[OLD] Aero Glass for Win8.1+

[aphelion]

That some folks view the input as an attack on Aero Glass for Win 8.1 or trolling seems a mystery to me. There's nothing wrong with questioning how things work.

I already explained why I think this and it's especially the form of presenting it here. Sure, there is nothing wrong with questioning but it is wrong to state how Aero Glass behaves bad although it does not behaves in that way at all. And... as in the past, doesn't it look bad when user installs debug version and then he complains that it displays debug messages? It does to me and it is same in this situation, user installs the software into the user folder and then complains that it gets "on disk zero protection not even admin" and he can simply replace DLL with one batch file, because the file is protected in the same way as any file on the desktop.

Am I misunderstanding that you just said most apps are installed in user space, without UAC prompts?

Edit: Forgot where I am. Why ask questions. Let me answer that Not about what he said, because that only he can answer but about apps installing user space (where your temp files live so you can delete them, same exact permissions level).

There are only 2 common apps that install in user space, Chrome and Dropbox. Everything else goes in ProgramF Files. And what triggers that prompt? It's the integrit ylevle of the program files with the write-up property set tot to true, wjhich enforces it upwards the tree. It can only be st on the command line. But it is not that hard, it just needs to be shpwmonce and done. Just the old legacy system can only do the all-or-nothing and has only the opposite direction for inheritance chaining available

Edit: typos. and I type fine. Looks like something is throttling input (NOT GLASS like i'm about to get accused of). brb

Edited May 2, 2014 by aphelion

[axelrock]

Hello.

First-off i'd like to thank the developers of glass8 for providing such a necessary and demanded patch to win8.

Secondly, i'm at the start of my software developing trip, so i'm pretty noob but i have notions.

Now, to the matters at hand.

I've just started using aero glass a few days ago. All was fine. Excellent actually. Then, microsoft hit me with an update, a series of events happened and i ended up with those updates installed (against my will).

Having installed those updates rendered my installation of win8 basically useless.

DWM or DWMGlass.dll was unable to load; was the error that kept showing up, giving me the option the try and download the symbols, or Cancel.

None worked and the error kept showing, shutting down the screen and turning it back on in flashes and logging me out, back to logon screen every 20-30 seconds.

There was nothing i could do from within windows, booting into safe mode the old way didn't work (from bios).

I managed to click shift-restart from within windows and enter safe mode from there, after huge pain.

Reinstalled glass aero, as soon the installer finished, same error, same story. I had to enter safe mode, uninstall.

During safe mode, i installed glass aero, this time windows worked, but no glass aero.

Reinstalled it from windows again, got the errors, entered safe mode, and applied the spring 2014 debug version (DwmGlass.dll) and things work now.

However, my question is.. how can i close the debug window without killing the process? (it restarts by itself afterwards and the debug windows remains).

And my 2nd Q is if anyone else encountered this after the last update (a couple days ago).

Also to mention is that i'd like to keep the last windows update.

Edited May 2, 2014 by axelrock

[bigmuscle]

Am I misunderstanding that you just said most apps are installed in user space, without UAC prompts?

Nope, it was you who was complaining that Aero Glass is left unprotected in the user folder. So I just stated if user installs the software in the user folder then he should not complain that it is accessible without admin rights there.

However, my question is.. how can i close the debug window without killing the process? (it restarts by itself afterwards and the debug windows remains).

You cannot, it is debug version intended for testing only as already stated. Release version will be available in several days.

And my 2nd Q is if anyone else encountered this after the last update (a couple days ago).

No, nobody did... or why do you think there is several pages where this has already been discussed?

[aphelion]

However, my question is.. how can i close the debug window without killing the process? (it restarts by itself afterwards and the debug windows remains).

You cannot, it is debug version intended for testing only as already stated. Release version will be available in several days.

Aexl - you can donate

or BM can stop lying

but the seocnd is unlikely. You certainly can close it without killing the process and without violating the eula.

And BM, I am saying that now bec I am so sick of this nonsense . Debate all the finer points of MessageBox vs MessageW until you are called out about it. then come out and straight up LIE, thats not cool. And dont bother trying to discredit, that has not worked. Just ignore the posts where you would normally lie

Also, sorry to the non-donators: i do predict that this is iagainst the eula as of the next version

Edited May 2, 2014 by aphelion

[aphelion]

Am I misunderstanding that you just said most apps are installed in user space, without UAC prompts?

Nope, it was you who was complaining that Aero Glass is left unprotected in the user folder. So I just stated if user installs the software in the user folder then he should not complain that it is accessible without admin rights there.

I think you are taking user folder to mean C:\Users\User\. Tkat's not what i am referring to. I am talking about a folder under LUA security context. That includes C:\AeroGlass under the way it is currently implemented in the setup, and it does not have to be that way.

To get it to work properly in Program Files you can use integrity levels.

The user gets a UAC prompt when you make the C:\Program FIles\AeroGlass folder. Thats a good thing. It means that folder is now protected. But harder to acceess.

To acess you need to get tell the installer to write the equivalent of the following permissions to the DLL:

AeroGlass.DLL NT SERVICE\TrustedInstaller:(I)(F)

NT SERVICE\TrustedInstaller:(I)(CI)(IO)(F)

NT AUTHORITY\SYSTEM:(I)(F)

NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F)

BUILTIN\Administrators:(I)(F)

BUILTIN\Administrators:(I)(OI)(CI)(IO)(F)

BUILTIN\Users:(I)(RX)

BUILTIN\Users:(I)(OI)(CI)(IO)(GR,GE)

CREATOR OWNER:(I)(OI)(CI)(IO)(F)

APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(I)(RX)

APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE)

Then the DLL will have no trouble loading. It's not a user problem when the dll cant load correclty, its an installer problem.. Or you could could use instead of "problem" the correct descriptor, "means of security enforcement"

II can try to look up the docs for whichever installer it is.. Or I can write a command line that does it. Here is an .ACL file, same thing as a command line but easier to transfer and apply

Edit: Out of disk space suddenly... I can paste the hex or this is the SDDL to apply by whichever means you choose. chml will take it as is, i dont believe icacls does without converting to acl file first/

AeroGlass.DLLD:AI(A;ID;FA;;;SY)(A;ID;FA;;;BA)(A;ID;0x1200a9;;;BU)(A;ID;0x1200a9;;;AC)S:AI

That is only specific to the object though, and it inherits from the container. So the folder gets:

AeroGlassD:AI(A;ID;FA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIOID;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;ID;FA;;;SY)(A;OICIIOID;GA;;;SY)(A;ID;FA;;;BA)(A;OICIIOID;GA;;;BA)(A;ID;0x1200a9;;;BU)(A;OICIIOID;GXGR;;;BU)(A;OICIIOID;GA;;;CO)(A;ID;0x1200a9;;;AC)(A;OICIIOID;GXGR;;;AC)S:AI

So I dont know if the forum wont mangle that, but ive been asking for space for 4 days I think? i will try to find a hsot that takes non-images

Edited May 2, 2014 by aphelion

[bigmuscle]

You don't have to post anything more, I'm ending the discussion with you because it is non-sense. I said everything it was required. Create your own application and go away.

[aphelion]

S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464

Thats TrustedInstaller. also known as windows mistakenly confusing overzelous obfuscation as security. but at least it doesnt make things less secure, just annoying to type

[aphelion]

Edit: did not delete, forum post did not update.

So all that work, like I said in the beginning, for nothing? Okay. Go screw everyone over then. It is your app, so I guess they consented

Edited May 2, 2014 by aphelion

[aphelion]

You don't have to post anything more, I'm ending the discussion with you because it is non-sense. I said everything it was required. Create your own application and go away.

Do you really think anyone would believe an answer like that held no ulterior motive?

Just 1 line to not post. Sure, that makes sense.

And to think I didn't even post so much as a command or a name of a binary even though the whole point of MSFN is where people come to know, is it not?

Itt was just the very true fact that you lied to a user and it's not cool. I said don't try to discredit, but please do explain it if I;'m somehow mistaken.

As for making my own app, what for? Aero? I don't need that, I already use an app for that,its yours. and I like it, which is why I not only donated multiple times but spent hundreds of times that amount of trying to get you to apply a security descriptor to your dll. And handing it to you ready made to copy and paste you tell me I am not allowed to post.

Fine, my work is thrown away, and it was all for nothing. There's is a few dozen hours wasted trying to get a good app to get good security, but worse things have happened. Like leaving security holes in a popular app, for example. If you don't want to use security, does that mean you won;t be using bcrypt anymore either? Or is your use of security features going to be limited only to protect the donation status?

Either way is perfectly fine with me, my system is patched and I can donate however many times is needed since I know that will keep the releases coming. I'll grab them from tor or a shell. It's just sad that I will have to keep patching mine as your interest in security lies only so far as donations, keys euros, whatever it is. Licenses now? I think? Why the name change? I don't care actually, no more than you care about your app apparently. Guess it's time to go full disclosure, which I trust you read the link to. This wasn't it. The PUP list is, and any app that runs a DLL unprotected in System security context qualifies. Congratulations.

Edited May 2, 2014 by aphelion

[ace2]

I AM NOT GOING TO USE DWMGlass.dll UNTIL IT IS MADE CLEAR WHAT aphelion IS TALKING ABOUT.

CAN MY PC BE HACKED / TAKEN OVER BY bigmuscle WITH DWMGlass.dll ?

[bigmuscle]

I AM NOT GOING TO USE DWMGlass.dll UNTIL IT IS MADE CLEAR WHAT aphelion IS TALKING ABOUT.

Nobody forces you to use it.

CAN MY PC BE HACKED / TAKEN OVER BY bigmuscle WITH DWMGlass.dll ?

No, it cannot. His reason is much more paranoid, he's afraid that some dark power can replace DWMGlass.dll with some malicious file and thus he's making the scenes. Yes, of course, this happen, but the probability is rather theoretical. That's why I already said if someone worries about it, he will probably install this software into some secure folder (or at least change the folder permissions on his own) and not the into user folder (and no, I didn't meant C:\Users as he stated but any folder with "Authenticed Users" write privilege). He completely ignored this and still continues with shouting how Aero Glass is unsecure and harmful to your computer - you can even notice the form of his posts, he's creating new and new and still around edit his existing posts. And if I respond to someone else (and not to him), he starts blaming me from lying etc. He just wants to attract attention. I have nothing more to say to this.

[aphelion]

Dude. You lied. That's why I said you lied. You still haven't denied it.

Of course you can't because it would be lying again

When I said perhaps ignore posts where you'd or ally lie, I guess it wasn't clear posts where you lie AND where you try to kind of day you didn't but do

That's 2

[Wolfshadow]

I AM NOT GOING TO USE DWMGlass.dll UNTIL IT IS MADE CLEAR WHAT aphelion IS TALKING ABOUT.

CAN MY PC BE HACKED / TAKEN OVER BY bigmuscle WITH DWMGlass.dll ?

aphelion is talking about the ability to use the file to run unrestricted, meaning it can be used for malicious purpose. DWM.exe uses the file to present your desktop. AeroGlass does not access anything outside of your machine which it would need to do if big muscle wanted to hack into your machine.

I have repaired more machines that I can remember that have had the Desktop Windows Manager held hostage by malware (ie: 'your machine is infected by blah, blah, blah'). The problem is not in the DWM but elsewhere. And this is on machines NOT running AeroGlass.

Let's face it, Windows is not completely secure. No OS is. It is just more popular to target. Microsoft would have to cause the UAC to ask for elevated privileges for everything to be totally secure. They were taken to task for that when it first appeared in Vista. And even then, it can be bypassed.

All who are running AeroGlass are doing so because they want a better desktop then Metro. Most, if not all, are also running UltraUx or UxStyle so they can run 3rd party themes. Many also have SiB to get the start menu back. Some are also running ONE to get rid of the ribbon. Any one of these programs could be convoluted by malicious intent.

aphelion is just pointing out that this can be done, not that it is being done.

[dhjohns]

I AM NOT GOING TO USE DWMGlass.dll UNTIL IT IS MADE CLEAR WHAT aphelion IS TALKING ABOUT.

Nobody forces you to use it.

CAN MY PC BE HACKED / TAKEN OVER BY bigmuscle WITH DWMGlass.dll ?

No, it cannot. His reason is much more paranoid, he's afraid that some dark power can replace DWMGlass.dll with some malicious file and thus he's making the scenes. Yes, of course, this happen, but the probability is rather theoretical. That's why I already said if someone worries about it, he will probably install this software into some secure folder (or at least change the folder permissions on his own) and not the into user folder (and no, I didn't meant C:\Users as he stated but any folder with "Authenticed Users" write privilege). He completely ignored this and still continues with shouting how Aero Glass is unsecure and harmful to your computer - you can even notice the form of his posts, he's creating new and new and still around edit his existing posts. And if I respond to someone else (and not to him), he starts blaming me from lying etc. He just wants to attract attention. I have nothing more to say to this.

All of this discussion is very bizarre to me. I have used bigmuscle's AeroGlass for a good while now, and have been extremely pleased with it. People that don't like it should just not use it, or create their own. I would gladly donate to bigmuscle except for the fact that my wife is on disability, and I am her caretaker, so money is extremely tight. I eagerly anticipate the next version that you are working on, bigmuscle, and will gladly install it!

[NoelC]

Since Windows (Microsoft) does not provide APIs to directly allow the augmentation of the desktop Aero implementation with additional effects (e.g. translucent glass), Big Muscle's software must resort to measures to install itself that resemble the tactics taken by some malware. THAT DOES NOT MEAN IT IS MALWARE. There is no evidence that Big Muscle has any intent of taking over anything, but just that he wants to provide a better user experience for all of us.

The important take-away that I see here is that if Aero Glass for Win 8 WERE to get wildly popular, there are measures that should probably be taken to ensure that it can resist some attempts by OTHER software/malware to take It over. Otherwise it could become a more or less "easy ride" for malware to get in. Lest you think the probability of that is low, consider: That people already have tried to hack it to remove the reminders says that there are people out there already looking at it with nefarious motives. It sucks but this is the world we live in.

-Noel

Edited May 2, 2014 by NoelC