|
|
|
|
Param(
|
|
|
|
|
[int] $Privacy = 1,
|
|
|
|
|
[int] $Security = 0,
|
|
|
|
|
[string] $DataFile = ".\data.json",
|
|
|
|
|
[string] $TexFile = ".\telemetry.tex",
|
|
|
|
|
[string] $LogFile = $null,
|
|
|
|
|
[switch] $Verbose
|
|
|
|
|
)
|
|
|
|
|
# Powershell does not catch "non terminating errors" -> make all exceptons "terminating"
|
|
|
|
|
$ErrorActionPreference = "Stop"
|
|
|
|
|
|
|
|
|
|
function logV([string] $text)
|
|
|
|
|
{
|
|
|
|
|
if ($Verbose)
|
|
|
|
|
{
|
|
|
|
|
log($text)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
function log([string] $text)
|
|
|
|
|
{
|
|
|
|
|
Write-Host $text
|
|
|
|
|
if ("" -ne $LogFile)
|
|
|
|
|
{
|
|
|
|
|
Write-Output $text | Out-File -Append -FilePath $LogFile
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function check_key($key)
|
|
|
|
|
{
|
|
|
|
|
$message = "`nTesting key: $( $key.path )\$( $key.name )`n"
|
|
|
|
|
$out = ""
|
|
|
|
|
Try
|
|
|
|
|
{
|
|
|
|
|
$entry = Get-ItemProperty -Path $key.path -Name $key.name
|
|
|
|
|
$value = $entry.($key.name)
|
|
|
|
|
if ($value -eq $key.value)
|
|
|
|
|
{
|
|
|
|
|
logV("$message Correct value set: $value")
|
|
|
|
|
return $out
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
log("$message Incorrect value: $value; Expected: $( $key.value )")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
Catch [System.Security.SecurityException]
|
|
|
|
|
{
|
|
|
|
|
log("$message Access denied, try again as administrator")
|
|
|
|
|
return $out
|
|
|
|
|
}
|
|
|
|
|
Catch [System.Management.Automation.ItemNotFoundException]
|
|
|
|
|
{
|
|
|
|
|
log("$message Key Not Found")
|
|
|
|
|
$value = $null
|
|
|
|
|
}
|
|
|
|
|
Catch [System.Management.Automation.PSArgumentException]
|
|
|
|
|
{
|
|
|
|
|
log("$message Subkey not found")
|
|
|
|
|
$value = $null
|
|
|
|
|
}
|
|
|
|
|
Catch
|
|
|
|
|
{
|
|
|
|
|
log("$message Unexpected error")
|
|
|
|
|
log($_.Exception)
|
|
|
|
|
return $out
|
|
|
|
|
}
|
|
|
|
|
$out += $texItemTmpl -f$($key.path -replace "\\", "\\"), $( $key.name -replace "_", "\$&" ), `
|
|
|
|
|
$( $key.type -replace "_", "\$&" ), $key.value, $( if ($null -eq $value)
|
|
|
|
|
{
|
|
|
|
|
"Not set"
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$value
|
|
|
|
|
} )
|
|
|
|
|
return $out
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$user = [Security.Principal.WindowsIdentity]::GetCurrent();
|
|
|
|
|
$isAdmin = (New-Object Security.Principal.WindowsPrincipal $user).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
|
|
|
|
|
if (-not$isAdmin)
|
|
|
|
|
{
|
|
|
|
|
logV("Started as a non admin")
|
|
|
|
|
Write-Host "--------------------------------------------------------------------"
|
|
|
|
|
Write-Host "!!! Your are running this Script as a non Admin !!!"
|
|
|
|
|
Write-Host "Access to several registry keys might be denied"
|
|
|
|
|
Write-Host "This will be shown in the resulting output"
|
|
|
|
|
Write-Host "It is recommended to start this script as admin"
|
|
|
|
|
Write-Host "--------------------------------------------------------------------"
|
|
|
|
|
Write-Host "Press any key to continue ...`n"
|
|
|
|
|
$host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") | Out-Null
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (("" -ne $LogFile) -And (Test-Path $LogFile))
|
|
|
|
|
{
|
|
|
|
|
logV("Clear old log file")
|
|
|
|
|
Remove-Item $LogFile
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
logV("Reading JSON file from $DataFile")
|
|
|
|
|
$data = Get-Content -Encoding UTF8 -Raw -Path $DataFile | ConvertFrom-Json
|
|
|
|
|
|
|
|
|
|
$texOut = "\begin{landscape}`n\section{Windows 10 Telemetry}`n"
|
|
|
|
|
$texCatTmpl = "\multicolumn{{5}}{{l}}{{\textbf{{\textrm{{\ifgerman{{{0}}}{{{1}}}}}}}}}\\`n"
|
|
|
|
|
$texItemTmpl = "\url{{{0}}} & {1} & {2} & {3} & {4}\\`n"
|
|
|
|
|
|
|
|
|
|
ForEach ($scope in "Security", "Privacy")
|
|
|
|
|
{
|
|
|
|
|
if ($( Get-Variable -Name $scope -ValueOnly ) -eq 0)
|
|
|
|
|
{
|
|
|
|
|
logV("`nSkipping scope '$scope'")
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
$texOut += "\subsection{$scope}`n\begin{sytable}[\ifgerman{Abweichende Registrierungsschlüssel}{Differing registry keys}]{X-l-l-l-l}
|
|
|
|
|
{ \ifgerman{Schlüsselpfad}{Key path} & Name & \ifgerman{Typ}{Type} & \ifgerman{Soll}{To-be} & \ifgerman{Ist}{As-is} }`n"
|
|
|
|
|
ForEach ($cat in $data.$($scope.tolower() ))
|
|
|
|
|
{
|
|
|
|
|
if ($cat.level -gt $( Get-Variable -Name $scope -ValueOnly ))
|
|
|
|
|
{
|
|
|
|
|
logV("`nSkipping category '$( $cat.name.en )'")
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
logV("`nProcessing category '$( $cat.name.en )'")
|
|
|
|
|
$first = $true
|
|
|
|
|
# Processing keys
|
|
|
|
|
ForEach ($key in $cat.keys)
|
|
|
|
|
{
|
|
|
|
|
$retValue = check_key($key)
|
|
|
|
|
if ($retValue -eq "")
|
|
|
|
|
{
|
|
|
|
|
<# check local GPO as well:
|
|
|
|
|
for "HKLM:\SOFTWARE\Policies\Microsoft\Windows\X"
|
|
|
|
|
check "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\X"#>
|
|
|
|
|
if ( $key.path.Contains("SOFTWARE\Policies\Microsoft\Windows"))
|
|
|
|
|
{
|
|
|
|
|
$key.path.Replace("Policies\Microsoft\Windows", "Microsoft\Windows\CurrentVersion\Policies")
|
|
|
|
|
$retValue = check_key($key)
|
|
|
|
|
}
|
|
|
|
|
if ($retValue -eq "")
|
|
|
|
|
{
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if ($first)
|
|
|
|
|
{
|
|
|
|
|
$texOut += $texCatTmpl -f $cat.name.de, $cat.name.en
|
|
|
|
|
$first = $false
|
|
|
|
|
}
|
|
|
|
|
$texOut += $retValue
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$texOut += "\end{sytable}`n"
|
|
|
|
|
}
|
|
|
|
|
$texOut += "\end{landscape}`n`n"
|
|
|
|
|
|
|
|
|
|
Out-File -InputObject $texOut -FilePath $TexFile
|