Jump to content
WnSoft Forums

Recommended Posts

Posted

I need your advice for the following problem.

Future Windows 8 will have an unpleasant restriction.

When user launches an unsigned executable file (slideshow) he will see a warning message as shown on the first screenshot (1). If he guesses to click "More info" link he will able to launch it (2).

Thanks to Microsoft.

This problem will touch all slideshow software (WnSoft, Photodex, Aquasoft, etc) which create slideshows in single executable files, because it is impossible to add a digital signature to a single EXE file created by an user.

This situation happens with EXE slideshows downloaded by any web browser, even packed into ZIP archive.

This problem does not occur with EXE files created and launched on same PC, or transfered through DVD disc, or USB flash drive.

Windows 8 will be released in September-October of this year.

What we can do?

A. Leave everything as it is. Users should guess how to launch slideshows downloaded from Internet.

B. Separate the code from user data.

Executable file contains only a slideshow player which has our digital certificate + user file with packed images/music/videos.

For example:

Myshow.exe -> launcher

Myshow.res -> images/music/videos.

Windows 8 will not show any warnings anymore.

Publish menu contains a new option - "Create executable file for PC for Internet". This options creates a folder with two files or creates a packed ZIP archive.

Example of such slideshow with two files:

http://wnsoft.com/files/test/Myshow.zip

Of course, if user forget to copy the second file, the slideshow will not work.

Also it more difficult to launch such slideshow from a ZIP file, because it necessary to unpack all files from the ZIP.

Impossible to assign an icon for executable show.

Positive side effect - less problems with antivirus software.

What you think and what way we should choose?

I remind that this problem also happens with competing slideshow software which create single executable files.

post-1-0-84442800-1338552014_thumb.jpg

post-1-0-35060200-1338552022_thumb.jpg

Posted

Hi Igor,

I've been creating slideshows for my Macbook, and always create the zip version... I did not find it to be a serious problem...

Just a thought - Would it be possible to create a utility that would recombine the two files after the zip is extracted - the player and the resources combined to recreate the single exe?

The internet has become such a dangerous place to be... Pity that so many security measures need to be implemented...

Dick

Posted

Hi,

I'm not able to contribute any technical advice on this topic but have one stupid question and one plea.

Stupid Question

Will this also apply to any Windows 8 user using a service such as Dropbox?

Plea

Whatever the solution PLEASE, PLEASE keep it simple!

Good hunting!

Regards

John

Posted

Hi Igor,

I suppose it is only sensible for Microsoft to introduce this kind of security so we will just have to accept it.

However, your example screen shots (attached) that shows us the warning dialog, might put people off from using PTE and they may decide NOT to run the exe.

So, your example slide show seems to be the right way to go I think.

Ron West

Posted

Hi Igor,

One question comes to mind. What about duplicate names for the digitally signed exe portion? If the user, for example, creates a slideshow called ABC.exe the digitally signed exe driver looks for a data file called abc. But what if there are multiple data files called "abc" on the hard disk in different folders and the exe driver is loaded into these other folders. Will it then try to run these alternative data files or is there something which ties the exe file to only a single data file with the name "abc"?

If the digitally signed exe driver file is tied somehow to a "specific" data file, how will the user know which "abc.exe" driver file goes with which abc data file? It seems this "might" become confusing. As it is, it's not possible to have the duplicate named exe files in a single folder, but how to keep track of this when it might be possible to have multiple files with identical names but requiring different data files to work? If they were accidentally separated then would that not create difficulties?

Best regards,

Lin

Posted

Does all this mean that slide shows will no longer be launchable from a menu system, if so then I think I will be following what appears to be the majority opinion on the web and stay well away from this so called "improved" operating system.

Geoff

Posted

I've been creating slideshows for my Macbook, and always create the zip version... I did not find it to be a serious problem...

There is one difference. Windows suggests two variants - unpack one exe file or unpack all files. Users should make right choose.
Just a thought - Would it be possible to create a utility that would recombine the two files after the zip is extracted - the player and the resources combined to recreate the single exe?
I'm afraid it complicated.
Stupid Question

Will this also apply to any Windows 8 user using a service such as Dropbox?

Yes, same problem for Dropbox. For any executable file downloaded by any way from Internet.

Hi Igor,

One question comes to mind. What about duplicate names for the digitally signed exe portion? If the user, for example, creates a slideshow called ABC.exe the digitally signed exe driver looks for a data file called abc. But what if there are multiple data files called "abc" on the hard disk in different folders and the exe driver is loaded into these other folders. Will it then try to run these alternative data files or is there something which ties the exe file to only a single data file with the name "abc"?

If the digitally signed exe driver file is tied somehow to a "specific" data file, how will the user know which "abc.exe" driver file goes with which abc data file? It seems this "might" become confusing. As it is, it's not possible to have the duplicate named exe files in a single folder, but how to keep track of this when it might be possible to have multiple files with identical names but requiring different data files to work? If they were accidentally separated then would that not create difficulties?

Best regards,

Lin

We can't modify a file of the launcher to keep valid digital signature. So digitally signed launcher (ABC.exe file for example) will search for ABC.dat file placed in SAME folder. You can even rename the launcher and resource file. The only condition - they should have same name and different extensions (ABC.exe + ABC.dat, or Myshow.exe + Myshow.dat).

No problems with duplicates if they are located in different folders.

Posted

Does all this mean that slide shows will no longer be launchable from a menu system, if so then I think I will be following what appears to be the majority opinion on the web and stay well away from this so called "improved" operating system.

Geoff

Don't worry, it will work! "Run application" will work.

What about Windows 8. I really don't like it.

Microsoft removed Start button at the left-bottom corner. No Start menu anymore. Ugly Metro graphical design for desktop environment. No Aero graphical theme. The new interface is flat and very bright.

You can read people comments here:

http://blogs.msdn.com/b/b8/archive/2012/05/31/delivering-the-windows-8-release-preview.aspx

http://blogs.msdn.com/b/b8/archive/2012/05/18/creating-the-windows-8-user-experience.aspx

Posted

Hi Igor,

I don't think I explained my concern very well.....

It's the problem of accidentally mixing up data files of the same names with their executable drivers. Keeping a single exe file of a particular name in a folder is insured by Windows, it won't let you have duplicates in a folder, but it would be very easy to "delete" a file name such as abc.dat and then say - "I accidentally deleted that file." Then search for it and find another file called abc.dat in another folder then copy it to the folder it was deleted from. But what if the one which was "found" was a duplicate "name" for a data file which "belongs" with a different executable driver. So it then wouldn't work and the user would have no idea why…..

Maybe this will explain my concern better...

Best regards,

Lin

Posted

Thanks, Lin, I understood. You're right, it possible.

If .dat files belong to same version (7.0.6 for example), it will not cause any problem.

In case of different versions, a launcher shows the error message telling in details the exact reason of the problem. We can write a version number to the launcher and to .dat file with resources to validate compatibility automatically.

I know this variant has inconveniences. But for personal use (files on DVD disc or USB drive) you can use single executables.

I'm trying to find the best solution already 3 months. We didn't add any changes in this direction to PicturesToExe yet. I'd like to hear the opinion of the community.

It also interesting to see what our competitors will do in this situation (if they aware).

Indeed similar situation happens with unsigned single executables downloaded by Internet Explorer 9 in Windows Vista/7 already now. For this reason I recommend pack executables to ZIP archive. It solves the problem. But in Windows 8 it doesn't help.

Posted

This situation happens with EXE slideshows downloaded by any web browser, even packed into ZIP archive.

This problem does not occur with EXE files created and launched on same PC, or transfered through DVD disc, or USB flash drive.

I have a couple further questions on the new playback behaviour of the unsigned executable EXE on Windows 8.

1) Is the warning message displayed only on the first and initial launch of the unsigned EXE ... or is it going to be displayed for any/all EXE launches thereafter ?

2) Does Windows 8 offer some type of unblock/unlock feature after first and initial launch of the unsigned EXE?

* I see this new Windows 8 playback behaviour is going to be somewhat of a problem/inconvenience for Users downloading previously built older version(s) of a slideshow.

Posted

Tom,

Thanks for your idea regarding the player. You're right, the unique file extension for a resource file (.ptd) is preferable for future evolution of PicturesToExe.

In theory we can release a slideshow player which can play all .ptd files by double click in Windows Explorer. Like we install Adobe Reader to read PDF documents. It seems that this way is recommended by Microsoft.

Users have to confirm the installation of such player once. And then any slideshow (in .ptd format) will be played without any warnings. I think it also possible to play executable files, if you run the player and choose File -> Open dialog window to browse slideshows in old EXE format.

Creating of a player is a alternate way to solve problems with unsigned executable shows.

1) Is the warning message displayed only on the first and initial launch of the unsigned EXE ... or is it going to be displayed for any/all EXE launches thereafter ?

This warning will be shown *every time* when user launches an unsigned executable file in Windows 8.
2) Does Windows 8 offer some type of unblock/unlock feature after first and initial launch of the unsigned EXE?

No. You can only configure Windows to turn off this warning at all (SmartScreen Filter).

If a slideshow consists from two files - signed launcher + resources, Windows 8 will not show any warnings at all.

Posted

Just a remark on submissions to AV festivals. I have heard that users an AV tool provided by a German competitor sometimes run into trouble as this tool does not allow to export shows as single file executables. If you look at rules of organizations like RPS (see here) or AV-Dialog (German AV organization, see here) you will see that presently shows that consist of 2 or more files are not welcome :(

Regards,

Xaver

Posted

Xaver,

Thanks for this information!

I cautiously assume that these rules can be revised taking into account the situation with Windows 8.

Anyway we can keep producing of single executables for AV festivals or personal use.

Indeed there is a way to outsmart Windows 8. You need to pack a single EXE file into ZIP archive and unpack it using some little-known ZIP unpacker which will not add a tag to extracted EXE file that this file was downloaded from Internet.

When web-browser downloads a ZIP file from Internet, it adds a tag ("downloaded from Internet") and if you unpack this ZIP file using Windows Explorer it will read this tag and then marks the extracted EXE file as "unsafe". So you need to find a ZIP unpacker which doesn't perform this action. For example free "7-Zip" - http://www.7-zip.org/

Posted

Xahu

Please clarify your comment on submissions to RPS AV festivals: 'shows that consist of 2 or more files are not welcome'.

The RPS welcomes productions which, for example, include HD video, as well as still images in transition.

The Technical Requirements in section 8 say 'If you are unable to create .exe files, other formats (eg .mov, .mpg) may be accepted in consultation with the organising committee.'

The RPS is happy to accept all formats within the practical possibilities of a tight schedule over three days of world class AV production.

I will refer your note to the Festival Organiser, Ian Bateman FRPS, should any further clarification be needed.

Robert

Posted

...

Please clarify your comment on submissions to RPS AV festivals: 'shows that consist of 2 or more files are not welcome'.

...

I will refer your note to the Festival Organiser, Ian Bateman FRPS, should any further clarification be needed.

...

This is just my interpretation of the rules of your organization, and I do not regard it as my job to make any clarification, but keeping the organizer informed seems to be the best way to go. As PTE is widely used in the RPS there will be a solution. In the German AV scene the situation is different, PTE is widely unknown (standard tools are Wings and m.objects).

Best regards,

Xaver

Posted

...

Anyway we can keep producing of single executables for AV festivals or personal use.

...

Yes, I would like to have single executables as an option for special purposes.

Best regards,

Xaver

Posted

Hi Xaver

I just saw Robert's comment and can confirm that the RPS International AV Festival is happy to accept any format so long as we can make it play back on our system. We get entries from all over the world, and try to be as inclusive as possible. If the Festival is over-subscribed we will pre-select the entries that will be shown at the festival, but this is done on quality grounds and not on the format of the entry. Even with some 'exe' files (notably those from Wings Platinum) it is often a requirement that a new Direct X version is downloaded, so not all 'exes' play straight away.

Igor - Many years ago I used to use a French programme called GlobFX Composer (now defunct), but even back then it gave the option of creating either an 'exe' file or a 'show' file that came bundled with its own bespoke player. This format could also be streamed from a website by using an on-line version of the player. GlobFX was way ahead of its time, but the company moved into Flash presentations and Composer was abandoned about ten years ago.

Ian

This is just my interpretation of the rules of your organization, and I do not regard it as my job to make any clarification, but keeping the organizer informed seems to be the best way to go. As PTE is widely used in the RPS there will be a solution. In the German AV scene the situation is different, PTE is widely unknown (standard tools are Wings and m.objects).

Best regards,

Xaver

Posted

...

I just saw Robert's comment and can confirm that the RPS International AV Festival is happy to accept any format so long as we can make it play back on our system

...

Hi Ian,

I'm glad to read your statement, and I'll try to obtain some insider information from the German AV people. In Germany the said SmartScreen problem will not be regarded as a very serious one, as the German AV people normally do not present their work in the Internet (because of GEMA and other organizations). So there will not be that many downloads.

Best regards,

Xaver

Posted

Igor,

I have just been reading and studying the above Posts concerning the new (proposed) Windows.8 Security-System

and its impact on Pictures-to-Exe ~ in particular downloadable Exe's.

For some time now I have been using 'German Photo-Software' for Photo Editing & Correction and I note that they

are getting ready for Windows.8 (I dont wish to mention Names here) but I have also noticed that they are using

'Microsoft-XML' running as dynamic-scripts (alternative to Exe's) however in each case the XML is used purely as

a 'Writing-document' for setting up their Program-profiles (ie: the full-program operating parameters).

To my way of thinking that is a very unusual way to configure an existing Program-Exe and I ask myself..Why??

..Could this technique be used with a (downloadable) Pte-Exe ~ there must be some reason behind their technique?

Just out of curiosity I looked up Microsoft-XML on Wiki ~copy below~ This might help in some way....

Regards,

Brian.(Conflow)

P.S Edit: I had forgotten to mention that the XML's have an 'embedded' Run-Key and without it the

Program is "Time-limited" also its possible to embed a Copy-Key in the completed-production and

without that you cant run the Exe (somewhat like the old MediaFire).

Posted

I'm thinking the combination of the current PTE user base and Windows 8 means that Igor is going to have to support a couple of distribution/playback methods.

- the current, self-contained/standalone files (.EXE).

- a new format that is the 'data' portion of a show file that is playable by commonly available media players such as WMP and QT. Oh wait, we can *already* export our files in that direction.

- a truly new data format that is both encrypted and cert-signed. this new format would likely require that Igor develop a lightweight, standalone player-only proggy to support it. If the data format could open-sourced it could be released to the major players like WMP, QT, JRiver, XBMC, etc for consideration/inclusion in their product. Yes, this implies some kind of DRM for our shows. It also implies that this new data format might one day be playable on Android as well and Linuxii. Is there already a suitable format available out there (HTML5, Flash, etc) that meets the performance and quality that PTE users demand?

A new feature for the current self-contained/standalone .EXE files would be allowing individual users to self-sign (with a registered cert) their .EXE PTE shows.

I do think that MSFT (and Apple) are moving towards a position that will require all executables to be cert-signed. How to implement that into PTE is the real challenge I believe.

Posted

Hi Tom,

You wrote..."Although PTE does not use XML for the configuration file it would probably be make a great replacement"...unquote.

I agree completely with what you wrote ~ as to my my experience with XML, I simply edit some (Non-Microsoft) XML-Program/Configs

so that they work properly where normally MS would "buck" that Program ~ typical examples being "Pale-Moon Firefox-Browser" which

was altered by Microsoft with their (sneaky) drop-in under the guise of Dot.Net-3.5 upgrade ~ there are other examples of such antics.

(See ScreenShot)

My thought was perhaps Igor could alter certain parts of the PTE-Exe config or else "package-it" under some form of XML config which

the Germans seem to be doing.....Its just a thought !!

Regards,

Brian.

Guest
This topic is now closed to further replies.
×
×
  • Create New...