shouldn't assume it is. not sure wtf you're on about
@@CubensisEnjoyer He's insane, living in a walled off compartment in his fear addled mind. Have a good day mate.
I use Simplewall to block everything by default and allow connections manually, is a lot of work at the start and not so friendly but still a great tool! Will def give this a try as well
What is simplewall ?!
@@ao4514 free, open source firewall that just blocks everything and when something needs to connect it alerts you. You can then say OK don't ask again, or OK allow for X mins, or just ignore and it will block it that one time, or select to block completely.
@@ao4514 Short answer: Hard firewall that allows you to block any app (or even ports/ips) on your pc, and like I said before, I have it set to block everything and it will prompt me when a program is trying to connect to the internet to ask for permission
it also shows the connections just like the one on this video
NotSoSimplewall
Tinywall works for me. The thing about the advanced firewalls with all the crazy features is they are resource hogs.
I’m using comodo firewall, do you recommend swapping to this one? Because I like the control of the processes that comodo gives me and port master doesn’t have (or at least you didn’t show us)
Thank you for what you do. Keep up the good work
I simply use malwarebytes firewall control. It is free and can be set to block everything by default and ask about unlocking. It is hard to tell what you can block (for example gaming services might be necessary for gamepass games) so you need some epxerimentation.
I'm happy to see that a bigger channel promotes the portmaster software, it's an amazing privacy tool that's easy to use!
Every windows user should have this on their PC because it's free and opensource and protects your privacy.
You can block all major tech companies in the filterlists settings!
Simplewall is great but this is more advanced and superior.
Great video mr security!
why just windows? i use it on linux too
I wish the pro version was not subscription based. It's too expensive.
@@BleepBlop-rh9lm
Yeah 10 euro a month isn't to cheap. But you have to consider you get a new IP for every program you use, it's the first program that does that (so far i know), tor does it only for the browser and vpns give you only one IP.
Speaking of vpn's, mullvad is great and half the price of portmaster.
I think both programs are worth paying for.
@@devalue7064 Ofcourse portmaster is great no matter on which OS you use it, i tried it on debian and it didn't work just saying, maybe they'll fix that someday if they haven't already.
After all their website advertises the portmaster for debian based system, so it was werid when it didn't work there.
yeah, not much difference in features between free and the $4/month service. To get the good version it's $9.90/month..... and that's the one you should get@@BleepBlop-rh9lm
Finally portmaster presented in tpsc 🎉🎉 Maybe the SPN next ?
this was posted 30 seconds ago? And i got the recommendation?
Same?
what's the problem?
UA-cam have been testing recommendations by boosting people you do not necessarily watch on your home page.
Ditto
Will definitely add Portmaster to the list of software to investigate. Question, does this replace O&O Shutup?
Also question about crowdsec, does it replace having AV software like Kaspersky or Sophos? Thanks
@wannebedal-adx458 - still would set all privacy setting in Windows itself (and you still can use O&O Shutup for that)... because that will reduce the load and noise from Windows even trying to collect and send!
Also in case Portmaster might theoretically fail... so you still have the first line of preventing the worst!
Short answer: Yes, still use it ;)
Been using this since it was in beta, it’s pretty good!!
You just gained A new subscriber . Btw lately i figured out i had a rat and a miner in my laptop because of security tools you mentioned in your videos
After disinfection,i made sure that my pc is well secured with the tools you said in your vids❤️👍
You made the right choice, this channel is as good as portmaster.
I used simplewall for a while, this might be a nice one to try
I really like Portmaster too I just wish it was more compatible with DNSCrypt and other VPNs without needing to do any config changes
You also recommended Comodo Firewall before. How would you compare these two?
what a nice information will be, is to know how much CPU usage those apps have? i had Comodo Internet Security for couple months and makes my system feeld a little bit slower after a fresh install, and i looked in the task manager and saw, that comodo uses 10-15% from my CPU (5800 x3d).
I have a question : i have Kaspersky Total Security installed, is this kind of Firewall is compatible with ? ( Because Kaspersky T.S include is own Firewall and maybe it can create conflicts, slow-down or instability ? )
Thank you very much. I am looking at the options, specifically the Plus, I can cover the lack of SPN with a DPN.
While it is useful, you can't leave it and forget since it'll most possibly be a source of "why is x application not working" a lot of times because of its global "Force block incoming connections" rule and it wanting you to use a DNS server and nagging you about it (Had cloudflare and was wondering why almost all sites weren't working, turned out cloudflare was down back then and portmaster was routing my DNS to it, so when things are malfunctioning this the first thing i look at now aside from incoming connections)
Also sometimes it classifies things it cannot properly identify as "Network noise", ran into issues with streaming software like Sunshine and had to disable incoming connections ruling for all the "noise connections" to save myself hours of more guesswork
Just something to be aware of that's going to make your like much easier when using this
Yes, I had had that issue with O&O Shutup.
Thanks for the video!
This should complement Simplewall so well
Not use if it's worth using both? I have simplewall and looked at portmaster about a year ago and ended up just using simplewall
Hi, thank you for the information. Can you also please do third party software firewall testings/review as well. 😂
Hi there, it was a very useful and informative tutorial video, please upload more about free and open-source Firewall , This topic is very interesting. thnx
Been using Port master with Linux and even it doesnt help as much as it would on Windows, it still helps blocking some ads in my games and complements ublock
thanks for covering this Application
You always post most useful advice and recommendations here. Thank you!
You've sparked my interest!!!
Your channel is great bro. As a former sysadmin, I get so frustrated with people promoting AV crap just for $$$. You are honest, to the point, and give real world quantifiable data. On a side note, you sound a bit like Buildzoid (a guy with a name in the motherboard and gpu hobbyist arena for analyzing board layouts).
You can just use Control-D at Router or device level to do the same thing. and it has similar features + added Proxy for bypassing specific app based IP or the whole device.
ControlD is the best purchase I've made in a while. The ability to use community filters and it being compatible with almost every device is great.
@@benwhitehouse4467 true that haha
Hey TPSC, I was wondering is it possible to disable Windows Defender so that we can use PortMaster? If so, can you make a video on how we would do that properly, please? Thanks for everything you upload.
I've disabled it completely on W11 but it's a real trial. On W10 you could use regedit to get rid of it but Microsoft have made it much more difficult in W11, you need to find a good tutorial to follow!! I've also removed Edge and One Drive the same way but m/soft do not make it easy... You also have to watch updates as they tend to try and put everything back.
out of curiosity how would portmaster interact with an AV if it has a built-in firewall for example Kaspersky Internet Security and so on? I assume it is best coupled with an AV that doesn't include a Firewall?
Does this work together with another firewall? Meaning having 2 firewalls, this one and the one from my AV.
So having this one for blocking things from MS while my main firewall from my AV deals with everything else.
Thanks.
I'll have to check it out and thanks for the FYI.
Hi, when can we get another free av test-comparison? Love your channel
Very informative, thank you
Portmaster does not sit well with VPNs or similar virtual network devices, however
Portmaster sounded like a great idea, so I did try it. I found it made my system run a lot slower, and it totally blocked UA-cam, so I couldn't watch this video again.
Therefore, I did uninstall it and wondered why you would endorse it.
Portmaster has been a favorite of mine for a while. The SPN feature (replacing VPNs) is a bit jank and needs work but overall it's a must have. The only complaint i have is the price because it costs way to much to justify for the general public.
Yeah right. It is an open source software. You have been cheated if you paid for that.
@@CyberPun the price is for the vpn, sherlock
@@Blox117 NordVPN is better. Try that.
I just tried it for one hour, and it made my pc slower, so i uninstalled it !! never more !!
What does SPN stand for?
I'm wondering if there will be any video about recent malware called Pikabot, I'm curious about how it hides and spreads.
Simple wall is the best!!!
Tricky to set up but thannit works!
does this by any chance introduce any latency when playing games? does it reduce internet speeds?
It is not reducing internet speed and "most likely" not add any latency.
This software is well known by linux users. It is also very handy software.
I had tried this or similar one few months ago, had issue with it eating ram and endings up restarting the app every few hours to avoid that, cause system slowdown and ended up just adding blocklist in host and using other ways in system filters
I assume you do not have to disable the Windows firewall? The two firewalls are running side by side?
How does this compare to something like adguard? I think the desktop version of adguard does something similar.
Not installing anything, unless it's free and open-source.
I use Simplewall (with Windows 10)- and use it the same way- and portmaster is often compared to it-
Wondering if PC security channel could also check out Portmaster 's competitors (simplewall, and i THINK Glasswire?)
[And yes, it's possible to also run BOTH Portmaster and Simplewall on Windows, to my knowledge- so there's a third option, BOTH]
I use Portmaster on a Debian PC though, and it's pretty cool!
yes I would love a comparison as I use simplewall, and tried portmaster a year or so ago and uninstalled it.
Portmaster indeed is awesome
Seems like a great tool. Thank you for the video. Comodo free firewall has been suggested to be adequate, but can Portmaster compare to it and other known paid products - it would be good with your expertise if possible if you could test this? Thanks again.
I m using kasperksy plus, would it be suggested using this alongside or is it still better to use kaspersky firewall?
Kaspersky doesn't block Windows services that are spying on you - not his goal ;-)
Thanks a lot leo 💕
does it run nice along with an AV? this does seem like something I want to test out see what apps I have doing things. I guess I could just it and see what my AV does.
WIll portmaster do much the same as the adguard app (not extension, but app)?
I like it. I would like it even more if this were running in layer 3.
they use a kernel driver on windows
I block those on my router firewall together with country block, but list of all those trackers and what are the use of it (like for instance not to block "tracking" service that just checks that you have internet connection) would be nice
It causes "youtube's 5 second adblock defence" to kick in , slows everything down
Any chance you've been able to place wireshark on your network -- or is it check hardware firewall logs -- to see if traffic to these nefarious IP truly stops once that application is used? Nice to "trust but verify".
there is no "trust but verify" in sponsored content ;) I tried portmaster and it uses more resourses than chrome, too much for a personal firewall
FWs only block the traffic in question, not the process. i assume MS will try to cause such traffic to originate from legitimate processes/executables, so blocking at last-mile-to-ISP (perimeter) would be beneficial for your entire network.
Of course he didn't, otherwise he wouldn't be posting this video making those outlandish claims.
Portmaster shows up in many sites. Which to download from?
That was a lot more than just one click
After restarting pc I noticed I was automatically blocked by accessing internet. After playing around I disabled my Avast shields and net came back on. Do I just disable firewall in Avast and still use other features of Avast?
I had windows defender emptying out the hosts file randomly in the past because it detected critical system files being changed. Its more of a temporary solution. Right now i just use the child safety filter in the router to block a long list of trackers, microsoft and bing. If the clock stops synchronizing, it works. Its network level and not on each machine but does the job.
Awesome. Thank you.
I understand that MS are going to be releasing a "lite" version of Windows11 later in 2024 which by default does not include the MS store, or co-pilot any many other bits n pieces. I am looking forward to this as it seems to me the less MS the lower overall vectors for intrusive snooping. In the meantime I will give this project a try. TY for the vid.
What do you think about portmaster vs glasswire?
Can you make video listing sandbox which we can use to make sure if a file is malware or not
Where is the site that you download from, I wanna test on one of my vms
Good to know..tnx... but how does it play with windows firewall, do they get on well together?
i was totally expecting a closed source proprietary paid software seeing the quality of the UI
Pleasant surprise when i saw that it's open source freeminum!
Thanks, Leo!
@pcsecuritychannel The moment I installed this program, Windows 11 Pro "Smart App Control" allowed the install. Every connection on my computer was blocked including any and all internet communications. "Smart App Control" will not let me use the uninstaller and I had to install a premium version of an antivirus and quarantine the app, but technically it is still installed since "Smart App Control" from Windows 11 will not allow the uninstall. Do you have any tips?
Portmaster is the program upon which I commented
Port Master is extremely powerful. It will literally stop apps and services from accessing internet . It was also annoying at first when I couldnt use some application 💀. So you have to make sure you enable or disable blocking on certain apps
i forgot how good portmaster is, thanks for reminding me!
3:49 what does he mean "I wouldn't recommend it as a replacement for an AV"? Thanks.
US only :/ did has effect on it if we are on uk ?
thanks for the great suggestions. If I use this software, can I turn off the ad blockers in my browser?
Try to disable it and look what will happen ;-)
A Video Idea: how safe is a Sandbox really. testing multiple sandboxes like Virtualbox VM, Windows Sandbox.. e.t.c and showing the worst case scenario if flaws are being used.
was looking for a safe link to portmaster here - a search does not instill confidence of what to click on
Hey, can you please make a video on how to use snort or Wireshark and explain how to identify threats, etc??? Thank you for your work, I really appreciate it ❤❤❤.
i have bitdefender internet security with its own firewall it will not collide with eachother ?
Is there no way to disable settings in windows that windows does connect to certain websites ? i rather have own control over settings then some 3rd party software
14 minutes with 800 visualisations is insane!
Does not NextDNS block Windows spying? It also has great ad blocking and other security features....plus nothing to install.
Can we use it with Bitdefender total security? can it interfer with it? thanks
How it compares with a DNS solution (nextdns/controld)? Or it more like adguard program?
DNS solutions like Pi Hole are far better.
@@NathOnGames pi hole is terrible when dealing with anti ad blockers
@@Blox117 That's simply not true at all. Ublock get's the anti adblock popups but pi hole doesn't.
Does it work for Windows 10 as well 😀😀
Problem is that after I installed Portmaster, it broke my remote connections to other computers, so had to uninstall it as I could not find what it was blocking...
Sadly, it heavily interferes with my strong anti-spyware and adblocking software called Adguard, not sure if Adguard does already what Portmaster
I installed this but my web browsing has become unpredictable with some sites not coming up while others are fine. I've had to reboot my system one time because this was clogging something in the OS. Finding fixes is difficult. This app needs a very good in depth tutorial. When I shut it down, everything goes back to normal.
Hi, please make a tutorial video about Sophos Firewall for Homes and small offices. thnx
what if an app from a lambda company escalate to ring-0 using a private technique they developed themselves and hide it self from this userland firewall is this a possible scenario ?