It’s ridiculous that I have to write it, but it looks like there is no hope in this being an actual feature of the Microsoft Edge web browser - setting a blank new tab. Not a tab with minimal ads, but just one that is blank. You know, the thing that you could set in Firefox for ages:
Compare that to Edge:
Instead of giving the option to just make the page blank (recall that Internet Explorer allowed you to do this), I can only “customize it.”
If you are connected to the Internet and are not blackholing Edge-related URLs, such as their New Tab Page (NTP) on
ntp.msn.com, then you get to see all the ad surface logos and a search bar. If you are blackholing the Edge NTP URLs, you get to see the local NTP, which only has a search box that defaults to your default search provider, and a giant Edge logo (thanks for the reminder, I didn’t know I was using Microsoft Edge here).
This logo is not something I want to stare for the occasional Microsoft Edge launch, so I thought I’d explore ways to make this blank. The page is sourced through
chrome-search://local-ntp/local-ntp.html so one avenue could be figuring out where that HTML is served from and overwriting it with an empty page. That seems cumbersome as a first solution, so maybe there is some kind of registry key that does this instead?
Indeed there is! But wait, hold on a second, what is this remark?
This policy is available only on Windows instances that are joined to a Microsoft Active Directory domain, Windows 10 Pro or Enterprise instances that enrolled for device management, or macOS instances that are that are managed via MDM or joined to a domain via MCX.
As it turns out, the feature exists, but is not accessible for some reason to anyone other than folks that enrolled their device in Mobile Device Management (MDM). If I look under
edge://policy it seems like the policy I set in the registry for the new page is blocked:
Well, I don’t enroll my personal Windows boxes into any kind of MDM, so that’s a non-starter. And by that I mean that I started looking for ways to fake the MDM enrollment.
That’s when I stumbled across a blog post by Gunnar Haslinger that does just that. The author did some research and isolated the following registry keys that help the operating system pretend that it’s enrolled.
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Enrollments\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF] "EnrollmentState"=dword:00000001 "EnrollmentType"=dword:00000000 "IsFederated"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Provisioning\OMADM\Accounts\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF] "Flags"=dword:00d6fb7f "AcctUId"="0x000000000000000000000000000000000000000000000000000000000000000000000000" "RoamingCount"=dword:00000000 "SslClientCertReference"="MY;User;0000000000000000000000000000000000000000" "ProtoVer"="1.2"
You can save the snippet above in a REG file, run it, and then restart the computer. After a quick reboot, what do you know!
The policy is no longer blocked, meaning that magic truly can happen once you start messing with the registry in an effort to defeat user-hostile choices.