Blackbird front
RSS
Home
Documentation
Screenshots
Download

## Blackbird ReadMe
>    Plain text  (.TXT)


Blackbird V6
www.getblackbird.net
info@getblackbird.net

== PREFACE ==

Blackbird is a privacywall for Windows (Vista, 7, 8, 10), designed to dismantle built-in data collection and give the PC back to the user. It's not a realtime security application, it does not run in the background and does not install anything. Run it once and you're set. Internet access is required only to resolve hostnames to IP addresses during the process of applying Blackbird. If access is unavailable Blackbird will still run all local tweaks but the scanner will report [Telemetry = Not blocked] since no network blocks will be set. You may also need to re-apply Blackbird after updating Windows as some updates tend to turn stuff back on.

We are not responsible for any damage done to your PC while using our software.
With that said, Blackbird has been tested thoroughly and we do offer technical support should any issues arise (contact above). We also welcome any suggestions and tips or you can just say hi.


You can help keep Blackbird flying at www.patreon.com/getblackbird



== KNOWN BUGS, ISSUES & LIMITATIONS ==

LAN / VPN / misc. network issues:
Blackbird disables 2 services, SSDP Discovery & UPnP Device Host, which are required to run Network Discovery on your PC. Press the L key in the main menu to fix any LAN connectivity issues and reboot your PC when prompted. After applying the fix, you can set Network Discovery back on in your network settings.

Task View / Virtual desktops  (Windows 10):
On Windows versions supporting virtual desktop, clicking the 'Task View' button may crash explorer.exe.
Blackbird disables CDPUserSvc and it's supportive services that must be started to use the virtual desktops feature. To enable Task View simply press the W key while in the main menu (Not recommended since the associated services are known data collectors).

Device settings / Focus Assist / Action Center / notifications  (Windows 10):
On Windows 10 notifications and device settings may not appear or close abruptly.
If you're experiencing this issue after using Blackbird, simply press the I key in the main menu and reboot when prompted.

OneDrive  (Windows 10):
After using Blackbird's Recovery-mode or the -O switch (Enable OneDrive), the OneDrive folder may not appear in Explorer if it has been disabled previously by Blackbird.
To fix this the user must completely refresh the OneDrive service by converting their account to a local one then back to a Microsoft account:
- Go to Settings page.
- Select 'Accounts' and click on 'Sign in with a local account instead'. Follow on screen instructions.
- Same thing to convert back, except click on 'Sign in with a Microsoft account instead'.
- If this did not solve the problem the user may need to run the OneDrive Troubleshooter application offered by Microsoft.

Blackbird 32bit  (Windows Vista/7/8):
The 32bit version of Blackbird does NOT hide blacklisted updates and does NOT check if Windows automatic updates are enabled due to security limitations. 64bit version is not affected.

Blackbird 32bit  (Windows 10 v1903 and up):
Due to security limitations, the 32bit version of Blackbird may no longer be able to fully disable all Autologgers on Windows 10 version 1903 (April/May 2019 update) and above. Too many AV false positives (fuck Google) have forced us to remove the feature that made this possible until further notice. The 64bit version is not affected by this.

Windows Server and Insider versions are NOT officially supported. Run at your own risk.



== WHAT BLACKBIRD DOES ==

- Disables OneDrive
- Disables Cortana
- Disables Bing-integration
- Disables Wi-Fi Sense
- Disables system-wide Windows/Office Telemetry on any Windows version/edition
- Disables all OS advertising (tips, pop-ups, suggested apps, etc.)
- Disables all Diagnostic-tracking / CEIP / Telemetry / Compatibility services, tasks and agents
- Disables web content evaluation / URL check-in ("SmartScreen")
- Disables Windows Media Online DRM
- Disables Windows P2P Update sharing
- Disables all AutoLoggers
- Disables Windows Error Reporting
- Disables Xbox Live services
- Prevents cross-device synchronization
- Prevents all location/contacts/handwritting/password sharing
- Prevents device meta-data collection
- Patches various data-leaks (IE/EDGE, Defender, Explorer, MRT, SMB)
- Removes Windows Genuine Advantage (WGA)
- Removes your unique Ad-ID tracking token and disables further Windows advertising profiling
- Removes GWX and all Windows 10 Upgrade triggers, icons, messages and other nagging
- Removes Windows 10 Upgrade setup files on Windows 7/8
- Removes a bunch of Windows Vista, 7, 8, 8.1 telemetry updates (supports custom lists)
- Removes Superfish, eDellRoot, HP Touchpoint Analytics, VisualDiscovery and other security risks
- Blocks 500+ different tracking/telemetry/ad servers (supports IPv6/IPv4, multiple network interfaces, custom blocklists)
- Bonus blocks (some) Youtube, Skype, Facebook ads

INCLUDES:
- Blackbird App Manager (Windows 10 only): Block any system application the easy & user-friendly way.
- Blackbird STD: Force removal of stubborn spy tasks.
- Backup & Restore: Save current system settings to an external file restorable at any time.



== USING BLACKBIRD ==

- Double-click blackbird.exe,
- Click Yes if prompted by UAC,
- Blackbird will perform a quick security scan (green means good - red means bad),
- OPTIONAL: Back up current settings by pressing the B key,
- Press any other key to apply,
- Reboot the computer when it's finished. All done.


OPTIONAL: Press ? at the main menu to see all available runtime options.


OPTIONAL: Blocking custom hosts
- Write the hostnames or IP addresses (ipv4/ipv6) in a text file called HOSTS.TXT
(IMPORTANT: Each host must be placed in it's own line),
- Put the file in the same directory as the Blackbird executable,
- Run Blackbird normally (or with the -v switch to see resolved IP's).

It will automatically search for the hosts.txt file at Blackbird startup, notifying the user accordingly, and resolve/block all hosts listed when Blackbird is applied.
Ignores lines beginning with ; and any empty spaces. Hosts.txt file example:

;This is a comment.
;Each host must be placed in it's own line, like so:
a.ads1.msn.com
2a03:2880:1010:7f00:face:b00c::
8.8.8.8
;end of example.
Note: Blackbird can only block single hosts. Addressing is limited internally to /32 and /128 prefix ranges for IPv4/IPv6, respectively.


OPTIONAL: Removing custom KB updates (Windows Vista/7/8 only)
- Write the KB numbers in text file called UPDATES.TXT,
(IMPORTANT: Each update must be placed in it's own line)
- Place the file in the same directory as the Blackbird executable,
- Run Blackbird normally (or with the -v switch to see detailed info on each update found and removed).

Ignores lines beginning with ; and any empty spaces. Updates.txt file example:

;This is a comment.
;KB updates can be written in the following formats:
KB3035583
3068708
;End of example.


== SWITCHES ==

You can also run Blackbird from CMD with the following command-line switches available:

blackbird -v = Verbose Mode - Displays additional information on all changes as they're being made.
 blackbird -s = Silent Mode - Skips all pauses. Can be used with other switches independantly, good for scripts.
 blackbird -r = Recovery Mode - Restores/resets all changes made by Blackbird.
 blackbird -bak = Backup Mode - Save current system settings to an external file restorable at any time.
 blackbird -std = SpyTask Destroyer - Force remove stubborn spy tasks (see below).
 blackbird -scan = A full privacy scan of your system.
 blackbird -aslr = Disable/enable system ASLR (Address space layout randomization).
 blackbird -p = Enable/Disable Diagnostic Policy Service
 blackbird -t = Enable/Disable Sensors / Auto-screen rotation on tablets.
 blackbird -d = Enable/Disable Windows Defender.
 blackbird -g = Disable/enable Games Explorer (gameux.dll; injects into games, connects to MS servers).
 blackbird -e = Enable/Disable SMB over NetBIOS (close listening port 445).
 blackbird -h = Enable/Disable Hibernation (deletes hiberfil.sys file from root).
 blackbird -u = Enable/Disable auto-installation of Windows updates / Sets to manual download and install only.
 blackbird -m = Enable/Disable auto-installation of Malicious Removal Tool updates. (Not avaliable on Windows 10)
 blackbird -n = Remove Blackbird network blocks.
 blackbird -i = Fix Bluetooth, Device Settings, Focus/Assist and user notifications.
 blackbird -l = Fix network/LAN connectivity issues.
 blackbird -? = Displays help information.
blackbird -color = Alternative color scheme (green=blue,red=yellow).
 blackbird -showhost = Show all active IP blocks set by Blackbird.
 blackbird -noupdate = Skip blacklisted KB updates removal. (Not avaliable on Windows 10)
 blackbird -nohost = Skip host blocking.
 blackbird -nospeed = Skip system optimizations.
 blackbird -updates = Only remove KB updates. (Not avaliable on Windows 10)
 blackbird -tasks = Only secure/disable scheduled tasks.
 blackbird -services = Only secure/disable services.
 blackbird -registry = Only secure registry.
 blackbird -hostblock = Only run IP/host blocker.
Switches available on Windows 10 / 8 :
 blackbird -app = App Manager - User-friendly system application blocking (Windows 10 only - see below).
 blackbird -kc = Kill/revive Cortana. (Windows 10 only)
 blackbird -ke = Kill/revive Edge browser. (Windows 10 only)
 blackbird -ks = Kill/revive Windows Store. (Windows 10 only)
 blackbird -kf = Kill/revive Feedback/ContactSupport. (Windows 10 only)
 blackbird -kl = Kill/revive Lockscreen. (Windows 10 only)
 blackbird -o = Enable/Disable OneDrive. (Windows 10/8)
 blackbird -x = Enable/Disable Xbox Live services. (Windows 10 only)
 blackbird -a = Enable/Disable SmartScreen application checking. (Windows 10/8)
 blackbird -b = Enable/Disable Runtime Broker (will cause most UWP/Metro apps to not work - Windows 10/8)
 blackbird -c = Enable/Disable background access for all default system apps. (Windows 10 only)
 blackbird -j = Enable/Disable application access to local devices. (Windows 10 only)
 blackbird -w = Enable/Disable Task View / virtual desktops. (Windows 10 only)
Notes:
- All switches must be separated with a space, followed by a - or / before the next desired switch
(ie. blackbird -v -e -d )
- Combining /S with any other switch will skip all pauses and apply the extra switch. Using /S without other switches will apply Blackbird.
- Combining /V with any other switch will also apply Blackbird in addition to other switches added.



== BLACKBIRD STD ==

"SpyTask Destroyer" can be used to force removal of specific Windows scheduled tasks that for some reason cannot be disabled by running Blackbird normally. Should STD find any such tasks it will first attempt to end and disable it. If it fails it will offer the choice to ignore or force-remove the offending task. A signature engine is used so STD only removes pre-configured tasks that can be safely disabled and are known data-collectors.
Any tasks explicitly deleted by SpyTask Destroyer CANNOT BE RESTORED without Windows reinstallation/recovery/factory defaults.

WARNING:
  • Starting STD with the /S switch (silent mode) will NOT prompt for user choice and will automatically force-remove any found task that cannot be disabled.

  • Disabling/removing the WinSAT task will cause your system to stop sending scheduled TRIM command to host SSD. You can still issue TRIM manually after.
    STD does not care what hard drive you're using, it will forcefully disable/remove all tasks it considers bad.
    WinSAT is not disabled if running Blackbird normally on a SSD-installed system.



    • == BLACKBIRD APP MANAGER (Windows 10 only) ==

    Blackbird App Manager allows user-friendly blocking/unblocking of any Windows/system application installed. Once the app list is populated the user can choose the desired application by entering it's assigned number prefix.
    The selected app is then either blocked or unblocked/activated, depending on it's current state.
    You can also select multiple apps by entering their numeral values by range, seperated by the - symbol.
    For instance, entering 1-10 at the prompt will select all apps marked by numeral values from 1 to 10.
    To refresh the list simply enter the letter R at prompt. To quit, enter Q

    WARNING:
    Blocking certain system applications may cause problems such as non-functional menus or other weird issues on some Windows versions.

    Note: It is recommended to use the App Manager instead of the -k* command-line switches to block and restore apps whenever possible.



    == FREQUENTLY ASKED QUESTIONS ==

    Q: How come this is "free"? What's the catch? Who are you sponsored by?
    A: There is no catch, the tool is completely free and always will be. We don't sell or even collect any of your information. The only sponsors are our users -> www.patreon.com/getblackbird
    (Unless someone pays us 8 million € in cold, hard cash)

    Q: Blackbird is stuck/hangs/crashes.
    A: It takes a while (up to 1h on older CPUs) but if you're sure it's stuck, restart Blackbird and press V at the main menu. This will run Blackbird in Verbose Mode, giving you a more detailed view of what's going on.

    Q: Blackbird shows errors like "access denied", "unable to read file", "system error"...
    A: This is normal, especially under Windows 10. Try closing and running Blackbird again, this somehow forces Windows to behave. Not sure why.

    Q: My antivirus reports Blackbird as malware.
    A: This seems to mostly happen with the 32bit version but we assure you, it's a false-positive. Use the 64bit version if possible, AVs seem to like it more for some reason.
    We suspect this occurs because of the nature and relative obscurity of our software (registry editing,telemetry dismantling,..) Some temporary files are created during usage but they are all deleted before you even exit the program.

    Q: After running Blackbird I have problems with my LAN / VPN connection. Do you even test, bro?
    A: Blackbird, by default, applies certain security/privacy tweaks that may interfere with some networks setups.
    To fix most networking issues simply start Blackbird and press L at the main menu.

    Q: Startup scanner shows red stuff even after applying Blackbird. Why?
    A: The scanner is a little wonky, it may detect Blackbird was not fully applied for any of the following reasons:
    - No internet connection. Either blocked by firewall or not available on your PC, Blackbird cannot resolve hostnames to IP addresses and block them effectively, resulting in "Telemetry / Hosts = Not Blocked"
    - An aggressive AV blocked Blackbird from accessing system files/registry/settings. Not much we can do here, go with your gut.
    - Certain Scheduled tasks are stubborn. Use the -STD switch to remove them.
    - An update turned stuff back on. Check our website for an up-to-date version.
    - Localization/other bugs with the scanner itself. Help us fix it by contacting us!

    Q: I don't like what Blackbird did to my computer. How do I change it back?
    A: Start Blackbird and press R at the main menu. This will run Blackbird in Recovery Mode allowing you to either restore a backup file or recover to Windows defaults.