Collaborate with similar projects on GitHub?

[AdamJohanssen]

Hi Nathan,

Thanks a lot for these scripts. These came in handy when setting up a new machine with Windows 10.

As I was looking for this, I came across a bunch of projects on GitHub that are all trying to do similar things. I am wondering if there is any benefit to combining all these disparate projects under one roof. I know as an end user, it would be massively helpful for me. It would also help with documentation, perhaps allowing users to pick and choose what settings to apply. And perhaps a GUI tool that can leverage these scripts and make it even easier to end users to use/apply these changes (I think @piqus is working on this).

I am opening this issue with the intent of starting a discussion around that subject. I am not a developer myself but I am hoping there is some interest in this.

//cc

@W4RH4WK @WindowsLies @dfkt @10se1ucgo @Nummer @lordfiSh @hahndorf @Ugion @CHEF-KOCH @equk @Pwnadog @AeroXbird @windowslies2 @pragmatrix @ClubObsidian @link07 @brad-x @SeregaSPb @bmiller08 @circuitStatic @jaapbrasser @Battleroid @virtualmarc @sehams @MichiMunich @Haraguroicha @DiamondValve @ldepandis @Th3Shadowbroker @plitc @IMMORTAL-DEATH @tomchappelow @wallentx @Raptors06 @feskyde

[ghost]

Great work!

[Haraguroicha]

WOW @sehams idea great! @10se1ucgo Add a default filter with platform field to disable the item and a full text search bar will be better?

[plitc]

Who the heck is the target audience? thought it was all about Windows 10? now it would be a cross-plattform "panacea" (Swiss army knife) gui ?

1. then only supports Mac OS (Yosemite+) and Windows (10+), older or Linux/BSD is not worth
2. so makes a simple drop-down menu, with "enable" / "disable" switch and info text to describe, it's only interested in the system components from the operating system, otherwise (similar to: https://github.com/lordfiSh/win10privacyfix2)

[nathan-alden-sr]

@plitc I'm not sure anymore, to be honest. The scripts I created are, by themselves, easily extensible. Suddenly, several folks were interested in creating GUIs that went well beyond the scope of what I set out to do. Obviously, people are free to do what they want, but the most immediate value can probably be delivered by simply submitting pull requests with additional scripts that improve privacy in Windows 10.

[plitc]

@nathan-alden i do not care whether script or gui but what exactly is the meaning: "Windows (more) Privacy"?

1. functions to disable is the one thing (this "privacy" tunings are limited)
2. rather takes the "tool", for example, a rule set to "windows firewall rules set", so it does not phoned home this means an accurate analysis of windows where traffic is sent, then rules with DNS blacklists via /etc/hosts (to enforce localhost resolving for this external domains) and firewall rules to block the transfer

it would irritate me, 24 hours to tcpdump a windows machine and create a firewall rule set to reject all "Microsoft" services

At the end you will realize that you really don't want Windows :> but that's another topic :D

[ghost]

@nathan-alden @plitc As already mentioned before the x-platform thing isn't something we have to work on, since everything is cross-platform ootb. In contrary we would have to invest a lot of time and effort to make it NOT cross compatible. Furthermore we should not think about the usability of such a tool for people like us. We do not really need such a tool, as we are all capable of writing our own scripts and since we are programmers, we are also very much affiliated with PCs in general. But what about those that are not? They are our targets, and I think they would be glad to have such a tool, or let's say suite. I also think getting beyond the scope of our own view is the first damn thing we all have to do, since this is not a tool aimed at programmers. It's for the unaware and system administrators, that have to execute the same scripts multiple times, on multiple machines or try to create a particular feature that has to run on multiple platforms. An admin for example could create several (or one single) Add VPN-Script, capable of setting up VPN for the business network regardless of the OS the employee is using. And also (at least spoken for me) even when I'm capable of doing a task myself why shouldn't I open up a clean and slick program to do the tasks I need, or to save me some time since someone else already wrote a script capable of doing what I need? Why shouldn't I profit from the work of others? Even though I can do it myself I don't have to reinvent the wheel ;)

@10se1ucgo This is a really neat mockup! Love it! Simple, minimalistic and clean. I think we're heading in the right direction considering the layout.

[plitc]

@sehams: that's exactly the point, PowerShell can cover all these things

1. PowerShell + .NET Framwork are included with Windows 10
2. you can read in a predefined configuration file (for "minimal" provisioning)
3. only declared for ordinary users "how to run this unsigned script" (these are just 3 steps)
4. win sys admins can sign it and execute it automatically, because:
5. mass deployment with active directory group policy
6. need fancy PowerShell GUI? : http://blogs.technet.com/b/heyscriptingguy/archive/2014/08/01/i-39-ve-got-a-powershell-secret-adding-a-gui-to-scripts.aspx

executable .exe actually nobody wants :>

[plitc]

We call the project, for example, "privacy protection - plugin framework"

1. on Windows: PowerShell makes the changes, but reads the values from downloadable script sources
2. on Mac OS: Apple Script with UI Scripting
3. on Linux?: well ... not really matter ... perhaps something interesting for Ubuntu Users

[piotrkubisa]

@plitc I mentioned that I do not only want focus on privacy things, because it is wisely done at OSX right now - https://github.com/univ-of-utah-marriott-library-apple/privacy_services_manager So it would be just waste of time to recreate it. Same the thing is with @10se1ucgo application. Doing it in powershell and python in the same time is nice but do you think this is required to do?

The point in this issue is leverage and combine all scripts in one and/or add a platform which could download it easily and handle them (I/O via UI - CLI/GUI). And uh, we are starting to recede from whole idea.

PS. I have unpublished a concept of c# app which downloades the @nathan-alden poweshell scripts and provides a interactive UI in CLI i.e. when we have hosts file shows a list with fake-cli-checkboxes which can be checked/unchecked by pressing a space, and then it proceeds to execute the script to add them into system32/../etc/hosts. I will share it soon(TM) for you to show what I really mean...

PS.2. Linux is the last platform I really care, but it would be nice to have a GUI provisioner tool.

[ghost]

Well we should first agree (at least a little) on the programming language, functionality and design. Then we should create a CLI capable of importing, uploading and downloading scripts from a repo, as well as running them. If this is achieved we can look for a solution to build a nice GUI upon this CLI. I would then firstly concentrate on Windows itself and if development progresses fine, we can think about a GUI for OSX/Linux. But until then we have to make sure that the basic CLI is working on all systems. I think we all know that our main focus should lie on Windows, but beeing cross-compatible is a neat feature..

[plitc]

@piqus so should (10se1ucgo) "TheScriptRunner" only be a simple download tool (manager)? Who guarantees the authenticity / (reliability) of the downloaded scripts? "TheScriptRunner" fetch always only from github sources? strictly over https? with certificate pinning? HSTS / HPKP? over trusted infrastructure like DANE / DNS-sec?

[ghost]

@plitc It should indeed only be a management platform. Nevertheless you argument is indispensable. Guaranteeing the authenticity/reliability will be one of the hardest part. Some quick approaches that came to my mind: 1) Only verify the standard scripts that come with TheScriptRunner and leave the rest up to the community 2) Enabling the community itself to verify scripts 3) Don't verify scripts in any way (will result in HUGE lack of quality)

I'm suggesting a combination of 1 and 2, though we still have to settle on a technology to manage the repo.

[plitc]

@sehams then lit me not the added value of such a tool, what I do not get already on github:

viz: use https://desktop.github.com/ (https://windows.github.com/) and pick up the repos (tools) from the recommended lists "blablabla" ... and execute the scripts

for that you do not develop a new tool but:

1. create a new repo
2. create the README.MD
3. paste in Markdown the repo links :dancer:

seriously, i think what is AdamJohanssen intention:

a tool like: https://github.com/lordfiSh/win10privacyfix2

1. but it has a modular design (can switch the function template)
2. and can evaluate with other values, to cover other functions
3. the "functional modules" should no be scripts in different languages
4. the (functional) "template" updates are then handled via github pull requests

[plitc]

... i mean the tool is supposed to be only little click and change windows registry values, or? ...

[ghost]

The whole point of this project is to make the functions based upon scripts. If we implement them directly like win10privacyfix2 we are going to built just another tool nobody needs, or at least not our target group. A tool like this focuses solely on home-users that just want to click and see a result without the need of understanding what is going on in the background. The whole point of the scripts is that the way it operates is completely open to everyone and can be modified for your own needs. I can guarantee you, no system administrator ever will use a tool like win10privacyfix2 where they have not even a clue about what the program is doing in the background or if it will afect other setting on the system.

[plitc]

@sehams

quote: "home-users that just want to click and see a result without the need of understanding what is going on in the background" -> this is precisely the reason why people go gaga

quote: "no system administrator ever will use a tool where they have not even a clue about" -> there is enough of it, namely all, those who do not program yourself or unterstands the code, they have not even a clue about what the program is doing in the background and try trouble solution based on: "windows error code googeling?" and who have the ambition? fail eventually to the point where they no longer come next the vexing problem of "closed software"

[ghost]

@sehams @plitc I can see both sides of this argument, and I understand everybody's passion to create the best product.

So why not do both? It would not be a difficult task to have a simple, minimal GUI for end users (that has a small maintained set of scripts for privacy etc, hosted on Git), with an 'advanced' button for sysadmins that want to see and play with the scripts, or even import their own locally.

[10se1ucgo]

This is one great point of opensource. You don't need to worry about anything it's doing in the background, and you can easily analyze the code and build it for yourself if you're still skeptical. My Python script is easily readable, and is not split into multiple files unlike C# and whatnot.

Though, I do believe a refactoring is in order.

[HarshaThota]

I think this issue needs to be broken up into two separate issues. The GUI related discussion is orthogonal to the discussion about the scripts themselves.

I think the first step is to come up with a set of authoritative scripts for tweaking Windows settings and making sure that they are well tested and documented (including what changes are applied by running the script, the rationale behind the change, directions on how to roll back, etc.).

The GUI development can happen independent of this and when it's time, there can be PR to update the scripts so that they match whatever format the GUI tool is expecting (if it's even necessary).

[piotrkubisa]

@HarshaThota I totally agree. Would you mind, take care of it? I would be greateful :+1:

[ghost]

@CHEF-KOCH So Well you see, in a OpenSource project 90% of the time is about discussing. Basically you with your last message did ignore everything we mentioned before. Basically all you did is link to someones program and tell us "don't blah, code". First of all this does not just sound agressive, it is. Secondly what dou you expect? Spread our butt-cheecks and wait for the source-code to drop within three days from starting the initial discussion? It's not that easy. If it was everyone part of this discussion would have already written his own program - including you - but all I see is you beeing here for blah blah. Talking is the first step and even one of the most important because a change to the programs philosophy mid-programming is something you definetely don't want. Also how do you want to coordinate different tasks amongst different people in defferent languages, timezones and with different skills without talking? If you know, please enlighten me. I'm sure all of the OpenSource community would bow down to praise you for your solution. Also if you would have read our useless conversation you would have known, that DWS is more or less EXACTLY what we DON'T want.

[ghost]

@CHEF-KOCH We could, though I doubt there is enough code to reuse that it is worthwhile to invest the time needed to undestand and modify others code. Although we already have a base we can build upon, namely windows-tweak-tool and plugger. They are already designed in the way we plan to, it's built upon node (which I think we are most likely going to use) and we have the full cooperation of the admin of wtt and plugger.

But you're definetly right in one thing. Though we can surely keep up this thread to collect new ideas we should firstly seperate into at least two teams. Team one needs to make a repository with some tested/secure scripts and team two needs to write a small CLI capable of downloading, uploading and running a script. After achieving this we should again talk about the GUI. Do we completely leave it up to others to create a gui? Or maybe shipping two GUIs? A real lightweight one based on wxPython and a fancy one for the others?

[10se1ucgo]

Whats wrong with using Python over C++? It's not like speed is an issue, because the real bottleneck is the rate at which PowerShell runs commands. I've tried porting DWT (my program) to C++ but the speed increase was nonexistent. Lastly, if you care so much about emails, simply unsubscribe.

By the way, "we" comes from the issue created in the repository, we all agreed to something. If you have a problem, write one yourself.

[ghost]

Good luck anyway.

This sounds like you are not even interesting in creating this programm with us. Since you already know everything about coordination, the programming language, and the tool itself why don't you just do your thing and we do ours? So why even bother? Nobody likes a smartass. Let us plan and do our thing and enjoy your mailless time.

That's exactly what I've said with my first post, release it and come back to balk about it.

What kind of madness is this?!? Nobody talks to the architect after the building is built.

[10se1ucgo]

@CHEF-KOCH That's a load of crap, I don't know where you got that information, but Python doesn't need jack shit to run on other platforms. You're just spewing stuff out of your mouth to seem smart. You don't need to contribute

I believe that we should stop discussing in this issue, and start discussing this in our own issue in the repo.

[nathan-alden-sr]

I'm closing this thread because the trolling is getting out of hand. If people want to create a fancy GUI that runs PowerShell scripts or does whatever in whatever language they want, then go ahead. Issues related to that work should be created in those repositories and not in mine.

[10se1ucgo]

@CHEF-KOCH Yeah because C++ on Android doesn't need a toolkit (NDK) as well. Nice job mate, screw off.

@nathan-alden You should probably lock the issue.

[10se1ucgo]

@CHEF-KOCH Here.

import sys
import urllib2

import wx
from wx.lib.wordwrap import wordwrap

class Frame(wx.Frame):
    def __init__(self, parent, title):
        super(Frame, self).__init__(parent, title=title, size=[400, 123],
                                    style=wx.DEFAULT_FRAME_STYLE ^ wx.RESIZE_BORDER ^ wx.MAXIMIZE_BOX)

        wxpanel = wx.Panel(self)

        menuBar = wx.MenuBar()
        fileMenu = wx.Menu()
        aboutMenuItem = fileMenu.Append(wx.NewId(), "About", "About the application")
        menuBar.Append(fileMenu, "&Info")
        self.SetMenuBar(menuBar)
        self.Bind(wx.EVT_MENU, self.about, aboutMenuItem)

        downloadbutton = wx.Button(wxpanel, label="DOWNLOAD", pos=(0, 0), size=[394, 75])
        downloadbutton.Bind(wx.EVT_BUTTON, self.onpress)

        self.Centre()
        self.Show()

    def about(self, event):
        licensetext = "Copyright 2015 10se1ucgo\r\n\r\nLicensed under the Apache License, Version 2.0" \
                      " (the \"License\");\r\nyou may not use this file except in compliance with the License" \
                      ".\r\nYou may obtain a copy of the License at\r\n\r\n" \
                      "    http://www.apache.org/licenses/LICENSE-2.0\r\n\r\nUnless required by applicable law or" \
                      " agreed to in writing, software\r\ndistributed under the License is distributed on an" \
                      " \"AS IS\" BASIS,\r\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied." \
                      "\r\nSee the License for the specific language governing permissions and\r\nlimitations under " \
                      "the License."

        aboutpg = wx.AboutDialogInfo()
        aboutpg.Name = "Script Runner test for the one and only CHEF"
        aboutpg.Version = "v1.0"
        aboutpg.Copyright = "(c) 2015 10se1ucgo"
        aboutpg.Description = "ello mate"
        aboutpg.WebSite = ("https://github.com/10se1ucgo", "My GitHub page")
        aboutpg.License = wordwrap(licensetext, 500, wx.ClientDC(self))
        wx.AboutBox(aboutpg)

    def onpress(self, event):
        downloadscript()
        sys.exit()

def downloadscript():
    # Obviously this isn't the way to do it
    dlurl = "https://www.dropbox.com/s/so1du5zy51lbh9k/a_script.txt?dl=1"
    dl = urllib2.urlopen(dlurl)
    data = dl.read()
    dl.close()

    with open("a_script.txt", "wb") as f:
        f.write(data)

if __name__ == '__main__':
    wxwindow = wx.App(False)
    Frame(None, title='Script Runner Test')  # Create Window
    wxwindow.MainLoop()

Obviously just a test, not very functional. But this is fundamentally all we need.

[ghost]

I will come back and read through more in the future. So happy to see this concept blowing up on here. I hope to help contribute, but my time has been limited recently. Thanks for including me :-)

[ghost]

Sorry for coming late to the party but i am very inexperienced and just did this to better my knowledge of C# and will be unable to help.

[Battleroid]

Mine was just a list of IP addresses for my router, which has been superseded by iblocklist's tracking list. Given that, I'm not really that interested in working on anything related to it. I wouldn't be of much help anyway.