-
-
Notifications
You must be signed in to change notification settings - Fork 187
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG]: All cloud services can't sync files #131
Comments
Reverted windows DRM internet access in registry, still doesn't work |
Hi @whinix , thanks for the report. If we can't reproduce this, we can't help you. I need more details. You can refer to issue template as a guide for what more information is needed. Good idea to provide steps from scratch including versions of software used and screenshots where we can verify functionality before running the script, and verify that it does not work after running script. |
What do you need in addition to the script file i posted ? Please be more specific, the code i attached has the script version at the top. My windows 10 is 21H1 19043.1566. One of the tweaks must interfere with the way file syncing works with cloud apps. Any ideas what could that be ? |
I have installed iCloud for Windows to check if Dropbox/Mega was a coincidence or a server side issue but it doesn't work either |
I have reverted all the following categories:
That fixed the issue. |
Happy that you solved it 🥳
Thank you for the report back. If you could apply them back and verify that the apps break would be nice contribution the community. Because this way we can for sure know that it's one of these scripts is root cause and isolate to problem to figure out which one is causing it. As I cannot reproduce your environment (or don't know how to), I cannot test it myself. If we find out what exactly is causing it we can remove that script from recommendation and document the behavior. But you don't need to do any of it 😀 This is a hobby thing for us which we improve if we feel like it. Let me know if you'd any other issue/feedback and have a nice week. |
Alright, so i re-applied Meltdown and Spectre Protection and restarted - no issues. Then i ticked all tweaks from "Increase Cryptography on ISS" except for disabling SHA1/MD5. The result is that MEGA Sync works but Dropbox doesn't. So it looks like cloud services are dependent on some of the disabled encryption and MEGA needs either SHA1/MD5 for file comparing/indexing file versions. Enabling all of that one by one and restarting each time is too time consuming for me, maybe i will do that one day but i've had enough for today. Good luck with your project. |
Thank you a lot for your insights. I thought they were server only configurations. A quick research show me that they're not. So even "IIS" naming here is wrong. They are not ISS only. They may be the issue with other bugs reported before as well. I will rename this category completely. |
- Consolidate secret key improvement scripts into a single category. - Simplify script names to improve user understanding. - Expand and refine documentation, adding cautionary notes for clarity and helping users make informed decisions (addresses issues #57, #131, #175, #183). - Adjust recommendation levels for scripts to 'Standard' to reflect their adoption in modern Windows and align with security standards: - Set Diffie-Hellman key exchange minimum to 2048 bits, matching modern Windows defaults - Align RSA key size with Microsoft's upcoming deprecation of 1024-bit keys. - Improve the revert process by suppressing false error messages using `2>nul` in `reg delete` commands. - Introduce a unified approach to adjust key sizes in key exchange algorithms with `RequireMinimumKeySize` function. - Modify the Diffie-Hellman key exchange to a 2048-bit minimum instead of 4096 bits to balance security with broader software compatibility. This attempts to reduce side-effects on third-party software as reported in #57, #131, #183). - Replace hexadecimal values with decimal equivalents in registry edits to facilitate better maintainability and readability.
- Introduce 'Disable insecure ciphers' category to organize and group cipher disabling scripts. - Expand documentation, adding cautionary notes to help users make informed decisions, addressing issues #57, #131, #175, and #183. - Implement `DisableCipherAlgorithm` function to standardize the approach to disabling cipher algorithms, enhancing maintainability and promoting code reuse. - Replace hexadecimal numbers with decimals in scripts to improve readability. - Add comments to generated code for better understandability. - Update revert codes to avoid incorrect error messages when operations are successful, using `2>nul` in `reg delete` commands. - Rename scripts for consistency, incorporating 'insecure' in titles. - Adjust recommendations to disable all insecure ciphers in 'Strict' mode due to security risks, and recommend disabling `NULL` in 'Standard' mode as it removes encryption. - Remove disabling of `DES 56`, correcting a redundancy as this cipher configuration does not exist.
This commit addresses reports in issue #131 about third-party cloud services like MEGA and Dropbox being affected by hash disabling. It updates the documentation to guide users on the potential impact, adjusts the recommendation levels along with other minor improvements. - Recommend hash disabling scripts in 'Strict'. - Expand and refine documentation, adding warnings to inform user decisions (addressing issues #57, #131, #175, #183). - Add a new shared function to standardize hash disabling, increasing code maintainability. - Change from hexadecimal to decimal in scripts for clarity. - Improve code comments for better understanding. - Add comments in generated to code to make it easier to follow. - Fix revert codes showing errors by using `2>nul` in `reg delete` commands. - Rename scripts for consistent naming conventions. Supporting changes in other SSL/TLS handshake scripts: - Update documentation for consistency. - Rename shared functions for consistency and clarity. - Improve generated code comments for clarity.
This commit groups scripts related to disabling protocols under same category, streamlining the process for disabling protocols like NetBios, SMBv1, and various TLS/SSL versions. It improves the documentation and scripts of the related scripts. Key changes: - Introduce new category for disabling insecure protocols and move related scripts under it. - Remove .NET configuration from TLS 1.0 disabling to prevent unwanted side effects on .NET applications, maintaining system integrity. - Remove the script disabling DTLS 1.1 as this protocol does not exist. - Recommend previously not recommended scripts: - SSL 2.0 in 'Standard' because it's already removed from Windows. - SSL 3.0 in 'Standard' because it's already disabled by default. - TLS 1.0 in 'Strict' as it's deprecated on Windows. - TLS 1.1 in 'Strict' as it's deprecated on Windows. - Rename and reorder scripts for consistency and enhanced readability. - Fix revert codes to accurately reflect successful operations, by adding `2>nul` on `reg delete` commands. - Expand documentation to include detailed precautions and references, aiding users in understanding the implications of their actions (addressing user feedback from #57, #131, #183, #185). Other supporting changes: - Convert hexadecimal values to decimal to enhance script readability. - Refactor scripts to utilize shared functions, improving maintainability. - Add detailed comments within the scripts to aid in comprehension. - Minor updates to other crypto scripts for consistency. - Reorganize protocol listing by age for a logical script flow. - Standardize comments across various TLS configuration scripts for clarity. - Fix enabling DTLS 1.3 being categorized as disabling insecure connection.
This commit renames categories that disables insecure connections for clarity $131. Previously, these categories were incorrectly coupled only to IIS, giving impression that they only configure Internet Information Services (IIS), which is server side stuff. However, these scripts also configure Windows clients, not only server side IIS. The renaming provides more simplicity and better technical accuracy. So categories with these names are renamed to clarify this to prevent confusing users, resolving $131. Other supporting changes: - Update caution texts for consistency.
This commit restructures the categorization of network security-related scripts to improve clarity and align with user expectations. It involves renaming and reorganizing categories to more accurately reflect their functions beyond just IIS configurations. This reorganization helps users find and utilize network security scripts more efficiently and ensures that the categorization accurately reflects the broader application of the scripts beyond server configurations. Changes: - Merge network security enhancements under a single category. - Rename categories for simplicity and increased technical accuracy. - Flatten nested categories to streamline navigation and enhance clarity. - Update documentation to match the new category structures. - Revise script recommendations to encourage broader use. - Fix revert codes of some related scripts to reflect default OS settings.
I've reworked network-related scripts completely in 0.13.3, it should solve this issue along with others. The category is also renamed. |
After running the script all my cloud sync services stopped working.
I'm on Windows 10, here's the script: https://rentry.co/cxtfu
I have already tried to revert the deny app access (although my cloud apps do not come from MS Store), deny online content in explorer and NTP server change.
Both my dropbox and MEGA Sync are still dead.
The text was updated successfully, but these errors were encountered: