Release #70 - GRC SQRL client for Windows


Status
Not open for further replies.

Steve

Administrator
Staff member
May 6, 2018
1,014
304
www.grc.com
Everyone...

I've just finished three annoying but, I think, important days of work adding awareness of Windows 10's new "Controlled Folder Access" (CFA) to the SQRL client.

This was probably necessary, if not now then later once Microsoft starts turning it on by default, since SQRL stores its identity file in a SQRL sub-directory of the user's "Documents" directory. CFA was added to the infamous October 2018 Fall Creator's Edition (1709) of Windows. It is disabled by default since it is presently very noisy, ignorant and overprotective. But when CFA is enabled, =ANY= attempt to modify the contents of any files in any of the locations which are typically user-content, are blocked and a notice is posted on the lower-right of the screen. At that point the user can click for more information and be taken to the CFA configuration page. One of the options there is to show recently blocked programs and allow them to be added. Windows is supposed to only initially be blocking programs that it "knows" about... but it is, for example, blocking its own Internet Explorer. So at this point, CFA is still not very smart.

The annoying with SQRL was that a blockage of access to the SQRL sub-directory, since that should never have happened, WAS being shown as "you don't have any SQRL identities." That's what I wanted to prevent. So, with this release #70 of the SQRL client, it's able to add itself to the CFA permission list at installation time, while its built-in installer has been given elevated privileges. And it does this if CFA is present but disabled in the system, which will always be the case for all Win10 going forward. So for many SQRL client users, whether Microsoft knows about the SQRL client or not, they will never be blocked. And if Win10/1709 with CFA appears after SQRL has already been installed, a new dialog will appear upon system start notifying the user that CFA is apparently blocking SQRL's access and giving them a single button to press to add SQRL to the CFA whitelist.

I"m glad that everyone using this will be automatically updated, since there was a bit more surgery required to do this than I've done recently, and I want to be sure I didn't screw anything up that has always been working.

This has also been the first of our release candidate weekly releases that didn't have anything else to be fixed... so we may be nearing the end of this work. <fingers crossed!>

I'll be returning to my interrupted work on the SQRL system documentation, then most of my work will be completed.

Thanks, all!!
 

alt3rn1ty

Well-known member
Feb 2, 2019
89
4
Auto update #69 to #70 on Win10 x 64 went without a hitch as usual for me, but I do not have CFA enabled at all.
 

Steve

Administrator
Staff member
May 6, 2018
1,014
304
www.grc.com
@PHolder : It's {major} . {minor} . {day-of-build} . {release}
  • The day-of-build is automatically set by my build process.
  • Major and Minor will be manually set based upon the nature of the update.
  • Release number increases monotonically with each release.
 

ramriot

Well-known member
May 24, 2018
127
14
#70 on wine update works fine for me but again required me to quit & reopen for it to function under same device authentication. If I get time tomorrow I will exercise the rest of it.
 

ramriot

Well-known member
May 24, 2018
127
14
Strange, WINE on Debian didn't make me reopen it.
Me neither on Ubuntu 16.04, it stayed open. It just didn't work after update which I put down to it dropping the port mapping on update & not recapturing it.
 

shanedk

Well-known member
May 20, 2018
419
112
Oh yes, I've seen that issue a few times. I can't figure out what's causing it.
 
Status
Not open for further replies.