Closed
Bug 1225660
Opened 9 years ago
Closed 8 years ago
Skip Windows 10 default-app chooser by computing hashes ourselves
Categories
(Firefox :: Shell Integration, defect)
Firefox
Shell Integration
Tracking
()
RESOLVED
INVALID
Tracking | Status | |
---|---|---|
firefox45 | --- | affected |
People
(Reporter: Dolske, Unassigned)
Details
Attachments
(1 file)
9.99 KB,
text/plain
|
Details |
So, it looks like someone reverse engineered the way Windows 10 generates default app hashes. We were already able to _restore_ a previously computed hash to avoid the prompt after the first time it's seen (bug 1184508), and this would seem to allow us to skip the prompt the first time as well. [Of course _we_ would still prompt the user and play nice, this just allow us to implement UI that's not user-hostile like the Win10 UI is.] I've not tested this, but sounds interesting! From IRC, where this popped up: [14:56] <developers823> You all might be interested in this, allows Windows 10 instant default browser change, http://pastebin.com/yVhWeQ3X [15:05] <Dagger> developers823: "for clarity" with code like that... >.> [15:06] <developers823> Dagger: yeah, decompiler output isn't pretty [15:07] <developers823> though neither are the internals of most cryptographic functions [15:08] <Mardeg> surely someone can do it in javascript WebCrypto? [15:09] <developers823> probably, porting those nasty decompiled functions would take a decent bit of effort though [15:12] <dolske> developers823: hmm, we can already restore hashes (bug 1184508), but looks like this is simply generating hashes from scratch? [15:12] <firebot> https://bugzil.la/1184508 — FIXED, VYV03354@nifty.ne.jp — Remember registry hash for later use on Win8+ [15:13] <dolske> developers823: is this your code? [15:14] <developers823> dolske: yes [15:15] <developers823> dolske: yeah, it improves on the existing one, no need to show the dialog at all anymore, not sure if they'd want to use it though because it's sort of a huge hack [15:15] <dolske> fasinating. [15:16] <dolske> yeah, that's something we'd have to consider. Stuff like this can be an arms race, and now that MS is updating Win10 fairly frequently... [15:16] <dolske> developers823: out of curiousity, what led you to reverse engineer this? [15:17] <developers823> dolske: I saw both Mozilla and Google were complaining about it and it just seemed to me like something that should be quick to solve... took maybe 3 hours... [15:17] <developers823> it's a complete half-measure so I figured someone ought to solve it :) [15:19] <dolske> developers823: well, it's a nice hack, good work :)
Reporter | ||
Updated•9 years ago
|
Attachment #8688698 -
Attachment mime type: text/x-c++src → text/plain
Comment 1•9 years ago
|
||
Looks like Acrobat Reader DC calculates the hash itself. It will write the hash value even on Win7.
Comment 2•8 years ago
|
||
This is moot. see bug 1240892.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•