Private Winten - Open Source Windows 10 privacy tool with built in Firewall

Discussion in 'other firewalls' started by DavidXanatos, Dec 23, 2018.

  1. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    Thank! 0.1d
    14/ Now autostart happens correctly, immediately to the system tray. There is a defect with the first opening of the window. When you open a window from the tray (or from a shortcut), the window opens like here
    1.png
    15/ Config.ini - user settings - sizess, position, options.
    Programs.xml - list of programs with rules?
    It makes sense to save these files when updating the program version?
    16/ In Title Bar and About see "Private WinTen", and file "PrivateWin10.exe". I do not know whether to align names.
     
  2. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    17/ If shortened, the visual perception will improve and the space will be freed horizontally, of which there are already few
    1.png
     
  3. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    14/ hmm... i will play around with that a bit ...

    15/ yes keep the files especially if you took the time to group programs together, assign categories or more friendly names etc....

    16/ I would leave it as it is with regard to the binary name

    17/ protocol shorter i like it, direction I wold leave as it is, else next thing to shorten will be allow to A and block to B and at some point it starts getting messy ;)
     
  4. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    14/ OK, this need resolve
    15/ 16/ 17/ Agree
    18/ Bug detected. If you disable a rule, you cannot turn it on. Instead of enable a rule, the rule editing dialog opens, but saving is still impossible.
    2.png
     
    Last edited: Dec 28, 2018
  5. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    19/ Bug detected. Line duplicated.
    3.png
     
  6. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    Last edited: Dec 29, 2018
  7. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    Hi David

    Many thanks for the procession of updates...have been away and so with little time to review. Did you receive my private message/conversation contianing the update contents for Translation.ini? I have copy/pasted the revised contents I mentioned to you way back re. release 0.1a (probably to busy working on the next release at the time...;))?

    Regards, Baldrick
     
    Last edited: Dec 29, 2018
  8. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    18/ - Is fixed - the lines were confused and missing (thank ViVek for englich fixed)
    19/ - Is fixed now - lines 106 and 107 were duplicated (lbl_program=Program)
     
  9. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    20/
    1.png
    Summary for this time:
    fixed: 1/ 2/ 7/ 8/ 9/ 11/ 17/ 18/ 19/
    solved: 3/ 4/ 5/ 6/ 15/16/
    not fixed: 12/ 13/ 14/ 20/ (10/ - the same as 14/)
     
    Last edited: Dec 29, 2018
  10. Grumlo

    Grumlo Registered Member

    Joined:
    Nov 14, 2015
    Posts:
    176
    Aldist good job :) thanks
     
  11. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    Thank! PWT is a good program :thumb:
     
  12. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    Yea I mist that indeed sorry,
    also by that time the translation file was not complete, i.e. the stings in the xaml files were not localized.


    Cheers
    David X.
     
    Last edited: Dec 29, 2018
  13. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    21/ The string length for Remote Address are immensely very-very-very long.
    ScreenShot_304.png

    22/ Some rules are displayed incorrectly, although in WfwAS and Bibisoft WFC they are displayed correctly.
    ScreenShot_305.png
     
  14. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    o_O means unknown protocol strange that you have some of those in your rules,
    * means any
    the ports become visible if you select protocol TCP or UDP, other protocols does not understand the concept of ports.
     
  15. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    about 21/ I understood the reason for the very wide column Remote Addresses. Auto-tuning width of the column on the contents of the line. The rule for Firefox has 5 addresses, and the other rule has 50 addresses, this is the width of the column and adjusts to 50 addresses. This is wrong and very unfriendly, it needs to be fixed.
    about 22/ It 11.png and * confuse the user. Perhaps it would be correct like this: 11.png = Any and * = Any or All Ports
    11.png
     
    Last edited: Dec 30, 2018
  16. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    21/ will be fixed

    22/ ? ? ? = any in lists fixed
    about * i think * is widely known as a stand in for anything, isn't it?
    Also when protocol is set to any ports are not a valid a parameter so still showing a port text input there would be wrong, also when you select protocol ICMP you get an other input box instead of the port one.
     
  17. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    Yes, but such a rule cannot be edited, since the interface has no lines for entering ports (see screenshot above).
    I think that auto tuning the width of a column in our case only hurts, you have to abandon it or do it as an option, at the user's choice. The user can then adjust the horizontal scrolling to be minimal, for example
    1.png
     
    Last edited: Dec 30, 2018
  18. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    630
    Location:
    Germany
    Clicking the privacy option trips Kasperskys adware alarm:
    WinTen Kaspersky.png
    VirusTotal however shows it as 100% clean, including Kaspersky. Maybe they don't configure Kaspersky to check for Adware.
    I know it's not malicious: "ExtGPi" sounds like Kasp gets hung up on you editing certain group policies. And I looked at them, so everything is fine.

    But you might want to tell them to whitelist your program when you have a release.

    Unrelated question: Does the program use WFP when I install the service or does it always "just" use the windows firewall? I mean, I thought it is like Simplewall which configures WFP, aside from windows firewall. (So it is irrelevant what rules are set in windows firewall, only Simplewalls rule are enforced)
    There's the concern that any program can edit the rules in the windows firewall, making it a wall with holes.
     
    Last edited: Dec 30, 2018
  19. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    21/ i have disabled the column auto size for ports and ip adresses for the next build


    So kaspersky is triggered already by reading the current configuration not by you changing something?

    EDIT: I have installed kaspersky free in a VM with win 10 and it is not complaining

    Priv10 is currently only using the windows firewall, about the rules being editable by anyone there is a fix for that, you set the reg key with the rules to be only editable by system and run Priv10 as service. I'll add an option to do and undo that with one click in a later build. You could also have a dedicated user for that instead of system.

    As you said, Simplewall already uses WFP and its also opensource, so there is not much point in replicating that functionality as a .NET project, also there is no .NET wrapper for WFP one would need to follow this thread https://social.msdn.microsoft.com/F.../windows-filtering-platform-and-net?forum=wfp and implement an own one.
     
    Last edited: Dec 31, 2018
  20. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    I have investigated that a bit more, it seams most rule violations are connections to localhost 127.0.0.1
    it seams windows firewall always allows them no meter what, i will add an exception that when the rule violation has localhost as remote address it wont mark the program with the yellow black stripes, as there is nothing we could do about it anyways.

    Now of cause one may say that when we have a local proxy running a program may detect and exploit that to bypass the firewall, well if one has such a program running one is already in troubles. The point of priv10 is to fight tracking, profiling and privacy violations of otherwise legitimate software, such software will not scan localhost for proxies, I think.
     
  21. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    630
    Location:
    Germany
    Yes, right after installation. With:
    Kaspersky Free 19.0.0.1088(d)
    Security Level Maximum (Options, lower left corner - then lower right corner in the new menu)
    It's detected as Adware so "Detect other software that can be used by criminals to damage your computer and personal data" is irrelevant.
    Oh, interesting. I didn't know about that, thank you :)
    Use and call his code then. :p xD
     
  22. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    Help the developer, send the file for scanning through the Kaspersky interface or by e-mail, and it will be excluded from the anti-virus database. Let him have more time to fix bugs in the PWT.
    1.png
    And since the program is safe and it does not require confirmation.
     
  23. yeL

    yeL Registered Member

    Joined:
    Aug 10, 2015
    Posts:
    280
    I've used this program and while trying it out i clicked on "Disable searchUI.exe"

    Untitled.png

    I turned it back off afterwards but now the search still doesn't work. I can't find any Cortana package in "C:\Program Files\WindowsApps" so i assume this was deleted by the program.

    Is there any way i can make the search functional again?
     
  24. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    The program does not delete files, it only assigns the file owner to the administrator's group, and then sets a special "deny" permission for the files execution.
    It should be able to undo it, although there was an other bug report about the same on github so apparently this part fails, I will fix that for the next release.
    Although may be you just need to reboot after undoing the tweak, haven't tested that yet never used windows search.

    You can manually open the file permissions of the file shown in the tweak (if you don't see it you need to check two options in the folder settings of windows explorer to show hidden and protected system files) and remove the special permission manually.
     
  25. yeL

    yeL Registered Member

    Joined:
    Aug 10, 2015
    Posts:
    280
    I'm pretty sure that it deleted the Cortana package from "C:\Program Files\WindowsApps". The search was working fine and after the use of the program i can no longer use it nor register Cortana again, through Powershell. The "Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" is gone.

    I can't change its permissions either because there's no such directory. I've used every single version you released (from a to e) but can't really remember on which one i turned that option to On.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.