malte
/
ameliorated.info
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Website for the AME project.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
156 MiB
 
 
Tree: ca6b4d4564
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ca6b4d4564'
${ noResults }
ameliorated.info/faq.html

345 lines
28 KiB
Raw Blame History

<html>
<head prefix="og: http://ogp.me/ns#">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>FAQ - AME</title>
<meta property="og:site_name" content="ameliorated.info" />
<meta property="og:title" content="Windows 10 Minus The Spyware + Added Stability and Security" />
<meta property="og:description" content="A stable, non-intrusive yet fully functional build of Windows 10 to anyone, who requires the Windows operating system natively" />
<meta property="og:url" content="http://ameliorated.info/" />
<meta property="og:image" content="http://ameliorated.info/img/ame_logo.jpg" />
<style type="text/css">
</style>
<link rel="stylesheet" href="css/styles.css">
</head>
<body style="background-image: url('img/ame_wallpaper_1440_web_blur_2.jpg');
background-repeat: no-repeat;
background-position: center center;
background-attachment: fixed;
background-size:cover">
<div class="topnav-wrapper">
<label for="show-menu" class="show-menu"><img id="mobile-menu-icon" src="img/menu-icon.png"></label>
<input type="checkbox" id="show-menu" role="button">
<a href="index.html"><img src="img/logo_ame_small.png" id="top-logo-mobile"></a>
<ul class="topnav" id="menu">
<div id="darken-screen"></div>
<a style="margin: 0px 0px; padding: 0px 0px;" href="index.html"><img class="topnav" src="img/logo_ame_small.png"></li></a>
<div class="topnav-reverse">
<li><a href="index.html">GET</a></li>
<li><a href="documentation.html">DOC</a></li>
<li><a class="active" href="faq.html">FAQ</a></li>
<li><a href="https://t.me/joinchat/CR-xFBGQKVt7HPZKgZfbxg" target="_blank">TELEGRAM</a></li>
</div>
</ul>
</div>
<div class="body">
<br id="mobile_purge">
<br id="mobile_purge">
<br id="mobile_purge">
<h2>Contents</h2>
<ol>
<li>
<a href="#whatis">What Is This Project?</a>
</li>
<li>
<a href="#data_collection">Ubiquitous Normalization Of Data Collection</a>
</li>
<li>
<a href="#configure">Configuring AME For Stable And Secure Operation</a>
<ol type="a">
<li>
<a href="#windows_update">Windows Update And Security Concerns</a>
</li>
<li>
<a href="#method">The Case For Our Method</a>
</li>
</ol>
</li>
<li>
<a href="#sshd">How do I enable the built-in SSH/SFTP server?</a>
</li>
<li>
<a href="#change_passwd">How do I change the username/password?</a>
</li>
<li>
<a href="#key_locale">Is there a way to change the keyboard language in AME?</a>
</li>
<li>
<a href="#dark_theme">How do I enable the dark theme?</a>
</li>
<li>
<a href="#why_old">Why the old windows build?</a>
</li>
<li>
<a href="#activate">Can AME be activated with a legit key, like normal Windows?</a>
</li>
<li>
<a href="#dx12">Is DirectX 12 supported?</a>
</li>
<li>
<a href="#legal">Legal Considerations</a>
</li>
<li>
<a href="#privacy">Privacy or Security?</a>
</li>
<ol>
<li>
<a href="#windows_update">Windows Updates</a>
</li>
<li>
<a href="#opensource">Open Source</a>
</li>
</ol>
<li>
<a href="#script_host">How do I enable Windows Script Host access?</a>
</li>
<li>
<a href="#add_admin">How to add my user back to the Administrator group?</a>
</li>
</ol>
<ol>
</ol>
<br>
<h2 id="whatis">What Is This Project?</h2>
<p>Windows 10 AME aims at delivering a stable, non-intrusive yet fully functional build of Windows 10 to anyone, who requires the Windows operating system natively. Spyware systems, which are abundant in Windows 10 by default, have <strong>not</strong> been disabled using group policy, registry entries or various other workarounds &#8211; they have been entirely removed and deleted from the system, on an executable-level. This includes Windows Update, and any related services intended to re-patch the system via what is essentially a universal backdoor. Core applications, such as the included Edge web-browser, Windows Media Player, Cortana, as well as any appx applications, have also been successfully eliminated. The total size of removed files is about 2 GB.</p>
<p>Great effort has been invested in maintaining the subsequent system&#8217;s stability, bug-free operation and user experience, as many of these removed services conflict with core Windows 10 features.</p>
<br>
<h3>The Release Of Windows 10</h3>
<p>When Microsoft released Windows 10 on July 29th 2015, it solidified its position in providing an operating system which undermined basic human rights with respect to privacy and overall system control. A shift towards an unjust source of power, via Windows Update and various other subsystems, amalgamated in a poorly designed user interface focused on cognitive ease and commercial advertising: This was to become the new era of computing.
It&#8217;s important to remark, that due to Windows 10&#8217;s update mechanics, combined with Microsoft&#8217;s decision of abolishing its testing devision for update distribution, a stock system is extremely unpredictable and subject to an ever-shifting, uncontrollable state of disarray - but nevertheless vulnerable to leaked back-doors, in cooperation with the NSA - seriously undermining and questioning the validity of the official narrative&#8217;s claim to security and progress.
<div class="source_white"><a class="source_white" href="https://www.eff.org/deeplinks/2016/08/windows-10-microsoft-blatantly-disregards-user-choice-and-privacy-deep-dive" target="_blank">[ SOURCE &mdash; www.eff.org ]</a></div>
<div class="source_white"><a class="source_white" href="https://autoriteitpersoonsgegevens.nl/en/news/dutch-dpa-microsoft-breaches-data-protection-law-windows-10" target="_blank">[ SOURCE &mdash; autoriteitpersoonsgegevens.nl ]</a></div>
</p>
<blockquote><em>&#8220;[&#8230;] this program is an instrument of unjust power&#8230;. Sometimes it tracks the user... and sometimes they can even forcibly change the software at a distance, as Microsoft can with Windows, through the universal backdoor.&#8221;</em><strong> &#8211; Richard M. Stallman, at TEDxGeneva 2014</strong> </blockquote>
<br>
<h2 id="configure">Configuring AME For Stable And Secure Operation</h2>
<p>Due to the modified nature of this Windows installation, there are various possible security and stability concerns to consider when using Windows 10 AME. The entire removal of the Windows 10 update subsystem, coupled with the lack of automatic driver detection, beyond what is included in the <strike>1511</strike> 1809 build of Windows 10 from <strike>November 2015</strike> late 2018, requires manual action in order to configure proper and safe operation.</p>
<p>It is critical to understand, that Windows, regardless of its modernity and patched state, has proven to not be a secure platform. If security is one of your primary concerns, you should not be using AME, or Windows in general.
<div class="source_white"><a class="source_white" href="https://www.schneier.com/crypto-gram/archives/1999/0915.html" target="_blank">[ SOURCE &mdash; www.schneier.com ]</a></div>
<div class="source_white"><a class="source_white" href="https://www.pcworld.com/article/197659/Google_Ditches_Microsoft_Windows_Citing_Security_Issues_Report_Claims.html" target="_blank">[ SOURCE &mdash; www.pcworld.com ]</a></div>
</p>
<br>
<h3 id="windows_update">Windows Update And Security Concerns</h3>
<p>Since the release of Windows 10, various security patches have been pushed to fix critical vulnerabilities, via Windows update distribution. These patches are not available for AME, as this subsystem has been disabled. In order to secure the system properly, it is strongly advised to revoke administrator privileges from the default user. This will mediate approximately 94% of the critical attack surface, while locking down the system from most foreseeable major future threats.
<div class="source_white"><a class="source_white" href="https://www.avecto.com/news-and-events/news/94-of-critical-microsoft-vulnerabilities-mitigated-by-removing-admin-rights" target="_blank">[ SOURCE &mdash; www.avecto.com ]</a></div>
<div class="source_white"><a class="source_white" href="https://www.tenforums.com/tutorials/2969-enable-disable-elevated-administrator-account-windows-10-a.html" target="_blank">[ SOURCE &mdash; www.tenforums.com ]</a></div>
</p>
<p>The use of networked Windows file-sharing using the SMB protocol, which, since the release of build 1511, has been hijacked for various large-scale exploits, such as the famed WannaCry ransomware attack, yet still showing extensive vulnerabilities, surfacing even today, should only be used in a user controlled, secured network environment, as this protocol has proven to be largely apprehensive by age of its design. SFTP is strongly recommended for networked file transfers.
<br><div class="source_white"><a class="source_white" href="https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/" target="_blank">[ SOURCE &mdash; blogs.technet.microsoft.com ]</a></div>
</p>
<br>
<h3 id="method">The Case For Our Method</h3>
<blockquote><em>&#8220;[&#8230;] As you can see, even the recommended method for eliminating data collection isn&#39;t completely effective and causes a number of problems [&#8230;] don&#39;t install anything, and don&#39;t use your computer, the data sent to Microsoft is quite minimal.&#8221;</em><strong> &#8211; Mark Burnett, xato.net, May 2017</strong> </blockquote>
<p>In May 2017 a security researcher named Mark Burnett demonstrated that disabling the default data collection toggles, found in Windows 10's settings app, are entirely useless. Furthermore he showed that even through using intensive group policy modifications, in a process heavily scrutinized and iterated upon over several days, he was not able to prevent Windows 10 from sending critical, personally identifiable information with certainty.
<div class="source_white"><a class="source_white" href="https://xato.net/windows-spying-and-a-twitter-rant-19203babb2e7" target="_blank">[ SOURCE &mdash; xato.net ]</a></div>
<div class="source_white"><a class="source_white" href="https://www.theinquirer.net/inquirer/news/3010547/microsoft-says-its-best-not-to-fiddle-with-windows-10-enterprise-group-policies" target="_blank">[ SOURCE &mdash; www.theinquirer.net ]</a></div>
</p>
<p>In conclusion, it appears to be extremely difficult to genuinely disable data collection, as proven to be monitorable in a controlled environment, where a constant uncertainty, subject to change by Microsoft's backdoor via Windows Update, plagues any methodology of mitigation, when making use of the built-in tools of Windows 10 such as the basic Privacy settings, gpedit modifications or registry edits. The only logical and unfortunately required method in this scenario, is the removal of the affected services from the system entirely, along with Windows Update.</p>
<br>
<h2 id="sshd">How do I enable the built-in SSH/SFTP server?</h2>
<p>As discussed in the documentation, AME comes with the official SSH server installed by default, but has not been enabled due to concerns regarding the generated keys and opened ports.</p>
<p>To enable the server, first open the <span class="code">firewall</span> rules for <span class="code">sshd.exe</span> and allow inbound connections. Type the following into an elevated <span class="code">powershell</span> prompt:</p>
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">New-NetFirewallRule</span><span style="color: #a4df2d"> -Name</span> sshd<span style="color: #a4df2d"> -DisplayName</span> 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP <span style="color: #a4df2d"> -Action Allow</span> -LocalPort 22
</div></div>
<p>Start <span class="code">sshd</span> (this will automatically generate host keys under <span class="code">%programdata%\ssh</span> if they don't already exist):</p>
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span>net start sshd
</pre></div></div>
<p>The <span class="code">sshd</span> service should also be configured to auto-start at boot. In an elevated powershell window type:</p>
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">Set-Service</span> sshd -<span style="color: #a4df2d"> StartupType</span> Automatic
</pre></div></div>
<br>
<h2 id="change_passwd">How do I change the username/password?</h2>
<p>You can change the username in Windows from CMD (Administrator) using the following command:</p>
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">wmic </span><span style="color: #a4df2d">useraccount</span> where name='currentname'<span style="color: #a4df2d"> rename</span> newname
</pre></div></div>
<p>You can change a user's password in Windows from CMD (Administrator) using the following command:</p>
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">net </span><span style="color: #a4df2d">user</span> useraccount<span style="color: #a4df2d"></span> *
</pre></div></div>
<br>
<h2 id="key_locale">Is there a way to change the keyboard language in AME?</h2>
<p>Yes, the following changes the keyboard locale:</p>
<p>Open a Windows <span class="code">powershell</span> prompt with Administrator rights.<br>Import the international settings module by running the following command:</p>
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">ipmo</span> <span style="color: #a4df2d">international</span>
</pre></div></div>
<p>Display the locale information on the computer by running the following command:</p>
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7"></span>Get-WinSystemLocale<span style="color: #a4df2d"></span>
</pre></div></div>
<p>Set the locale for the region and language that you want. For example, the following command sets the system locale to German (Germany):</p>
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">Set-WinUserLanguageList</span> -Force<span style="color: #a4df2d"> 'de-DE'</span>
</pre></div></div>
<br>
<h2 id="dark_theme">How do I enable the dark theme?</h2>
<p>The vanilla dark theme, while available, is not recommended, as it is extremely early in development. You can install a custom dark theme, however this appears to introduce a 15 second hang when logging in for some reason.</p>
<br>
<h2 id="why_old">Why the old windows build?<span class="badge" style="bottom: 6px; left: 10px;">Old!</span></h2>
<div class="comment-vertical"><p>This information only applies to prior AME releases, which were based on build 1511. Newer versions are much more up to date.</p></div>
<p>Multiple reasons, some having to do with the fact that MS added a whole other layer of complexity when trying to "ameliorate" versions past 1511.</p>
<p>However, this version is nearly "complete", and we will move on to 17.09 or 18.03, while also providing the older version, which will support older hardware longer, which MS will inevitably start to phase out support for at some point.</p>
<br>
<h2 id="activate">Can AME be activated with a legit key, like normal Windows?</h2>
<p>No, the activation components are part of the <em>spyware aparatus</em>, and have been removed to the extent, that they don't send or collect personal data.</p>
<p>AME has been activated with a generic volume license key for Windows 10 Pro N RTM, and will never bother you to be activated, as it cannot verify the key with MS servers.</p>
<p>No <em>crackware</em> was employed to make windows think that it is activated, only the clever removal of components, in the right order.</p>
<div class="comment-vertical"><p><p>If you purchased your key from a third party, you may want to activate the key using a vanilla Windows 10 Installation on your machine before proceeding with AME, as the key will be tied to your motherboard and unable to be used again. Third party sellers sometimes check for this so they can make more money if you did not use the key within a short time period.</p></p></div>
<br>
<h2 id="dx12">Is DirectX 12 Supported?</h2>
<p>The general answer is no, as DirectX 12 is primarily updated by Windows Update, certain games will make API calls that aren&#39;t available on AME, resulting in crashes.</p>
<p>It is worth noting however, that due to DX12&#39;s proprietary nature, and Windows exclusivity, not to mention the fact that games, which make use of it, generally see no benefit at this point what so ever, it is advisable to avoid supporting the use of this API. There are promising open alternatives, such as <a href="https://www.khronos.org/vulkan/" target="_blank">Vulkan</a>, as used by DOOM. Vulkan is <strong>fully supported</strong> by AME.</p>
<br>
<h2 id="legal">Legal Considerations</h2>
<p>By downloading any of these images, you agree to Microsoft&#8217;s <a href="https://www.microsoft.com/en-us/Useterms/Retail/Windows/10/UseTerms_Retail_Windows_10_English.htm" target="_blank">Terms of Service</a> with respect to (5.) Authorized Software and Activation. All Images have been rudimentarily activated using a <a href="https://www.tenforums.com/tutorials/95922-generic-product-keys-install-windows-10-editions.html" target="_blank">Generic Key</a> for Windows 10 Pro N RTM. By using any of these images you agree that you have obtained a genuine product key or are able to activate by an other authorized method.</p>
<p>AME is developed for educational purposes only, which emphasizes an effort to reverse engineer, disable or replace components of the Microsoft Windows 10 operating system. The goal is an endeavor to better understand and mitigate the collection of Personally identifiable information (PII), as has been clearly outlined by numerous outlets covering the topic, including comments by famed whistle-blower Edward Snowden. Another goal is to replace included proprietary Windows software, such as the Edge web-browser, with ethically verifiable alternatives using open-source licenses.
<br><div class="source_white"><a class="source_white" href="https://www.eff.org/deeplinks/2016/08/windows-10-microsoft-blatantly-disregards-user-choice-and-privacy-deep-dive" target="_blank">[ SOURCE &mdash; www.eff.org ]</a></div>
</p>
<p>EU Directive 2009/24, on the legal protection of computer programs, governs reverse engineering in the European Union. The directive states:</p>
<p><em>"(15) The unauthorised reproduction, translation, adaptation or transformation of the form of the code in which a copy of a computer program has been made available constitutes an infringement of the exclusive rights of the author. <strong>Nevertheless</strong>, circumstances may exist when such a reproduction of the code and translation of its form are indispensable to obtain the necessary information to achieve the <strong>interoperability</strong> of an independently created program with other programs. It has therefore to be considered that, in these limited circumstances only, performance of the acts of reproduction and translation by or on behalf of a person having a right to use a copy of the program is legitimate and compatible with fair practice and must therefore be deemed not to require the authorisation of the rightholder. An objective of this exception is to make it possible to connect all components of a computer system, including those of different manufacturers, so that they can work together. Such an exception to the author's exclusive rights may not be used in a way which prejudices the legitimate interests of the rightholder or which conflicts with a normal exploitation of the program."</em>
<br><div class="source_white"><a class="source_white" href="http://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1435057541496&uri=CELEX:32009L0024" target="_blank">[ SOURCE &mdash; eur-lex.europa.eu ]</a></div>
</p>
<p>The intentions as self-described by the AME project, clearly fall under the case-scenario of enabling better "interoperability", as the prevalence of proprietary software bundled with the Windows 10 operating system does not constitute an open standard in this regard.</p>
<br>
<h2 id="privacy">Privacy or Security?</h2>
<p>As stated on the main page, the objective of this project <em>&ldquo;[&#8230;] aims at delivering a stable, non-intrusive yet fully functional build of Windows 10 to anyone, who requires the Windows operating system natively&rdquo;</em>, while <em>&ldquo;Spyware systems [&#8230;] have been entirely removed and deleted from the system.&rdquo;</em></p>
<p>This is crucial to understand, as we do not provide a heightened state of security as the project&rsquo;s main focus, beyond what is indirectly affected by the AME alterations. This does include many aspects likely to improve security, such as the reduction of many internal services and features, liable to third party vulnerability escalation (i.e. SMBv1, Edge, Wifi-Sense and many others), however these are, in fact, somewhat unintended side-effects of our, arguably somewhat ideologically fueled, removal process.
<br>
<div class="source_white"><a class="source_white" href="https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/" target="_blank">[ SOURCE &mdash; blogs.technet.microsoft.com ]</a></div>
<div class="source_white"><a class="source_white" href="https://www.extremetech.com/extreme/209208-windows-10s-new-wifi-sense-shares-your-wifi-password-with-facebook-outlook-and-skype-contacts" target="_blank">[ SOURCE &mdash; www.extremetech.com ]</a></div>
</p>
<p>Furthermore, as touched upon on the main page, 94% of critical Windows 10 vulnerabilities can be mitigated by revoking administrator privileges from the default user. This is also an included feature in AME, and can be set-up by means of the initialization script, as this mode of operation is strongly encouraged.
<br>
<div class="source_white"><a class="source_white" href="https://www.avecto.com/news-and-events/news/94-of-critical-microsoft-vulnerabilities-mitigated-by-removing-admin-rights" target="_blank">[ SOURCE &mdash; www.avecto.com ]</a></div>
<div class="source_white"><a class="source_white" href="https://www.tenforums.com/tutorials/2969-enable-disable-elevated-administrator-account-windows-10-a.html" target="_blank">[ SOURCE &mdash; www.tenforums.com ]</a></div>
</p>
<br>
<h3 id="windows_update">The Deal With Updates</h3>
<p>However, AME does not allow for the installation of critical security patches, by means of regular Windows Updates, as this subsystem has been stripped from the OS entirely.<b> Unfortunately, due to Windows 10&rsquo;s background restoration behavior, it was deemed necessary to also remove any ability of manually installing update packages</b>, as the system components required for this, are the same ones responsible for the entire Windows Update subsystem to begin with &ndash; it was all or nothing.</p>
<p>Additionally, manually patching the OS, if this were possible, considering the goals and values AME deploys, in fact installs and alters many unwanted components, partially restoring Windows 10&rsquo;s spyware apparatus. Because of this, each patch requires a scrutinous re-evaluation of the OS, followed by additions to the removal and cleansing process. </p>
<p><b>Nevertheless, each release of AME has been patched up until its release version date.</b></p>
<br>
<h3 id="opensource">Open Source</h3>
<p>The creation of AME is led by individuals principally interested in the open flow of information, and equal distribution of knowledge, hence a strong inclination towards supporting free and open source software, or even activist efforts, such as the FSF&rsquo;s ethics.<br />
As of such, the replacement applications provided in AME also attempt to fall in line with open source considerations.<br />
We by all means strongly encourage users unfamiliar with these concepts to explore them in detail, as they are much further reaching in their implications, than simply superficial effects on software development.</p>
<br>
<h2 id="script_host">How do I enable Windows Script Host access?</h2>
<p>As described in the documentation, AME ships with various modifications aiming at locking Windows down to a much more secure state. As part of this process <a href="https://github.com/securitywithoutborders/hardentools" target="_blank">hardentools</a> disables a Windows feature called Script Host access. However, this feature is often required for doing development work with, for example, Visual Studio, which will error-out during the installation process, due to this feature missing. To re-enable Script Host access, open an elevated command promt and type the following command:</p>
<div class="comment-code"><div style="overflow:auto;overflow-wrap: break-word;word-break: break-all;width:auto;padding:.2em .6em;"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">reg </span><span style="color: #a4df2d">add</span> "HKLM\SOFTWARE\Microsoft\Windows Script Host\Settings"<span style="color: #a4df2d"> /v</span> Enabled<span style="color: #a4df2d"> /t</span> REG_DWORD<span style="color: #a4df2d"> /d</span> 1<span style="color: #a4df2d"> /f</span>
</pre></div></div>
<p>After that, reboot your computer, and the relevant programs should now be able to make use of this feature.</p>
<p>You revert these changes by typing the following command:</p>
<div class="comment-code"><div style="overflow:auto;overflow-wrap: break-word;word-break: break-all;width:auto;padding:.2em .6em;"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">reg </span><span style="color: #a4df2d">add</span> "HKLM\SOFTWARE\Microsoft\Windows Script Host\Settings"<span style="color: #a4df2d"> /v</span> Enabled<span style="color: #a4df2d"> /t</span> REG_DWORD<span style="color: #a4df2d"> /d</span> 0<span style="color: #a4df2d"> /f</span>
</pre></div></div>
<br>
<br>
<h2 id="add_admin">How to add my user back to the Administrator group?</h2>
<p>Due to severe security considerations, the default user in AME has been revoked Administrator privileges. However, in certain situations this may cause potential issues, as Windows was not designed to operate in this state, per se. If you require administrator priviliges, you can add your user back to this group using the following command in an elevated command prompt:</p>
<div class="comment-vertical"><p>Note that while certain inconveniences may arise due to not having direct administrator privileges, we strongly recommend sticking with the configuration we ship, for security reasons.
</p></div>
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">net </span><span style="color: #a4df2d">localgroup</span> administrators<span style="color: #a4df2d"></span> user<span style="color: #a4df2d"> /add</span>
</pre></div></div>
<p>After this, restart Windows, and the default user will have administrator privileges.</p>
<br>
</div>
</body>
<footer id="footer" style="display: block; bottom: 0; margin-left: auto; margin-right: auto; width: 100%;">
</footer>
</html>