Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG]: standard version of script did sg cos i can't open/use Free Tube anymore #183

Closed
Nufi0 opened this issue Dec 2, 2022 · 2 comments
Closed

[BUG]: standard version of script did sg cos i can't open/use Free Tube anymore #183

Nufi0 opened this issue Dec 2, 2022 · 2 comments
Labels
bug Something isn't working

Comments

@Nufi0
Copy link

Nufi0 commented Dec 2, 2022

standard version of script did sg cos i can't open/use Free Tube anymore

what settings shuld i revert exactly? cos logicaly not everythings needs to be reverted in the script for me
@Nufi0 Nufi0 added the bug Something isn't working label Dec 2, 2022
@MiRw3b
Copy link

MiRw3b commented Dec 12, 2022

try reverting the changes made on cryptography and revert the "disable SMBV1 protocol", potentially a fix

undergroundwires added a commit that referenced this issue Apr 5, 2024
@undergroundwires
win: improve and document secret key scripts
49f22f0 
- Consolidate secret key improvement scripts into a single category.
- Simplify script names to improve user understanding.
- Expand and refine documentation, adding cautionary notes for clarity
  and helping users make informed decisions (addresses issues #57, #131,
  #175, #183).
- Adjust recommendation levels for scripts to 'Standard' to reflect
  their adoption in modern Windows and align with security standards:
  - Set Diffie-Hellman key exchange minimum to 2048 bits, matching
    modern Windows defaults
  - Align RSA key size with Microsoft's upcoming deprecation of 1024-bit
    keys.
- Improve the revert process by suppressing false error messages using
  `2>nul` in `reg delete` commands.
- Introduce a unified approach to adjust key sizes in key exchange
  algorithms with `RequireMinimumKeySize` function.
- Modify the Diffie-Hellman key exchange to a 2048-bit minimum instead
  of 4096 bits to balance security with broader software compatibility.
  This attempts to reduce side-effects on third-party software as
  reported in #57, #131, #183).
- Replace hexadecimal values with decimal equivalents in registry edits
  to facilitate better maintainability and readability.
undergroundwires added a commit that referenced this issue Apr 17, 2024
@undergroundwires
win: organize and document network disablement
2eed6f4 
Reorganize and document scripts for disabling network features,
enhancing their discoverability and manageability. This commit
categorizes scripts related to disabling insecure network connections,
improves documentation, and makes these scripts more accessible.

- Group scripts under `Disable insecure connections` category.
- Move SMBv1 and NetBios disablement scripts to this new category.
- Improve documentation, highlighting the security improvements
  and potential compatibility issues with older systems.

Addresses issues #57, #115, #183, #175, and #185 by simplifying the
process of troubleshooting and reversing changes if necessary.
undergroundwires added a commit that referenced this issue Apr 21, 2024
@undergroundwires
win: doc, improve, encourage cipher disabling
8b224ee 
- Introduce 'Disable insecure ciphers' category to organize and group
  cipher disabling scripts.
- Expand documentation, adding cautionary notes to help users make
  informed decisions, addressing issues #57, #131, #175, and #183.
- Implement `DisableCipherAlgorithm` function to standardize the
  approach to disabling cipher algorithms, enhancing maintainability
  and promoting code reuse.
- Replace hexadecimal numbers with decimals in scripts to improve
  readability.
- Add comments to generated code for better understandability.
- Update revert codes to avoid incorrect error messages when
  operations are successful, using `2>nul` in `reg delete` commands.
- Rename scripts for consistency, incorporating 'insecure' in titles.
- Adjust recommendations to disable all insecure ciphers in 'Strict'
  mode due to security risks, and recommend disabling `NULL` in
  'Standard' mode as it removes encryption.
- Remove disabling of `DES 56`, correcting a redundancy as this cipher
  configuration does not exist.
undergroundwires added a commit that referenced this issue Apr 27, 2024
@undergroundwires
win: improve disabling insecure hashes #131
d19dde6 
This commit addresses reports in issue #131 about third-party cloud
services like MEGA and Dropbox being affected by hash disabling. It
updates the documentation to guide users on the potential impact,
adjusts the recommendation levels along with other minor improvements.

- Recommend hash disabling scripts in 'Strict'.
- Expand and refine documentation, adding warnings to inform user
  decisions (addressing issues #57, #131, #175, #183).
- Add a new shared function to standardize hash disabling, increasing
  code maintainability.
- Change from hexadecimal to decimal in scripts for clarity.
- Improve code comments for better understanding.
- Add comments in generated to code to make it easier to follow.
- Fix revert codes showing errors by using `2>nul` in `reg delete`
  commands.
- Rename scripts for consistent naming conventions.

Supporting changes in other SSL/TLS handshake scripts:

- Update documentation for consistency.
- Rename shared functions for consistency and clarity.
- Improve generated code comments for clarity.
undergroundwires added a commit that referenced this issue May 1, 2024
@undergroundwires
win: improve disabling protocols
4ef16ce 
This commit groups scripts related to disabling protocols under same
category, streamlining the process for disabling protocols like NetBios,
SMBv1, and various TLS/SSL versions. It improves the documentation and
scripts of the related scripts.

Key changes:

- Introduce new category for disabling insecure protocols and move
  related scripts under it.
- Remove .NET configuration from TLS 1.0 disabling to prevent unwanted
  side effects on .NET applications, maintaining system integrity.
- Remove the script disabling DTLS 1.1 as this protocol does not exist.
- Recommend previously not recommended scripts:
  - SSL 2.0 in 'Standard' because it's already removed from Windows.
  - SSL 3.0 in 'Standard' because it's already disabled by default.
  - TLS 1.0 in 'Strict' as it's deprecated on Windows.
  - TLS 1.1 in 'Strict' as it's deprecated on Windows.
- Rename and reorder scripts for consistency and enhanced readability.
- Fix revert codes to accurately reflect successful operations, by
  adding `2>nul` on `reg delete` commands.
- Expand documentation to include detailed precautions and references,
  aiding users in understanding the implications of their actions
  (addressing user feedback from #57, #131, #183, #185).

Other supporting changes:

- Convert hexadecimal values to decimal to enhance script readability.
- Refactor scripts to utilize shared functions, improving maintainability.
- Add detailed comments within the scripts to aid in comprehension.
- Minor updates to other crypto scripts for consistency.
- Reorganize protocol listing by age for a logical script flow.
- Standardize comments across various TLS configuration scripts for
  clarity.
- Fix enabling DTLS 1.3 being categorized as disabling insecure
  connection.
@undergroundwires
Copy link
Owner

I've reworked network-related scripts completely in 0.13.3, it should solve this issue along with others.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@undergroundwires @MiRw3b @Nufi0 and others