Replies: 1 comment 5 replies
-
|
They're good suggestions, i'll let you know as i make progress through the list. I'm planning on building the WDACConfig as a WinUI3 project, Harden Windows Security uses custom uncompiled WPF, they're different and i don't see them being merged anytime soon. About progress. you can see when the operations finish or work is being done:
Aren't they enough indications? P.S i added checkboxes as tasks to your post to track their completion states. |
Beta Was this translation helpful? Give feedback.
-
|
I took care of some of the items that were easier to fix in version 0.5.7 I'll work on the rest in the next updates. Feel free to just add more items with checkboxes to the list. |
Beta Was this translation helpful? Give feedback.
-
|
added a bug and steps to reproduce that bug and video for reference on point 14. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks, yes i knew about that, was a bit more complex to solve but i'll try again. |
Beta Was this translation helpful? Give feedback.
-
|
The next batch is ready with more of your suggestions implemented: btw i checked the box for #3, all of the columns are selectable for resize, relocation and sorting. The compliant column is the exception because it can't be sorted from the column header but i implemented 2 separate toggle buttons just for that, and adding icons to the DataGrid header isn't a common thing. |
Beta Was this translation helpful? Give feedback.
-
|
About # 15, there are definitely ways to detect it, through registry changes for example. You can use the unattended mode of the Harden Windows Security to setup a scheduled task that will apply the mitigations based on the timeframe you choose, or based on when those registry keys are changed. A more recurring method would be to apply the mitigations through Group Policy using the XML file, that should reapply the exploit protections regularly or on startup. I don't use that method because the user would need to define a path on the computer where the XML file will have to stay and don't remove it. |
Beta Was this translation helpful? Give feedback.
-
While the GUI works functionally, I think the UX can be improved. Here are some of my observations and suggestions:
1. The scroll behaviour, I don't think the GUI currently follows windows's scroll behaviour on how many lines are scrolled when using the trackpad. The list on both the Protect tab and the Confirm & Verify tab (once it has been populated) scrolls way too fast and makes precision scrolling difficult. Maybe there is multiplier somewhere in there that is multiplying the number of lines to scroll for a relative trackpad finger movement.
2. Once the Confirm tab list is populated, the column headers are indistinguishable from the list item text. I think this can use some work to make it stand out.
3. Building on point 2, they can also use some kind of icon beside their column names to make it clearer if they have any sorting applied (maybe something similar to explorer?).
4. The hover highlight does not seem to do anything or have any use at the moment except moving the window for some reason (click on a list item to highlight it, then click and drag to move the entire window). I think it can be removed.
5. Building on point 5, when highlighting, the text on the category column changes to white and is very difficult to read.
6. The compliant icon (when compliant is true) looks like 10 o'clock. It confused me initially until I saw the cross icon (when compliant is false). A slight rotation on that icon would fix it. 😛 Also, it does not allow sorting when clicking it, but other columns do.
7. The text showing the number of compliant and non-compliant items can be changed to a button to further apply a filter. Click on either one to only show that list of items and click again on either to clear the filter.
8. The logs. I think the compliance checking logs should be displayed on the Confirm page itself as it is confusing for newcomers since they won't know to click on the play button and then navigate to Protect page to see what it is doing. Maybe use the loading indicator text on the Confirm tab to dynamically change that text to display the progress of the script.
9. This is a general tip, just add a text on the logs to let users know when the script has completed its operation. Currently in the GUI, there is no way to know when the script has actually completed or still working (when a long operation is going on). I was confused once as well when I was applying the IP block rules and the script had completed but I kept waiting since it did not make it clear if it is done or not.
10. For logs, may be add another panel dedicated to logs that dynamically shows the logs for the tab selected. That way, the logs wont have to be rendered at two different places.
11. Bringing me to my final point, when a tab is running operation, disable interactivity until the operation is complete. Because, let's say I am running compliance check and decide to run the Protect script at the same time (since right now I have to move to that tab anyway to see the logs), the compliance check would give incorrect results or maybe even encounter an error. Same for Protect script.
12. Okay final final point, the WDAC will be getting a GUI too, why not build a single tabbed GUI for all these modules (maybe called using
Secure-WindowsorSecure-Windows -GUI(name is subjective...)) and build out all the functionality right there. WDAC is advanced so that can be tucked under an Advanced tab or just WDAConfig (Advanced) as tab name...?13. FINAL FINAL FINAL, point 12 can also be extended for advanced users who may also like to configure DNS using WinSecureDNSModule, adding that as another tab, OR, the module dynamically listing that tab if it detects that WinSecureDNS module is also installed on the system (or atleast prompting the user if they want to add it/show it) (since we are calling it Secure-Windows! 😛😁)
14. The status text on Confirm tab will get stuck on showing
Loading.... To reproduce: Start the analysis on confirm tab, navigate to the Protect tab, see the logs, maybe interact with the options below (you don't need to actually run anything) and occasionally keep checking the confirm tab while the analysis is still running. Make sure you are on the Protect tab when it completes its analysis and the list gets populated. Now go to the Confirm tab, you'll see that the status keeps showingLoading....15. In the defender category, Process mitigation is applied to many executables. This includes office executables and adobe.exe as well. I have noticed that when these apps are updated through official respective methods, the process mitigation applied to them (ForceRelocateImages in their case) is removed. This may be just the nature of how things are configured and how updates change the values, but is there a way to automatically detect any of this (if the update has removed the process mitigation) and reapply them on its own? For reference, I am running M365 apps in beta channel and adobe acrobat is running on production release.
Video for reference:
Recording.2024-08-27.232741.mp4
This is ofcourse a non-exhaustible list and a lot can be done for the entire module. What do you think of these? I am eager to hear your thoughts.
Beta Was this translation helpful? Give feedback.
All reactions