Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Question] High disk usage at program start (part 2) #1665

Closed
opusforlife2 opened this issue Dec 15, 2023 · 14 comments
Closed

[Question] High disk usage at program start (part 2) #1665

opusforlife2 opened this issue Dec 15, 2023 · 14 comments
Labels
question

Comments

@opusforlife2
Copy link

Hi. As described in #1056 (comment), the setting that was suggested to be turned off to reduce disk usage doesn't seem to work.

Is there any other setting that also needs to be changed? Is high disk usage on startup normal? Simplewall almost maxes out my SSD disk usage while it is starting up.

App version: 3.7.6
Windows version: 10 21H2
@opusforlife2
Copy link
Author

Thanks! What will be the benefits/harms of enabling or disabling this option?

@henrypp
Copy link
Owner

henrypp commented Dec 16, 2023

u can use logic to made decision

@opusforlife2
Copy link
Author

That's the plan. :)

But for that I need knowledge of the function served by this option. All I know about hash checking is that it is used to confirm file integrity, usually for downloaded files.

What does Simplewall use it for?

@henrypp
Copy link
Owner

henrypp commented Dec 16, 2023

sw doing it just for lulz

@ltguillaume
Copy link
Contributor

ltguillaume commented Dec 17, 2023
edited

@henrypp Not funny. I'm trying to translate the new option "Check apps for sha-256 hash" properly and I don't understand what it does either.

  1. Do you mean that sw creates a SHA256 of all apps and then checks the apps for changes by comparing the SHA256's? So, a better description would then be "Check for changed apps using SHA-256 hashes".
  2. Or does it look for some SHA-256 hash already present in the app certificate? Then, a better description would be "Check app validity using the certificate's SHA-256 hash" or "Check app validity using the certificate's SHA-256 hash (high disk usage during start-up)".

That being said, if (2) is true, then what does the setting "Check apps for digital signatures" still do if (2) is disabled?

@henrypp
Copy link
Owner

henrypp commented Dec 17, 2023
edited

@ltguillaume

  1. it only enabled hash checking for files, and nothing more, and can be translated as is. hash checking is "monitor app changes". all settings are logical.
  2. not true

ps: im not funny at all, lol

@opusforlife2
Copy link
Author

hash checking is "monitor app changes".

Thanks! Now that you've explained this, I know that I want to keep it on and don't mind the high disk usage it causes. :D

There are power users of all levels. Not everyone will share your level of expertise on the topic. If you're annoyed by some questions, you can always choose not to answer until a few days later when you're in a better mood.

@ltguillaume
Copy link
Contributor

ltguillaume commented Dec 18, 2023
edited 

1. it only enabled hash checking for files, and nothing more, and can be translated as is. hash checking is "monitor app changes". all settings are logical.

2. not true

Thanks for explaining. The confusion here is that in #1056 (comment) your recommendation is to disable "Check apps for digital certificates". That led me to think that the hash checking, soon to be shown as a separate option, was part of the certificate checks, not of the "Monitor apps changing" feature.

I'm still not sure I fully understand what the three options will then do. Here's my guess, please correct anything I've misunderstood:

  • Monitor apps changing: check the program's modification date for changes? And maybe the file size? If the file has changed, the rule corresponding is disabled. A better description would then be Monitor app changes using modification dates. Previously included the logic of:
  • Check apps for sha-256 hash: the program's hash is saved in the profile and compared with the current file's hash on start-up. If the file has changed, the rule corresponding is disabled. A better description would be Monitor app changes using SHA-256 hashes
  • Check apps for digital signatures: just checks whether the program is signed at all? What more does it do? I haven't seen warnings if a program wasn't signed with a certificate, so will it only warn if a program was previously signed, but then a new version isn't?

@henrypp

@opusforlife2
Copy link
Author

@henrypp Could you please clarify the question above? Also, you've linked to 1655 instead of this issue in your release notes for 3.7.7.

@henrypp
Copy link
Owner

henrypp commented Jan 3, 2024

his telling not right things (enabling hash checking is not monitor apps changes), release notes is problem that i can change soon, in changelog.md is right issue.

@ltguillaume
Copy link
Contributor

ltguillaume commented Jan 3, 2024
edited

Well, that's confusing. First you said

hash checking is "monitor app changes".

and then

enabling hash checking is not monitor apps changes

Apart from that, I wouldn't know what use there would be to hash checking an application if it weren't to detect changes.

Can you please try to be more clear in your responses? You could try writing it in your own language and then translate it to English using e.g. https://tl.bloatcat.tk/?engine=deepl

@henrypp
Copy link
Owner

henrypp commented Jan 3, 2024
edited

@ltguillaume hash checking is just reading sha256 of files,nothing more
monitor - is checking files for change and disable it (if it was enabled) if changed.

is it not simple? not remember where u read another.

@ltguillaume
Copy link
Contributor

ltguillaume commented Jan 3, 2024
edited

hash checking is just reading sha256 of files,nothing more

Ok, and then what do you do with it? I see they're saved into the profile, but to what end, other than potentially being used for the monitor app changes feature?

monitor - is checking files for change and disable it (if it was enabled) if changed.

Apparently, monitoring for app changes works solely if sha256 hashes are generated. When disabling Check apps for sha-256 hash, Monitor apps changing automatically becomes disabled. That's ok, but there's no way it isn't working without sha256s, e.g. using the file's modification date and size, for instance. Then what's the use of Check apps for sha-256 hash without using Monitor apps changing?

is it not simple? not remember where u read another.

Evidently it is not. There's no documentation and it's unclear how it works under the hood.

And I still don't know what Check apps for digital signatures actually does. What are the consequences if an application doesn't have a digital signature? Or what happens if the signature changed?

@henrypp henrypp mentioned this issue Jan 3, 2024
Closed
@henrypp
Copy link
Owner

henrypp commented Jan 3, 2024

Ok, and then what do you do with it? I see they're saved into the profile, but to what end, other than potentially being used for the monitor app changes feature?

u read message? i already answered "nothing more"

Then what's the use of Check apps for sha-256 hash without using Monitor apps changing?

no, not now

And I still don't know what Check apps for digital signatures actually does. What are the consequences if an application doesn't have a digital signature? Or what happens if the signature changed?

it check apps for digital signatures

Or what happens if the signature changed?

nothing

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@henrypp @ltguillaume @opusforlife2