Comments (7)
1. Write file.
2. Check if exists afterwards
Above fails to find Defender intervention.
1. Write file.
2. Read it back
It finds Defender intervention exactly as you suggested. Here's the full code that does these checks including an integrity check as tamper protection and if the script file is tampered, it rejects to run. It now shows antivirus error only if file cannot be read back, otherwise a generic error. I also added information on web UI when user downloads the file.
Thank you for this @selivan for great tips ❤️ Not only this one but also including directory path, and showing a way forward i.e. showing a button for temporary AV exclusions.
Following your feedback, I will add persistent script directory path to the error message then release a new patch. Before privacy.sexy was saving scripts in temporary directory, but I changed it to persistent %APPDATA%\privacy.sexy\runs
, documented here.
from privacy.sexy.
Good news 🎉. Microsoft has removed the aggressive signatures, Standard
collection does no longer trigger antivirus alerts on after Defender signature update. Thank you for the cooperation Defender team ❤️!
Closing this due to:
- Web application show now instructions on how to save the file even if antivirus alerts.
- Desktop application now shows error if it detects antivirus intervention.
- Microsoft has removed the aggressive signatures,
Standard
is no longer triggering antivirus alert.
A follow-up issue would be to automate disabling antivirus.
from privacy.sexy.
Happy to contribute ) Thanks for doing the job on protecting people's privacy.
Option 1 looks safer to me. Permanent exclusion of some directory creates security risks.
It's even safer to offer the user to remove the exclusion immediately when they try to close the program.
Would be nice to have some indicator, like a label in the status bar:
And don't forget to give the user instructions on what directory to exclude from monitoring, if it is not Defender, but some other AV software.
from privacy.sexy.
Pretty sure any script that attempts to modify defender or any windows security stuff gets flagged
from privacy.sexy.
That would be acceptable but but it even alerts on "Standard" selection which does not configure anything that Microsoft considers a security component at all. Probably need to separate script files for every script to run a test to exactly see what signatures/scripts its alerting on and change the code for those. It's however not a long-term viable solution as others as these signatures get more and more aggressive over time, and this way still can be categorized some kind of obfuscation to avoid signature detection.
from privacy.sexy.
I think the option 2 makes most sense.
Obfuscation of scripts look really suspicious. In-memory execution does not help web version and may be blocked by antivirus software in future.
Here is how option 2 may look on desktop:
- try writing script
- try reading it back
- if we can not read what we wrote - notify user, that AV software is probably blocking the scripts, and how they can disable that
from privacy.sexy.
Thank you for the feedback @selivan. Then lets make this our first step.
Creating exception automatically for the file is good for seamless user experience, but as you say this may be considered intrusive/suspicious for users, or even lead to privacy.sexy app being detected as virus in the end.
So we go for prompting users. Script cannot be executed => Inform user.
How about also giving user options to make it easy for user to take next step:
- Add temporary exclusion for privacy.sexy scripts (1 hours) (recommended action)
- Add permanent exclusion for privacy.sexy scripts
- Temporarily disable real-time defender protection (for one hour)
In the UI we can also describe that this creates security risks.
On clicking of a button, privacy.sexy would ask for admin rights and do the job automatically.
In that case what option is most viable one to provide as part of the flow 1), 2) or 3)? Or is there any other option that can be better that I'm missing?
from privacy.sexy.
Related Issues (20)
- [BUG]: When trying to copy a screenshot by sketching a fragment of the screen (ctrl+shift+s), copying does not happen automatically, an error occurs when trying to copy manually. HOT 4
- Disable Copilot keyboard shortcut (Windows key + C) HOT 5
- Apple silicon processor support HOT 11
- [BUG]: After applying Standard selection Phone Link is broken HOT 9
- [BUG]: Error Running Script HOT 3
- [BUG]: Something in standard script selection breaks "Forgot my password" on the lock screen
- [Feature] Overall Preview Report Of Privacy HOT 10
- Cannot Login & Windows Event Log service HOT 2
- [BUG]: Cannot Login and Windows Event Log service HOT 5
- Reduce display/screen fingerprinting HOT 1
- [BUG]: Search is still broken even after restore HOT 4
- 0.13.3 DMG on Mac only contains the ARM64 version HOT 2
- Hyper-V VM connection issues after running "Standard" HOT 5
- [BUG]: FYI : Disable "Windows Defender Firewall" service also break Windows Sandbox. HOT 4
- [BUG]: WhatsApp (UWP) not starting HOT 1
- desired state / parsing of generated scripts or separate config HOT 1
- How to switch the program language? HOT 2
- [Bug]: "Disable text and handwriting data collection" missing
- [Feature]: Add "Progressive Web App (PWA)" support HOT 2
- [Bug]: Wi-Fi not working on startup, or after waking up PC from sleep HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from privacy.sexy.