@ -0,0 +1,5 @@ | |||
# ameliorated.info | |||
Website data for ameliorated.info | |||
> The `files` directory is managed externally due to its large file size. |
@ -0,0 +1,548 @@ | |||
<html> | |||
<head prefix="og: http://ogp.me/ns#"> | |||
<meta name="viewport" content="width=device-width, initial-scale=1.0"> | |||
<title>Documentation - AME</title> | |||
<meta property="og:site_name" content="ameliorated.info" /> | |||
<meta property="og:title" content="Windows 10 Minus The Spyware + Added Stability and Security" /> | |||
<meta property="og:description" content="This page provides a complete step-by-step description of how AME images are mastered, defining a complete documentation of this project." /> | |||
<meta property="og:url" content="http://ameliorated.info/" /> | |||
<meta property="og:image" content="http://ameliorated.info/img/ame_logo.jpg" /> | |||
<style type="text/css"> | |||
html { | |||
scroll-behavior: smooth; | |||
} | |||
</style> | |||
<link rel="stylesheet" href="css/styles.css"> | |||
</head> | |||
<body style="background-image: url('img/ame_wallpaper_1440_web_blur_2.jpg'); | |||
background-repeat: no-repeat; | |||
background-position: center center; | |||
background-attachment: fixed; | |||
background-size:cover"> | |||
<div class="topnav-wrapper"> | |||
<label for="show-menu" class="show-menu"><img id="mobile-menu-icon" src="img/menu-icon.png"></label> | |||
<input type="checkbox" id="show-menu" role="button"> | |||
<a href="index.html"><img src="img/logo_ame_small.png" id="top-logo-mobile"></a> | |||
<ul class="topnav" id="menu"> | |||
<div id="darken-screen"></div> | |||
<a href="index.html"><img class="topnav" src="img/logo_ame_small.png"></li></a> | |||
<div class="topnav-reverse"> | |||
<li><a href="index.html">GET</a></li> | |||
<li><a class="active" href="documentation.html">DOC</a></li> | |||
<li><a href="faq.html">FAQ</a></li> | |||
<li><a href="https://t.me/joinchat/CR-xFBGQKVt7HPZKgZfbxg" target="_blank">TELEGRAM</a></li> | |||
</div> | |||
</ul> | |||
</div> | |||
<div class="body"> | |||
<br id="mobile_purge"> | |||
<h1>Windows 10 AME Documentation <span class="badge" style="bottom: 7px; left: 3px;">New!</span></h1> | |||
<aside>Version 1903 Dated 2020-02-06</aside> | |||
<div class="comment-vertical"><p style="font-size:15px"><strong>Note about this article</strong><br> | |||
A packaged version of this guide, for offline use, is available <a style="" href="">here</a> [Not yet available]</p></div> | |||
<p>The goal of the AME project is to provide a stable and non-intrusive build of Windows 10, without sacrificing usability and Win32 compatibility for the majority of mainstream applications. This includes the avoidance and riddance of privacy infringing automated data collection services, central to Microsoft’s strategy for the Windows 10 operating system.</p> | |||
<p>This page provides a complete step-by-step description of how AME images are mastered based on Windows 10 build 1903 with minor proceeding updates, defining a complete documentation of this project.</p> | |||
<p>While large portions of this process have been automated using various scripts and Linux command line utilities, a large majority requires manual effort, with many of the steps often producing differing and sometimes non-predictable results from instance to instance, increasing the difficulty of this procedure. As such, sections where abnormal behavior may occur have been appropriately highlighted.</p> | |||
<dp>It is also recommended that anyone attempting to reproduce the steps in this guide be moderately versed with Linux and consequently also not afraid of using the command line.</p> | |||
<h2>Contents</h2> | |||
<ol> | |||
<li> | |||
<a href="#install">Windows 10 1903 Installation</a> | |||
</li> | |||
<li> | |||
<a href="#updates">Updating Windows</a> | |||
</li> | |||
<li> | |||
<a href="#basic_cleanup">Cleanin-Up Basic UI Elements</a> | |||
</li> | |||
<li> | |||
<a href="#openssh">Install OpenSSH server (optional)</a> | |||
</li> | |||
<li> | |||
<a href="#ame_pre">Run Amelioration Script (Pre)</a> | |||
</li> | |||
<li> | |||
<a href="#snd">Linux: Run 'Search and Destroy' Script</a> | |||
</li> | |||
<li> | |||
<a href="#ame_post">Run Amelioration Script (Post)</a> | |||
</li> | |||
<li> | |||
<a href="#classicshell">Setup Classic-Shell</a> | |||
</li> | |||
<li> | |||
<a href="#explorer">Modify Windows Explorer</a> | |||
</li> | |||
<li> | |||
<a href="#hardentools">Run the latest hardentools from Security Without Borders</a> | |||
</li> | |||
<li> | |||
<a href="#defaults">Set Application Defaults</a> | |||
</li> | |||
<li> | |||
<a href="#wallpaper">Setting the default wallpaper for desktop and lock screen</a> | |||
</li> | |||
</ol> | |||
<ol> | |||
</ol> | |||
<br> | |||
<h2 id="install">Installation of Windows 10 1903</h2> | |||
<p>Firstly, you will need to grab a clean ISO of Windows 10 build 1903. This can be done from Microsoft’s website directly, or via the use of third party tools, such as the <a href="https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool" target="_blank">Microsoft Windows and Office ISO Download Tool</a>.</p> | |||
<p>During installation, particularly the next few steps, it is necessary to disconnect your target machine from the Internet. Burn the image to a USB flash drive or attach it in your VM manager to boot the installation medium. A partition size of at least 32GB is required.</p> | |||
<p>You will be asked to provide a product key.<br>When asked, use <span class="code">2B87N-8KFHP-DKV6R-Y2C8J-PKCKT</span>, which is a Generic License key for Windows 10 Pro N RTM. If your hardware has already been activated with a legitimate key, or if you have acquired your own, please enter your key instead. This generic key does not activate Windows; rather, it only allows for the installation to continue.</p> | |||
<div class="comment-vertical"><p><p>If you purchased your key from a third party, you may want to activate the key using a vanilla Windows 10 Installation on your machine before proceeding with AME, as the key will be tied to your motherboard and unable to be used again. Third party sellers sometimes check for this so they can make more money by reselling the key if you did not use it within a short time from purchasing it.</p></p></div> | |||
<h3>Post Install Procedure - After the initial installation perform the following steps:</h3> | |||
<p>The installation and initial setup proceeds mostly normally, with the arguably placebo-trier toggles for privacy being disabled for good measure. <b>It is again very vital to mention that no internet connection be established during the entire installation!</b></p> | |||
<div> | |||
<video class="autoplay" style="display:block;" type="video/mp4" controls poster="img/Windows_Initial_Startup_2.jpg" src="video/Windows_Initial_Startup.mp4"> </video><div style="font-size: 12pt; padding-top: 10px;"><b>Video: Windows 10 Post Install</b><br>During the initial post-install setup, select your default language, skip any network setup (it will ask twice, click no on the second prompt), and add a user as a local account. This user will be the user which does not have administrator privileges. The username can be anything you want, but on AME releases the username is simply "user".</div></div> | |||
<br> | |||
<h2 id="updates">Extracting and Installing Updates</h2> | |||
<p>Before further changing the operating system, we recommend installing Microsoft’s security updates. Both the Servicing Stack Update (SSU) and Cumulative Updates are required to properly install updates. The Cumulative Update includes all updates released since the initial release of 1903. This means that only the latest Cumulative Update is required to obtain updates included in prior Cumulative Updates. The correct SSU for the Cumulative Update package can be found in the <b>"How to get this update"</b> section of each Cumulative Update page. For a full list of update options, as well as updates proceeding this guide, follow the Microsoft link <a href="https://support.microsoft.com/en-us/help/4528760" target="_blank">here</a>. The latest AME release uses SSU <a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB4528759" target="_blank">KB4528759</a> in conjunction with Cumulative Update <a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB4528760" target="_blank">KB4528760</a>.</p> | |||
<div class="comment-vertical"><p>Proceed at your own risk when installing updates outside of the scope of this guide, as amelioration features with respect to privacy may be jeopardized.</p></div> | |||
<p>To install an update, use Microsoft’s Deployment Image Servicing and Management (DISM) tool.</p> | |||
<p>Firstly, extract the desired .cab file from the .msu files:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">expand</span><span style="color: #a4df2d"> -F</span><span style="color: #f2246e">:*</span> <.msu file> <dest> | |||
</pre></div></div> | |||
<p>The SSU will need to be installed prior to the Cumulative Update, but the DISM command structure is identical. Just point to the correct .cab file.</p> | |||
<p>Copy the <span class="code">Windows10.0-KB4528759-x64.cab</span> and <span class="code">Windows10.0-KB4528760_PSFX.cab</span> files to the root of the C: drive, or a location of your choosing, and run the following commands from an elevated command prompt:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">dism</span> /online <span style="color: #a4df2d">/add-package</span> /packagepath=C:\Windows10.0-KB4528759-x64.cab | |||
</pre></div> | |||
</div> | |||
<p>Reboot before installing the Cumulative Update</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">shutdown</span> /r /t 0 | |||
</pre></div> | |||
</div> | |||
<p>Continue by installing the Cumulative Update</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">dism</span> /online <span style="color: #a4df2d">/add-package</span> /packagepath=C:\Windows10.0-KB4528760-x64_PSFX.cab | |||
</pre></div> | |||
</div> | |||
<p>Once the Cumulative Update has finished installing, it will prompt for a reboot. Reboot a second time after Windows boots up. The last step concerning updates is to clear the Windows Update cache:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">dism</span> /online <span style="color: #a4df2d">/Cleanup-Image</span> /StartComponentCleanup | |||
</pre></div> | |||
</div> | |||
<div class="comment-vertical"><p>Sometimes the progress bar hangs in the command prompt; it will update if you type on the keyboard. Use the arrow keys since that will not put text on the screen. Cleaning up the cache currently takes longer than installing updates.</p></div> | |||
<br> | |||
<h3>Install the Media Feature Pack</h3> | |||
<p>Adding the Media Feature Pack allows for the playback of some embedded HTML5 web videos. <a href="https://support.mozilla.org/en-US/kb/fix-video-audio-problems-firefox-windows?as=u&utm_source=inproduct" target="_blank">Firefox</a>, for example, will misbehave if this particular content is attempted to be played, and will indicate to the user that the pack needs to be installed. Other media intensive applications are also affected.</p> | |||
<p>Download the Media Feature Pack from the <a href="https://www.microsoft.com/en-us/software-download/mediafeaturepack" target="_blank">Microsoft Software Download Service</a></p> | |||
<p>Firstly, extract the desired .cab file from the .msu file:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">expand</span><span style="color: #a4df2d"> -F</span><span style="color: #f2246e">:*</span> <MFP .msu file> <dest> | |||
</pre></div></div> | |||
<p>Copy the resulting <span class="code">.cab</span> file to the root of the C: drive, or a location of your choice, then install offline update, again using an elevated command prompt:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">dism</span> /online <span style="color: #a4df2d">/add-package</span> /packagepath=<path to .cab> | |||
</pre></div> | |||
</div> | |||
<br> | |||
<h2 id="basic_cleanup">Cleaning-Up Basic UI Elements</h2> | |||
<p>Simplifying the UI and removing extraneous visual features is one of the critical aspects of the amelioration process (as well as ensuring that certain subsequently damaged and/or non-responsive features are pulled from the interface). The following tasks need to be undertaken before the amelioration and ameliorate scripts are executed. Given the various extraneous and difficult to describe UI elements to be navigated for these procedures, videos have also been added to help document these basic tasks.</p> | |||
<div class="comment-vertical"> | |||
<p>Note that although these tasks may appear simple, they need to be undertaken before the amelioration or ameliorate scripts are executed.</p> | |||
</div> | |||
<br> | |||
<h3>Cleaning-up the Start Menu and Taskbar</h3> | |||
<p>Windows 10 ships with very confusing and misguided functionality and features implemented by default in the taskbar. These can and should be removed manually, aiding in simplifying the UI. Note that most of these features will be unavailable once the amelioration script is executed. The Start Menu tiles (application links) are being removed now, for this very reason. Attempting to remove them later may actually not work.</p> | |||
<div> | |||
<video class="autoplay" style="display:block;" type="video/mp4" controls poster="img/startmenu_taskbar.jpg" src="video/startmenu_taskbar.mp4"> </video><div style="font-size: 12pt; padding-top: 10px;"><b>Video: Cleaning up the Start Menu and Taskbar</b><br>Remove all tiles from the Start Menu and all links except for Windows Explorer from the taskbar. Set the taskbar to never combine and set the systemtray to show all icons.</div></div> | |||
<br> | |||
<h2 id="openssh">Install OpenSSH server (optional)</h2> | |||
<p>Build 1903 of Windows 10 allows for native integration of an OpenSSH server, sanctioned by Microsoft, with the OpenSSH client coming pre-installed on Pro editions of the software. Installation of the server will be accomplished offline, using the manual steps described on the official project's <a href="https://github.com/PowerShell/Win32-OpenSSH/wiki/Install-Win32-OpenSSH" target="_blank">github</a> page:</p> | |||
<div class="comment-vertical"><p>Enabling the SSH server will add an attack vector to your machine. Please keep this in mind when enabling this feature!</p></div> | |||
<p>Download the latest build of OpenSSH. For a list of the latest releases follow <a href="https://github.com/PowerShell/Win32-OpenSSH/releases/">this link</a>.<br>(We used <span class="code">v8.1.0.0p1-Beta</span> at the time of this guide)</p> | |||
<p>Extract contents of the latest build to <span class="code">C:\Program Files\OpenSSH</span></p> | |||
<div class="comment-vertical"><p>Make sure the binary location has Write permissions to just the SYSTEM and Administrator groups. Authenticated users should only have Read and Execute.</p></div> | |||
<p>In an elevated Powershell console, run the following:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">powershell.exe</span><span style="color: #a4df2d"> -ExecutionPolicy</span> Bypass -File install-sshd.ps1 | |||
</pre></div></div> | |||
<p>Open the firewall for sshd.exe to allow inbound SSH connections:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span>New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' <br>-Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22 | |||
</pre></div></div> | |||
<div class="comment-vertical">Changing the SSH port to a port above 40000 will provide a small increase in security while on public networks.</div> | |||
<p>Start <span class="code">sshd</span> in an elevated command prompt:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span>net start sshd | |||
</pre></div></div><br> | |||
<div class="comment-vertical">Note that this will automatically generate host keys under <span class="code">%programdata%\ssh</span> if they don't already exist. Because of this, we can't distribute AME with the server already enabled, as all of the computers with AME would have identical public and private keys for SSH.</div> | |||
<p>The <span class="code">sshd</span> service should also be configured to auto-start at boot. In an elevated PowerShell window type:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">Set-Service</span> sshd <span style="color: #a4df2d">-StartupType</span> Automatic | |||
</pre></div></div> | |||
<br> | |||
<h2 id="ame_pre">Run Amelioration Script (Pre)</h2> | |||
<p>At this stage we are ready to begin the amelioration process, which is structured into various phases due to the nature of Windows 10's self-updating and healing capabilities. The amelioration script, the Windows-side component of the AME process, is responsible for disabling services, applying individual registry hacks, modifying various configuration files, and installing software. Consequently, this script has both options to be executed before and after the proceeding <a href="#snd">deletion process</a>.</p> | |||
<p>The script has been heavily commented to reasonably document each operation.<br>Download the script:</p> | |||
<br> | |||
<div class="floating-box" style="vertical-align:top; margin-top: -40px;"> | |||
<div id="minimal_title" class="download-prompt-wrapper"> | |||
<p style="padding: 10px; position: relative; bottom: -5px; font-size:23px;font-family: Arial, Helvetica, sans-serif;"><b>Windows 10 Amelioration script</b></p> | |||
<p style="padding: 10px; position: relative; bottom: 30px; font-size:14px;font-family: Arial, Helvetica, sans-serif;">Windows-side component for the amelioration process, heavily commented for documentation purposes.</p> | |||
</div> | |||
</div> | |||
<div class="floating-box" style="vertical-align:top; margin-top: -40px; margin-bottom: 0px"> | |||
<div id="minimal_button" class="download-prompt-wrapper-2"> | |||
<center> | |||
<a class="download_button" href="files/amelioration_2019-02-01.bat"><button class="button4 button2">Download</button></a> | |||
<p class="download_subtext">BAT File 34 KiB [ <a id="" style="color: #4CAF50; text-decoration: none; font-size:10px;" href="files/amelioration_2019-12-14.bat.sha256" target="_blank">SHA256 Sum</a> ]<br>Version 2019-12-14</p> | |||
</center> | |||
</div> | |||
</div> | |||
<p>Run the <span class="code">amelioration_2019-12-14.bat</span> as Administrator</p> | |||
<p>Once opened, run option 1 <span class="code">Pre-Amelioration</span> from the main menu. This may take several minutes to complete.</p> | |||
<div class="comment-vertical"><p> The script will likely generate | |||
errors; this is fine, it is just unable to remove some of the built-in | |||
apps with PowerShell.</p></div> | |||
Run option 3: <span class="code">User Permissions</span>, which will open the <span class="code">netplwiz</span> GUI for configuring Windows user permissions: | |||
<ul class="doku"> | |||
<li>Reset password for <span class="code">Administrator</span> account</li> | |||
<li>Double click <span class="code">user</span> account, go to the Group Membership tab and select <span class="code">Standard User</span></li> | |||
<li>Click OK when finished. You will be asked to sign out, click Yes.</li> | |||
</ul> | |||
<p>After logging back in, change the password of the default user.<br>In an elevated command prompt, type the following:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">net</span><span style="color: #a4df2d"> user </span>user <span style="color: #f2246e">*</span> | |||
</pre></div></div> | |||
<br> | |||
<h2 id="snd">Run Ameliorate Script (Linux Required)</h2> | |||
<p>To assure that our changes are permanent, we need to remove Windows Update and its self-healing ability. This cannot be done within the running system because of Windows file permissions and repair operations. Another operating system, preferably a Linux distribution, is required for this step.</p> | |||
<p>The Ameliorate script makes heavy use of filesystem fuzzing search operations to effectively find and remove all files classified under specific naming conventions by Microsoft and pipes these paths to delete commands. As noted above, modifying the Windows filesystem from Linux allows us the luxury of ignoring filesystem permissions and ensures that Windows cannot re-patch these files before we reboot. This process enables the complete deletion of all relevant binaries from the system. In addition to the removal process the script also generates a recovery script to restore all of the removed Windows files from backup.</p> | |||
<p>The script is written in bash, and commented to reasonably document various deleted components. <br>Download the script:</p> | |||
<br> | |||
<div class="floating-box" style="vertical-align:top; margin-top: -40px;"> | |||
<div id="minimal_title" class="download-prompt-wrapper"> | |||
<p style="padding: 10px; position: relative; bottom: -5px; font-size:23px;font-family: Arial, Helvetica, sans-serif;"><b>Linux Ameliorate script</b></p> | |||
<p style="padding: 10px; position: relative; bottom: 30px; font-size:14px;font-family: Arial, Helvetica, sans-serif;">Linux-side component for the amelioration process, commented for documentation purposes.</p> | |||
</div> | |||
</div> | |||
<div class="floating-box" style="vertical-align:top; margin-top: -40px; margin-bottom: 0px"> | |||
<div id="minimal_button" class="download-prompt-wrapper-2"> | |||
<center> | |||
<a class="download_button" href="files/ameliorate_1903_2020.01.18.sh"><button class="button4 button2">Download</button></a> | |||
<p class="download_subtext">SH File 14 KiB [ <a id="" style="color: #4CAF50; text-decoration: none; font-size:10px;" href="files/ameliorate_1903_2020.01.18.sh.sha256" target="_blank">SHA256 Sum</a> ]<br>Version 2020-01-18</p> | |||
</center> | |||
</div> | |||
</div> | |||
<p>Boot into Linux and mount your Windows drive.<br>Place <span class="code">ameliorate_1903_2020-01-18.sh</span> in the root directory of your Windows drive, and execute it with root permissions:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">$ </span>sudo<span style="color: #a4df2d"> ./ameliorate_1903_2020-01-18.sh</span> | |||
</pre></div></div> | |||
<div class="comment-vertical"><p>The script will generate ten errors, two for OfficeHub and eight for MicrosoftEdge. This is due to permissions. This seems to be fine and neither of the programs can run. For unknown reasons, there are multiple copies of Windows files all over the folder structure of Windows 10. The ones that actually run Microsoft Edge are successfully removed.</p></div> | |||
<p>Once the script has finished, boot back into Windows to continue.</p> | |||
<br> | |||
<h2 id="ame_post">Run Amelioration Script (Post)</h2> | |||
<p>Due to the deletion process, at this stage, Windows 10 lacks even basic software, such as a web browser or media player. This process installs the <a href="https://chocolatey.org/" target="_blank">chocolatey package manager</a> and a selection of basic sensible software.</p> | |||
<p>Once again, run the <span class="code">amelioration_2019-12-14.bat</span> as Administrator and enable internet access.</p> | |||
<p>Run option 2 <span class="code">Post-Amelioration</span> from the main menu.</p> | |||
<br> | |||
<h2 id="classicshell">Setup Classic-Shell</h2> | |||
<p>The amelioration process, with respect to the disabling and/or outright deletion of certain binaries, such as Cortana, cripples some Windows functionality which needs to be replaced. The Start Menu is left handicapped with disabled search functionality and a few non-functional app links. Thankfully there are open-source projects | |||
such as classic-shell, aiming to not only replace the Start Menu with a separate executable, but also to be more functionally similar to the Start Menu from Windows 7 or earlier.</p> | |||
<p>The following describes the steps to configure classic-shell to the state used in AME:</p> | |||
<div> | |||
<video class="autoplay" style="display:block;" type="video/mp4" controls poster="img/classic_shell.jpg" src="video/classic_shell.mp4"> </video><div style="font-size: 12pt; padding-top: 10px;"><b>Video: Configuring Start Menu replacement Classic-Shell</b><br>While most of these configurations are optional, we have tried to align classic-shell with sensible theming. These are the settings applied in the AME release.</div></div> | |||
<p>Enable: <b>Show all settings</b>, go to the <b>Skin</b> tab:</p> | |||
<ul class="docu"> | |||
<li>Select <span class="code">Midnight</span> from the skin drop-down menu</li> | |||
<li>Select <span class="code">More transparent</span> from the Skin options</li> | |||
</ul> | |||
<p>Go to the <b>Main Menu</b> tab:</p> | |||
<ul class="docu"> | |||
<li>Uncheck <span class="code">Show Metro apps</span> (apps have been disabled)</li> | |||
<li>Uncheck <span class="code">Show recent Metro apps</span> (see above)</li> | |||
<li>Set <span class="code">Max recent programs</span> to <span class="code">15</span> (or any other number you'd like)</li> | |||
<li>Uncheck <span class="code">Enable hybrid shutdown</span> for good measure</li> | |||
</ul> | |||
<p>Go to the <b>Menu Look</b> tab:</p> | |||
<ul class="docu"> | |||
<li>Check <span class="code">Override glass color</span> (this is optional)</li> | |||
<li>Set Menu glass color to <span class="code">000000</span> (or any other color you'd like)</li> | |||
</ul> | |||
<br> | |||
<h2 id="explorer">Modify Windows 10 Explorer</h2> | |||
<p>Microsoft has opted to ship an arguably very poorly designed UI, in terms of ease of access and clarity, with Windows 10. The lack of any defined contrasts and the burying of useful elements, which have been obscured by a confusing ribbon system, is especially apparent in <span class="code">Windows Explorer</span>, a very frequented application.</p> | |||
<p>In light of this <span class="code">OldNewExplorer</span> is an excellent project to integrate.</p> | |||
<div class="floating-box" style="vertical-align:top; margin-top: -40px;"> | |||
<div id="minimal_title" class="download-prompt-wrapper"> | |||
<p style="padding: 10px; position: relative; bottom: -5px; font-size:23px;font-family: Arial, Helvetica, sans-serif;"><b>Old New Explorer</b></p> | |||
<p style="padding: 10px; position: relative; bottom: 30px; font-size:14px;font-family: Arial, Helvetica, sans-serif;">Windows 10 shell extension which can undo "improvements" to file browsing made in newer Windows version.</p> | |||
</div> | |||
</div> | |||
<div class="floating-box" style="vertical-align:top; margin-top: -40px; margin-bottom: 0px"> | |||
<div id="minimal_button" class="download-prompt-wrapper-2"> | |||
<center> | |||
<a class="download_button" href="files/OldNewExplorer.rar"><button class="button4 button2">Download</button></a> | |||
<p class="download_subtext">RAR File 278 KiB [ <a id="" style="color: #4CAF50; text-decoration: none; font-size:10px;" href="https://msfn.org/board/topic/170375-oldnewexplorer-118/" target="_blank">Source/Mirror</a> ]<br>Version 1.1.8</p> | |||
</center> | |||
</div> | |||
</div> | |||
<div class="comment-vertical">Do not run this application as administrator. It will prompt you</div> | |||
<p>Use the following settings:</p> | |||
<ul class="docu"> | |||
<li>Click Install and follow the dialogs</li> | |||
<li>Uncheck everything</li> | |||
<li>Check <span class="code">Use classical drive grouping in This PC</span></li> | |||
<li>Check <span class="code">Use libraries; hide folders from This PC</span></li> | |||
<li>Check <span class="code">Use command bar instead of Ribbon</span></li> | |||
<li>Check <span class="code">Hide caption text in File Explorer windows</span></li> | |||
<li>Check <span class="code">Hide caption icon in File Explorer windows</span></li> | |||
<li>Check <span class="code">Show details pane on the bottom</span></li> | |||
<li>Appearance style set to <span class="code">Default style (Windows 7 style / skin style)</span></li> | |||
<li>Status bar style set to <span class="code">Default style (white)</span></li> | |||
<li>Check <span class="code">Show status bar</span></li> | |||
</ul> | |||
<br> | |||
<h2>Install and Configure Cygwin</h2> | |||
<p>Get Cygwin, <i>"a Unix-like environment and command-line interface for Microsoft | |||
Windows"</i> from their <a href="https://cygwin.com/" target="_blank" | |||
>website</a> and install <span class="code">lynx</span> with it, so that <span class="code">apt-cyg</span> can be used to get additional packages for Cygwin. Since the Windows Subsystem for Linux (WSL) will be unavailable in AME, Cygwin is a great addition to the Windows desktop. It allows the use of bash natively, as well as various other ported Unix and Linux tools.</p> | |||
<div> | |||
<video class="autoplay" style="display:block;" type="video/mp4" controls poster="img/cygwin.jpg" src="video/cygwin.mp4"> </video><div style="font-size: 12pt; padding-top: 10px;"><b>Video: Install and configure Cygwin with apt-cyg</b><br>This video covers the complete guide on how to install and configure Cygwin with apt-cyg, as well as other AME specific modifications.</div></div> | |||
<p>During the install, select all the default options until the <b>Select Packages</b> dialog is reached.</p> | |||
<p>Search for each of the following applications and mark them to be installed. Searching does not display a list of packages; instead, it shows the category that each application is in. To see the packages, you need to expand the category by clicking the <b>plus symbol</b>. The packages you should install are: <span class="code">lynx</span> and <span class="code">nano</span></p> | |||
<p>Follow through the rest of the installation wizard normally.</p> | |||
<p>Move the provided <span class="code">.bashrc</span> to <span class="code">C:\cygwinx64\home\user\</span> Create the user folder if it does not exist already. The provided <span class="code">bashrc</span> file does not have the dot in front of it. You will have to rename it with cygwin:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">$ </span><span style="color: #5ec5d7">mv</span><span style="color: #a4df2d"></span> bashrc .bashrc | |||
</pre></div></div> | |||
<p>To install <span class="code">apt-cyg</span> type the following commands in an elevated Cygwin shell:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">$ </span><span style="color: #5ec5d7">lynx</span><span style="color: #a4df2d"> -source</span> rawgit.com/transcode-open/apt-cyg/master/apt-cyg > apt-cyg<br> | |||
<span class="unselectable">$ </span><span style="color: #5ec5d7">install</span><span style="color: #a4df2d"> apt-cyg</span> /bin</pre> | |||
</pre></div></div> | |||
<br> | |||
<h2 id="hardentools">Run the latest hardentools from Security Without Borders</h2> | |||
<p>Due to Windows 10's ongoing security fiasco and surfacing issues, not to mention AME's commitment to basic levels of security, certain functionality needs to be modified and/or accommodated for along those lines. In addition to the adjustments made by the <span class="code">amelioration script</span>, <a href="https://github.com/securitywithoutborders/hardentools" target="_blank">Hardentools</a>, an open-source project from Security Without Borders, provides an optimal inclusion.</p> | |||
<p>Run the latest executable with administrator privileges:</p> | |||
<ol> | |||
<li>Uncheck the <span class="code">Powershell and cmd.exe</span> box (unless desired)</li> | |||
<li>Click Harden!</li> | |||
<li>Click OK when finished</li> | |||
</ol> | |||
<br> | |||
<h2 id="defaults">Set Application Defaults</h2> | |||
<p>The application defaults for Windows 10 1903 can be set by using either the Windows Settings App, or by a more tedious, but more reliable manual process. The manual process was created due to the 1809 release of Windows 10 containing a feature regression which caused the Windows Settings App method for setting application defaults to be broken. The 1903 release of Windows 10 appears to have fixed this issue, but the manual guide is included as it is known to always set defaults successfully.</p> | |||
<p>Setting the default browser, Music player and Video player are relatively simple one-off changes which need to be done using the Windows Settings App. Open the Windows Settings App, click Apps, then under "Web browser" select Firefox, do the same for "Music player" and "Video player" only this time selecting VLC.</p> | |||
<p>For the rest of the defaults start by making empty files with the desired file type. You can use the bash script below to generate the files. For example, for gif files; right click the generated file <span class="code">gif.gif</span>, click Properties, click the Change button next to "Opens with:", then navigate to the executable that you would like to handle that file type.</p> | |||
<br> | |||
<div class="floating-box" style="vertical-align:top; margin-top: -40px;"> | |||
<div id="minimal_title" class="download-prompt-wrapper"> | |||
<p style="padding: 10px; position: relative; bottom: -5px; font-size:23px;font-family: Arial, Helvetica, sans-serif;"><b>create_empty_files.sh</b></p> | |||
<p style="padding: 10px; position: relative; bottom: 30px; font-size:14px;font-family: Arial, Helvetica, sans-serif;">A simple bash script to generate empty files to set application defaults.</p> | |||
</div> | |||
</div> | |||
<div class="floating-box" style="vertical-align:top; margin-top: -40px; margin-bottom: 0px"> | |||
<div id="minimal_button" class="download-prompt-wrapper-2"> | |||
<center> | |||
<a class="download_button" href="files/create_empty_files.sh"><button class="button4 button2">Download</button></a> | |||
<p class="download_subtext">SH File 192 Bytes [ <a id="" style="color: #4CAF50; text-decoration: none; font-size:10px;" href="https://ameliorated.info/files/create_empty_files.sh.sha256" target="_blank">SHA256</a> ]</p> | |||
</center> | |||
</div> | |||
</div> | |||
<h3>File types</h3> | |||
<ul> | |||
<li><span class="code">.doc</span> - ONLYOFFICE Desktop Editors</li> | |||
<li><span class="code">.docx</span> - ONLYOFFICE Desktop Editors</li> | |||
<li><span class="code">.gif</span> - JPEGView</li> | |||
<li><span class="code">.flac</span> - VLC</li> | |||
<li><span class="code">.mkv</span> - VLC</li> | |||
<li><span class="code">.pdf</span> - ONLYOFFICE Desktop Editors/Firefox</li> | |||
<li><span class="code">.pps</span> - ONLYOFFICE Desktop Editors</li> | |||
<li><span class="code">.ppsx</span> - ONLYOFFICE Desktop Editors</li> | |||
<li><span class="code">.ppt</span> - ONLYOFFICE Desktop Editors</li> | |||
<li><span class="code">.pptx</span> - ONLYOFFICE Desktop Editors</li> | |||
<li><span class="code">.xls</span> - ONLYOFFICE Desktop Editors</li> | |||
<li><span class="code">.xlsx</span> - ONLYOFFICE Desktop Editors</li> | |||
</ul> | |||
<h3>File Type Handler Locations</h3> | |||
<ul> | |||
<li>JPEGView - <span class="code">C:\ProgramData\chocolatey\lib\jpegview\tools\app\JPEGView.exe</span></li> | |||
<li>ONLYOFFICE Desktop Editors - <span class="code">C:\Program Files\ONLYOFFICE\DesktopEditors\DesktopEditors.exe</span></li> | |||
<li>VLC - <span class="code">C:\Program Files\VideoLAN\VLC\vlc.exe</span></li> | |||
</ul> | |||
<br> | |||
<h2 id="wallpaper">Setting the default wallpaper for desktop and lock screen</h2> | |||
<h3>Modifying the default Wallpaper</h3> | |||
<p>The goal of this section is to demonstrate how to modify the default wallpaper on a system level, replacing and/or adding the default GUI selection. The commands in this section will require an elevated command prompt.</p> | |||
<p>First take basic permission ownership over the wallpaper you want to replace:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">takeown</span><span style="color: #a4df2d"> /f</span> C:\Windows\Web\Wallpaper\Windows\img0.jpg | |||
</pre></div></div> | |||
<p>Modify access control for the default wallpaper:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">icacls</span> C:\Windows\Web\Wallpaper\Windows\img0.jpg<span style="color: #a4df2d"> /reset</span> | |||
</pre></div></div> | |||
<p>Replace the wallpaper with your own specified file:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">copy</span> <your wallpaper> C:\Windows\Web\Wallpaper\Windows\img0.jpg<span style="color: #a4df2d"></span> | |||
</pre></div></div> | |||
<p>After this, reboot, and go to <span class="code">Settings => Personalization</span> and select your wallpaper.</p> | |||
<br> | |||
<h3>Modifying the default Lock Screen Image</h3> | |||
<p>The goal of this section is to demonstrate how to modify the default lockscreen image on a system level, replacing and/or adding the default GUI selection. The commands in this section will require an elevated command prompt.</p> | |||
<p>First enable the lock screen with a <span class="code">reg add</span> command:</p> | |||
<div class="comment-code"><div style="overflow:auto;overflow-wrap: break-word;word-break: break-all;width:auto;padding:.2em .6em;"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">reg </span><span style="color: #a4df2d">add </span>"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Personalization" /v NoLockScreen /t REG_DWORD /d 0 /f | |||
</div></div> | |||
<p>Run to enable the lock screen image on the sign-in window:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">reg </span><span style="color: #a4df2d">add </span>"HKLM\SOFTWARE\Policies\Microsoft\Windows\System /v DisableLogonBackgroundImage" /t REG_DWORD /d 0 /f | |||
</div></div> | |||
<p>Take basic permission ownership over the image you want to replace:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">takeown</span><span style="color: #a4df2d"> /f</span> C:\windows\WEB\wallpaper\Screen\img100.jpg | |||
</pre></div></div> | |||
<p>Modify access control for the default lock screen image:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">icacls</span> C:\windows\WEB\wallpaper\Windows\img100.jpg<span style="color: #a4df2d"> /reset</span> | |||
</pre></div></div> | |||
<p>Replace the lock screen image with your own specified file:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">copy</span> <your image> C:\Windows\WEB\wallpaper\Windows\img100.jpg<span style="color: #a4df2d"></span> | |||
</pre></div></div> | |||
<p>After this, go to <span class="code">Personalization => lockscreen</span> and select your image. It should now show your personal wallpaper as the first image from the selection (far left).</p> | |||
<p>To set the wallpaper to another image, only the registry edit and the <span><span class="code">copy</span> commands will be needed as none of permissions need to be changed.</p> | |||
<p>This marks the end of the AME guide, if you have any questions or concerns please place a message in the group chat, otherwise enjoy using your ameliorated Windows 10 install.</p> | |||
</div> | |||
</body> | |||
<footer id="footer" style="display: block; bottom: 0; margin-left: auto; margin-right: auto; width: 100%;"> | |||
</footer> | |||
</html> | |||
@ -0,0 +1,343 @@ | |||
<html> | |||
<head prefix="og: http://ogp.me/ns#"> | |||
<meta name="viewport" content="width=device-width, initial-scale=1.0"> | |||
<title>FAQ - AME</title> | |||
<meta property="og:site_name" content="ameliorated.info" /> | |||
<meta property="og:title" content="Windows 10 Minus The Spyware + Added Stability and Security" /> | |||
<meta property="og:description" content="A stable, non-intrusive yet fully functional build of Windows 10 to anyone, who requires the Windows operating system natively" /> | |||
<meta property="og:url" content="http://ameliorated.info/" /> | |||
<meta property="og:image" content="http://ameliorated.info/img/ame_logo.jpg" /> | |||
<style type="text/css"> | |||
</style> | |||
<link rel="stylesheet" href="css/styles.css"> | |||
</head> | |||
<body style="background-image: url('img/ame_wallpaper_1440_web_blur_2.jpg'); | |||
background-repeat: no-repeat; | |||
background-position: center center; | |||
background-attachment: fixed; | |||
background-size:cover"> | |||
<div class="topnav-wrapper"> | |||
<label for="show-menu" class="show-menu"><img id="mobile-menu-icon" src="img/menu-icon.png"></label> | |||
<input type="checkbox" id="show-menu" role="button"> | |||
<a href="index.html"><img src="img/logo_ame_small.png" id="top-logo-mobile"></a> | |||
<ul class="topnav" id="menu"> | |||
<div id="darken-screen"></div> | |||
<a style="margin: 0px 0px; padding: 0px 0px;" href="index.html"><img class="topnav" src="img/logo_ame_small.png"></li></a> | |||
<div class="topnav-reverse"> | |||
<li><a href="index.html">GET</a></li> | |||
<li><a href="documentation.html">DOC</a></li> | |||
<li><a class="active" href="faq.html">FAQ</a></li> | |||
<li><a href="https://t.me/joinchat/CR-xFBGQKVt7HPZKgZfbxg" target="_blank">TELEGRAM</a></li> | |||
</div> | |||
</ul> | |||
</div> | |||
<div class="body"> | |||
<br id="mobile_purge"> | |||
<h2>Contents</h2> | |||
<ol> | |||
<li> | |||
<a href="#whatis">What Is This Project?</a> | |||
</li> | |||
<li> | |||
<a href="#data_collection">Ubiquitous Normalization Of Data Collection</a> | |||
</li> | |||
<li> | |||
<a href="#configure">Configuring AME For Stable And Secure Operation</a> | |||
</li> | |||
<ol> | |||
<li> | |||
<a href="#windows_update">Windows Update And Security Concerns</a> | |||
</li> | |||
<li> | |||
<a href="#method">The Case For Our Method</a> | |||
</li> | |||
</ol> | |||
<li> | |||
<a href="#sshd">How do I enable the built-in SSH/SFTP server?</a> | |||
</li> | |||
<li> | |||
<a href="#change_passwd">How do I change the username/password?</a> | |||
</li> | |||
<li> | |||
<a href="#key_locale">Is there a way to change the keyboard language in AME?</a> | |||
</li> | |||
<li> | |||
<a href="#dark_theme">How do I enable the dark theme?</a> | |||
</li> | |||
<li> | |||
<a href="#why_old">Why the old windows build?</a> | |||
</li> | |||
<li> | |||
<a href="#activate">Can AME be activated with a legit key, like normal Windows?</a> | |||
</li> | |||
<li> | |||
<a href="#dx12">Is DirectX 12 supported?</a> | |||
</li> | |||
<li> | |||
<a href="#legal">Legal Considerations</a> | |||
</li> | |||
<li> | |||
<a href="#privacy">Privacy or Security?</a> | |||
</li> | |||
<ol> | |||
<li> | |||
<a href="#windows_update">Windows Updates</a> | |||
</li> | |||
<li> | |||
<a href="#opensource">Open Source</a> | |||
</li> | |||
</ol> | |||
<li> | |||
<a href="#script_host">How do I enable Windows Script Host access?</a> | |||
</li> | |||
<li> | |||
<a href="#add_admin">How to add my user back to the Administrator group?</a> | |||
</li> | |||
</ol> | |||
<ol> | |||
</ol> | |||
<br> | |||
<h2 id="whatis">What Is This Project?</h2> | |||
<p>Windows 10 AME aims at delivering a stable, non-intrusive yet fully functional build of Windows 10 to anyone, who requires the Windows operating system natively. Spyware systems, which are abundant in Windows 10 by default, have <strong>not</strong> been disabled using group policy, registry entries or various other workarounds – they have been entirely removed and deleted from the system, on an executable-level. This includes Windows Update, and any related services intended to re-patch the system via what is essentially a universal backdoor. Core applications, such as the included Edge web-browser, Windows Media Player, Cortana, as well as any appx applications, have also been successfully eliminated. The total size of removed files is about 2 GB.</p> | |||
<p>Great effort has been invested in maintaining the subsequent system’s stability, bug-free operation and user experience, as many of these removed services conflict with core Windows 10 features.</p> | |||
<br> | |||
<h3>The Release Of Windows 10</h3> | |||
<p>When Microsoft released Windows 10 on July 29th 2015, it solidified its position in providing an operating system which undermined basic human rights with respect to privacy and overall system control. A shift towards an unjust source of power, via Windows Update and various other subsystems, amalgamated in a poorly designed user interface focused on cognitive ease and commercial advertising: This was to become the new era of computing. | |||
It’s important to remark, that due to Windows 10’s update mechanics, combined with Microsoft’s decision of abolishing its testing devision for update distribution, a stock system is extremely unpredictable and subject to an ever-shifting, uncontrollable state of disarray - but nevertheless vulnerable to leaked back-doors, in cooperation with the NSA - seriously undermining and questioning the validity of the official narrative’s claim to security and progress. | |||
<div class="source_white"><a class="source_white" href="https://www.eff.org/deeplinks/2016/08/windows-10-microsoft-blatantly-disregards-user-choice-and-privacy-deep-dive" target="_blank">[ SOURCE — www.eff.org ]</a></div> | |||
<div class="source_white"><a class="source_white" href="https://autoriteitpersoonsgegevens.nl/en/news/dutch-dpa-microsoft-breaches-data-protection-law-windows-10" target="_blank">[ SOURCE — autoriteitpersoonsgegevens.nl ]</a></div> | |||
</p> | |||
<blockquote><em>“[…] this program is an instrument of unjust power…. Sometimes it tracks the user... and sometimes they can even forcibly change the software at a distance, as Microsoft can with Windows, through the universal backdoor.”</em><strong> – Richard M. Stallman, at TEDxGeneva 2014</strong> </blockquote> | |||
<br> | |||
<h2 id="configure">Configuring AME For Stable And Secure Operation</h2> | |||
<p>Due to the modified nature of this Windows installation, there are various possible security and stability concerns to consider when using Windows 10 AME. The entire removal of the Windows 10 update subsystem, coupled with the lack of automatic driver detection, beyond what is included in the <strike>1511</strike> 1809 build of Windows 10 from <strike>November 2015</strike> late 2018, requires manual action in order to configure proper and safe operation.</p> | |||
<p>It is critical to understand, that Windows, regardless of its modernity and patched state, has proven to not be a secure platform. If security is one of your primary concerns, you should not be using AME, or Windows in general. | |||
<div class="source_white"><a class="source_white" href="https://www.schneier.com/crypto-gram/archives/1999/0915.html" target="_blank">[ SOURCE — www.schneier.com ]</a></div> | |||
<div class="source_white"><a class="source_white" href="https://www.pcworld.com/article/197659/Google_Ditches_Microsoft_Windows_Citing_Security_Issues_Report_Claims.html" target="_blank">[ SOURCE — www.pcworld.com ]</a></div> | |||
</p> | |||
<br> | |||
<h3 id="windows_update">Windows Update And Security Concerns</h3> | |||
<p>Since the release of Windows 10, various security patches have been pushed to fix critical vulnerabilities, via Windows update distribution. These patches are not available for AME, as this subsystem has been disabled. In order to secure the system properly, it is strongly advised to revoke administrator privileges from the default user. This will mediate approximately 94% of the critical attack surface, while locking down the system from most foreseeable major future threats. | |||
<div class="source_white"><a class="source_white" href="https://www.avecto.com/news-and-events/news/94-of-critical-microsoft-vulnerabilities-mitigated-by-removing-admin-rights" target="_blank">[ SOURCE — www.avecto.com ]</a></div> | |||
<div class="source_white"><a class="source_white" href="https://www.tenforums.com/tutorials/2969-enable-disable-elevated-administrator-account-windows-10-a.html" target="_blank">[ SOURCE — www.tenforums.com ]</a></div> | |||
</p> | |||
<p>The use of networked Windows file-sharing using the SMB protocol, which, since the release of build 1511, has been hijacked for various large-scale exploits, such as the famed WannaCry ransomware attack, yet still showing extensive vulnerabilities, surfacing even today, should only be used in a user controlled, secured network environment, as this protocol has proven to be largely apprehensive by age of its design. SFTP is strongly recommended for networked file transfers. | |||
<br><div class="source_white"><a class="source_white" href="https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/" target="_blank">[ SOURCE — blogs.technet.microsoft.com ]</a></div> | |||
</p> | |||
<br> | |||
<h3 id="method">The Case For Our Method</h3> | |||
<blockquote><em>“[…] As you can see, even the recommended method for eliminating data collection isn't completely effective and causes a number of problems […] don't install anything, and don't use your computer, the data sent to Microsoft is quite minimal.”</em><strong> – Mark Burnett, xato.net, May 2017</strong> </blockquote> | |||
<p>In May 2017 a security researcher named Mark Burnett demonstrated that disabling the default data collection toggles, found in Windows 10's settings app, are entirely useless. Furthermore he showed that even through using intensive group policy modifications, in a process heavily scrutinized and iterated upon over several days, he was not able to prevent Windows 10 from sending critical, personally identifiable information with certainty. | |||
<div class="source_white"><a class="source_white" href="https://xato.net/windows-spying-and-a-twitter-rant-19203babb2e7" target="_blank">[ SOURCE — xato.net ]</a></div> | |||
<div class="source_white"><a class="source_white" href="https://www.theinquirer.net/inquirer/news/3010547/microsoft-says-its-best-not-to-fiddle-with-windows-10-enterprise-group-policies" target="_blank">[ SOURCE — www.theinquirer.net ]</a></div> | |||
</p> | |||
<p>In conclusion, it appears to be extremely difficult to genuinely disable data collection, as proven to be monitorable in a controlled environment, where a constant uncertainty, subject to change by Microsoft's backdoor via Windows Update, plagues any methodology of mitigation, when making use of the built-in tools of Windows 10 such as the basic Privacy settings, gpedit modifications or registry edits. The only logical and unfortunately required method in this scenario, is the removal of the affected services from the system entirely, along with Windows Update.</p> | |||
<br> | |||
<h2 id="sshd">How do I enable the built-in SSH/SFTP server?</h2> | |||
<p>As discussed in the documentation, AME comes with the official SSH server installed by default, but has not been enabled due to concerns regarding the generated keys and opened ports.</p> | |||
<p>To enable the server, first open the <span class="code">firewall</span> rules for <span class="code">sshd.exe</span> and allow inbound connections. Type the following into an elevated <span class="code">powershell</span> prompt:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">New-NetFirewallRule</span><span style="color: #a4df2d"> -Name</span> sshd<span style="color: #a4df2d"> -DisplayName</span> 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP <span style="color: #a4df2d"> -Action Allow</span> -LocalPort 22 | |||
</div></div> | |||
<p>Start <span class="code">sshd</span> (this will automatically generate host keys under <span class="code">%programdata%\ssh</span> if they don't already exist):</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span>net start sshd | |||
</pre></div></div> | |||
<p>The <span class="code">sshd</span> service should also be configured to auto-start at boot. In an elevated powershell window type:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">Set-Service</span> sshd -<span style="color: #a4df2d"> StartupType</span> Automatic | |||
</pre></div></div> | |||
<br> | |||
<h2 id="change_passwd">How do I change the username/password?</h2> | |||
<p>You can change the username in Windows from CMD (Administrator) using the following command:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">wmic </span><span style="color: #a4df2d">useraccount</span> where name='currentname'<span style="color: #a4df2d"> rename</span> newname | |||
</pre></div></div> | |||
<p>You can change a user's password in Windows from CMD (Administrator) using the following command:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">net </span><span style="color: #a4df2d">user</span> useraccount<span style="color: #a4df2d"></span> * | |||
</pre></div></div> | |||
<br> | |||
<h2 id="key_locale">Is there a way to change the keyboard language in AME?</h2> | |||
<p>Yes, the following changes the keyboard locale:</p> | |||
<p>Open a Windows <span class="code">powershell</span> prompt with Administrator rights.<br>Import the international settings module by running the following command:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">ipmo</span> <span style="color: #a4df2d">international</span> | |||
</pre></div></div> | |||
<p>Display the locale information on the computer by running the following command:</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7"></span>Get-WinSystemLocale<span style="color: #a4df2d"></span> | |||
</pre></div></div> | |||
<p>Set the locale for the region and language that you want. For example, the following command sets the system locale to German (Germany):</p> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">Set-WinUserLanguageList</span> -Force<span style="color: #a4df2d"> 'de-DE'</span> | |||
</pre></div></div> | |||
<br> | |||
<h2 id="dark_theme">How do I enable the dark theme?</h2> | |||
<p>The vanilla dark theme, while available, is not recommended, as it is extremely early in development. You can install a custom dark theme, however this appears to introduce a 15 second hang when logging in for some reason.</p> | |||
<br> | |||
<h2 id="why_old">Why the old windows build?<span class="badge" style="bottom: 6px; left: 10px;">Old!</span></h2> | |||
<div class="comment-vertical"><p>This information only applies to prior AME releases, which were based on build 1511. Newer versions are much more up to date.</p></div> | |||
<p>Multiple reasons, some having to do with the fact that MS added a whole other layer of complexity when trying to "ameliorate" versions past 1511.</p> | |||
<p>However, this version is nearly "complete", and we will move on to 17.09 or 18.03, while also providing the older version, which will support older hardware longer, which MS will inevitably start to phase out support for at some point.</p> | |||
<br> | |||
<h2 id="activate">Can AME be activated with a legit key, like normal Windows?</h2> | |||
<p>No, the activation components are part of the <em>spyware aparatus</em>, and have been removed to the extent, that they don't send or collect personal data.</p> | |||
<p>AME has been activated with a generic volume license key for Windows 10 Pro N RTM, and will never bother you to be activated, as it cannot verify the key with MS servers.</p> | |||
<p>No <em>crackware</em> was employed to make windows think that it is activated, only the clever removal of components, in the right order.</p> | |||
<div class="comment-vertical"><p><p>If you purchased your key from a third party, you may want to activate the key using a vanilla Windows 10 Installation on your machine before proceeding with AME, as the key will be tied to your motherboard and unable to be used again. Third party sellers sometimes check for this so they can make more money if you did not use the key within a short time period.</p></p></div> | |||
<br> | |||
<h2 id="dx12">Is DirectX 12 Supported?</h2> | |||
<p>The general answer is no, as DirectX 12 is primarily updated by Windows Update, certain games will make API calls that aren't available on AME, resulting in crashes.</p> | |||
<p>It is worth noting however, that due to DX12's proprietary nature, and Windows exclusivity, not to mention the fact that games, which make use of it, generally see no benefit at this point what so ever, it is advisable to avoid supporting the use of this API. There are promising open alternatives, such as <a href="https://www.khronos.org/vulkan/" target="_blank">Vulkan</a>, as used by DOOM. Vulkan is <strong>fully supported</strong> by AME.</p> | |||
<br> | |||
<h2 id="legal">Legal Considerations</h2> | |||
<p>By downloading any of these images, you agree to Microsoft’s <a href="https://www.microsoft.com/en-us/Useterms/Retail/Windows/10/UseTerms_Retail_Windows_10_English.htm" target="_blank">Terms of Service</a> with respect to (5.) Authorized Software and Activation. All Images have been rudimentarily activated using a <a href="https://www.tenforums.com/tutorials/95922-generic-product-keys-install-windows-10-editions.html" target="_blank">Generic Key</a> for Windows 10 Pro N RTM. By using any of these images you agree that you have obtained a genuine product key or are able to activate by an other authorized method.</p> | |||
<p>AME is developed for educational purposes only, which emphasizes an effort to reverse engineer, disable or replace components of the Microsoft Windows 10 operating system. The goal is an endeavor to better understand and mitigate the collection of Personally identifiable information (PII), as has been clearly outlined by numerous outlets covering the topic, including comments by famed whistle-blower Edward Snowden. Another goal is to replace included proprietary Windows software, such as the Edge web-browser, with ethically verifiable alternatives using open-source licenses. | |||
<br><div class="source_white"><a class="source_white" href="https://www.eff.org/deeplinks/2016/08/windows-10-microsoft-blatantly-disregards-user-choice-and-privacy-deep-dive" target="_blank">[ SOURCE — www.eff.org ]</a></div> | |||
</p> | |||
<p>EU Directive 2009/24, on the legal protection of computer programs, governs reverse engineering in the European Union. The directive states:</p> | |||
<p><em>"(15) The unauthorised reproduction, translation, adaptation or transformation of the form of the code in which a copy of a computer program has been made available constitutes an infringement of the exclusive rights of the author. <strong>Nevertheless</strong>, circumstances may exist when such a reproduction of the code and translation of its form are indispensable to obtain the necessary information to achieve the <strong>interoperability</strong> of an independently created program with other programs. It has therefore to be considered that, in these limited circumstances only, performance of the acts of reproduction and translation by or on behalf of a person having a right to use a copy of the program is legitimate and compatible with fair practice and must therefore be deemed not to require the authorisation of the rightholder. An objective of this exception is to make it possible to connect all components of a computer system, including those of different manufacturers, so that they can work together. Such an exception to the author's exclusive rights may not be used in a way which prejudices the legitimate interests of the rightholder or which conflicts with a normal exploitation of the program."</em> | |||
<br><div class="source_white"><a class="source_white" href="http://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1435057541496&uri=CELEX:32009L0024" target="_blank">[ SOURCE — eur-lex.europa.eu ]</a></div> | |||
</p> | |||
<p>The intentions as self-described by the AME project, clearly fall under the case-scenario of enabling better "interoperability", as the prevalence of proprietary software bundled with the Windows 10 operating system does not constitute an open standard in this regard.</p> | |||
<br> | |||
<h2 id="privacy">Privacy or Security?</h2> | |||
<p>As stated on the main page, the objective of this project <em>“[…] aims at delivering a stable, non-intrusive yet fully functional build of Windows 10 to anyone, who requires the Windows operating system natively”</em>, while <em>“Spyware systems […] have been entirely removed and deleted from the system.”</em></p> | |||
<p>This is crucial to understand, as we do not provide a heightened state of security as the project’s main focus, beyond what is indirectly affected by the AME alterations. This does include many aspects likely to improve security, such as the reduction of many internal services and features, liable to third party vulnerability escalation (i.e. SMBv1, Edge, Wifi-Sense and many others), however these are, in fact, somewhat unintended side-effects of our, arguably somewhat ideologically fueled, removal process. | |||
<br> | |||
<div class="source_white"><a class="source_white" href="https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/" target="_blank">[ SOURCE — blogs.technet.microsoft.com ]</a></div> | |||
<div class="source_white"><a class="source_white" href="https://www.extremetech.com/extreme/209208-windows-10s-new-wifi-sense-shares-your-wifi-password-with-facebook-outlook-and-skype-contacts" target="_blank">[ SOURCE — www.extremetech.com ]</a></div> | |||
</p> | |||
<p>Furthermore, as touched upon on the main page, 94% of critical Windows 10 vulnerabilities can be mitigated by revoking administrator privileges from the default user. This is also an included feature in AME, and can be set-up by means of the initialization script, as this mode of operation is strongly encouraged. | |||
<br> | |||
<div class="source_white"><a class="source_white" href="https://www.avecto.com/news-and-events/news/94-of-critical-microsoft-vulnerabilities-mitigated-by-removing-admin-rights" target="_blank">[ SOURCE — www.avecto.com ]</a></div> | |||
<div class="source_white"><a class="source_white" href="https://www.tenforums.com/tutorials/2969-enable-disable-elevated-administrator-account-windows-10-a.html" target="_blank">[ SOURCE — www.tenforums.com ]</a></div> | |||
</p> | |||
<br> | |||
<h3 id="windows_update">The Deal With Updates</h3> | |||
<p>However, AME does not allow for the installation of critical security patches, by means of regular Windows Updates, as this subsystem has been stripped from the OS entirely.<b> Unfortunately, due to Windows 10’s background restoration behavior, it was deemed necessary to also remove any ability of manually installing update packages</b>, as the system components required for this, are the same ones responsible for the entire Windows Update subsystem to begin with – it was all or nothing.</p> | |||
<p>Additionally, manually patching the OS, if this were possible, considering the goals and values AME deploys, in fact installs and alters many unwanted components, partially restoring Windows 10’s spyware apparatus. Because of this, each patch requires a scrutinous re-evaluation of the OS, followed by additions to the removal and cleansing process. </p> | |||
<p><b>Nevertheless, each release of AME has been patched up until its release version date.</b></p> | |||
<br> | |||
<h3 id="opensource">Open Source</h3> | |||
<p>The creation of AME is led by individuals principally interested in the open flow of information, and equal distribution of knowledge, hence a strong inclination towards supporting free and open source software, or even activist efforts, such as the FSF’s ethics.<br /> | |||
As of such, the replacement applications provided in AME also attempt to fall in line with open source considerations.<br /> | |||
We by all means strongly encourage users unfamiliar with these concepts to explore them in detail, as they are much further reaching in their implications, than simply superficial effects on software development.</p> | |||
<br> | |||
<h2 id="script_host">How do I enable Windows Script Host access?</h2> | |||
<p>As described in the documentation, AME ships with various modifications aiming at locking Windows down to a much more secure state. As part of this process <a href="https://github.com/securitywithoutborders/hardentools" target="_blank">hardentools</a> disables a Windows feature called Script Host access. However, this feature is often required for doing development work with, for example, Visual Studio, which will error-out during the installation process, due to this feature missing. To re-enable Script Host access, open an elevated command promt and type the following command:</p> | |||
<div class="comment-code"><div style="overflow:auto;overflow-wrap: break-word;word-break: break-all;width:auto;padding:.2em .6em;"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">reg </span><span style="color: #a4df2d">add</span> "HKLM\SOFTWARE\Microsoft\Windows Script Host\Settings"<span style="color: #a4df2d"> /v</span> Enabled<span style="color: #a4df2d"> /t</span> REG_DWORD<span style="color: #a4df2d"> /d</span> 1<span style="color: #a4df2d"> /f</span> | |||
</pre></div></div> | |||
<p>After that, reboot your computer, and the relevant programs should now be able to make use of this feature.</p> | |||
<p>You revert these changes by typing the following command:</p> | |||
<div class="comment-code"><div style="overflow:auto;overflow-wrap: break-word;word-break: break-all;width:auto;padding:.2em .6em;"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">reg </span><span style="color: #a4df2d">add</span> "HKLM\SOFTWARE\Microsoft\Windows Script Host\Settings"<span style="color: #a4df2d"> /v</span> Enabled<span style="color: #a4df2d"> /t</span> REG_DWORD<span style="color: #a4df2d"> /d</span> 0<span style="color: #a4df2d"> /f</span> | |||
</pre></div></div> | |||
<br> | |||
<br> | |||
<h2 id="add_admin">How to add my user back to the Administrator group?</h2> | |||
<p>Due to severe security considerations, the default user in AME has been revoked Administrator privileges. However, in certain situations this may cause potential issues, as Windows was not designed to operate in this state, per se. If you require administrator priviliges, you can add your user back to this group using the following command in an elevated command prompt:</p> | |||
<div class="comment-vertical"><p>Note that while certain inconveniences may arise due to not having direct administrator privileges, we strongly recommend sticking with the configuration we ship, for security reasons. | |||
</p></div> | |||
<div class="comment-code"><div style=" overflow:auto;width:auto;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%"><span class="unselectable">C:\> </span><span style="color: #5ec5d7">net </span><span style="color: #a4df2d">localgroup</span> administrators<span style="color: #a4df2d"></span> user<span style="color: #a4df2d"> /add</span> | |||
</pre></div></div> | |||
<p>After this, restart Windows, and the default user will have administrator privileges.</p> | |||
<br> | |||
</div> | |||
</body> | |||
<footer id="footer" style="display: block; bottom: 0; margin-left: auto; margin-right: auto; width: 100%;"> | |||
</footer> | |||
</html> |
@ -0,0 +1 @@ | |||
.DS_Store |
@ -0,0 +1,86 @@ | |||
SIL OPEN FONT LICENSE Version 1.1 | |||
Copyright (c) 2014 Waybury | |||
PREAMBLE | |||
The goals of the Open Font License (OFL) are to stimulate worldwide | |||
development of collaborative font projects, to support the font creation | |||
efforts of academic and linguistic communities, and to provide a free and | |||
open framework in which fonts may be shared and improved in partnership | |||
with others. | |||
The OFL allows the licensed fonts to be used, studied, modified and | |||
redistributed freely as long as they are not sold by themselves. The | |||
fonts, including any derivative works, can be bundled, embedded, | |||
redistributed and/or sold with any software provided that any reserved | |||
names are not used by derivative works. The fonts and derivatives, | |||
however, cannot be released under any other type of license. The | |||
requirement for fonts to remain under this license does not apply | |||
to any document created using the fonts or their derivatives. | |||
DEFINITIONS | |||
"Font Software" refers to the set of files released by the Copyright | |||
Holder(s) under this license and clearly marked as such. This may | |||
include source files, build scripts and documentation. | |||
"Reserved Font Name" refers to any names specified as such after the | |||
copyright statement(s). | |||
"Original Version" refers to the collection of Font Software components as | |||
distributed by the Copyright Holder(s). | |||
"Modified Version" refers to any derivative made by adding to, deleting, | |||
or substituting -- in part or in whole -- any of the components of the | |||
Original Version, by changing formats or by porting the Font Software to a | |||
new environment. | |||
"Author" refers to any designer, engineer, programmer, technical | |||
writer or other person who contributed to the Font Software. | |||
PERMISSION & CONDITIONS | |||
Permission is hereby granted, free of charge, to any person obtaining | |||
a copy of the Font Software, to use, study, copy, merge, embed, modify, | |||
redistribute, and sell modified and unmodified copies of the Font | |||
Software, subject to the following conditions: | |||
1) Neither the Font Software nor any of its individual components, | |||
in Original or Modified Versions, may be sold by itself. | |||
2) Original or Modified Versions of the Font Software may be bundled, | |||
redistributed and/or sold with any software, provided that each copy | |||
contains the above copyright notice and this license. These can be | |||
included either as stand-alone text files, human-readable headers or | |||
in the appropriate machine-readable metadata fields within text or | |||
binary files as long as those fields can be easily viewed by the user. | |||
3) No Modified Version of the Font Software may use the Reserved Font | |||
Name(s) unless explicit written permission is granted by the corresponding | |||
Copyright Holder. This restriction only applies to the primary font name as | |||
presented to the users. | |||
4) The name(s) of the Copyright Holder(s) or the Author(s) of the Font | |||
Software shall not be used to promote, endorse or advertise any | |||
Modified Version, except to acknowledge the contribution(s) of the | |||
Copyright Holder(s) and the Author(s) or with their explicit written | |||
permission. | |||
5) The Font Software, modified or unmodified, in part or in whole, | |||
must be distributed entirely under this license, and must not be | |||
distributed under any other license. The requirement for fonts to | |||
remain under this license does not apply to any document created | |||
using the Font Software. | |||
TERMINATION | |||
This license becomes null and void if any of the above conditions are | |||
not met. | |||
DISCLAIMER | |||
THE FONT SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, | |||
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTIES OF | |||
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT | |||
OF COPYRIGHT, PATENT, TRADEMARK, OR OTHER RIGHT. IN NO EVENT SHALL THE | |||
COPYRIGHT HOLDER BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, | |||
INCLUDING ANY GENERAL, SPECIAL, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL | |||
DAMAGES, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING | |||
FROM, OUT OF THE USE OR INABILITY TO USE THE FONT SOFTWARE OR FROM | |||
OTHER DEALINGS IN THE FONT SOFTWARE. |
@ -0,0 +1,21 @@ | |||
The MIT License (MIT) | |||
Copyright (c) 2014 Waybury | |||
Permission is hereby granted, free of charge, to any person obtaining a copy | |||
of this software and associated documentation files (the "Software"), to deal | |||
in the Software without restriction, including without limitation the rights | |||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |||
copies of the Software, and to permit persons to whom the Software is | |||
furnished to do so, subject to the following conditions: | |||
The above copyright notice and this permission notice shall be included in | |||
all copies or substantial portions of the Software. | |||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | |||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | |||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN | |||
THE SOFTWARE. |
@ -0,0 +1,114 @@ | |||
[Open Iconic v1.1.1](http://useiconic.com/open) | |||
=========== | |||
### Open Iconic is the open source sibling of [Iconic](http://useiconic.com). It is a hyper-legible collection of 223 icons with a tiny footprint—ready to use with Bootstrap and Foundation. [View the collection](http://useiconic.com/open#icons) | |||
## What's in Open Iconic? | |||
* 223 icons designed to be legible down to 8 pixels | |||
* Super-light SVG files - 61.8 for the entire set | |||
* SVG sprite—the modern replacement for icon fonts | |||
* Webfont (EOT, OTF, SVG, TTF, WOFF), PNG and WebP formats | |||
* Webfont stylesheets (including versions for Bootstrap and Foundation) in CSS, LESS, SCSS and Stylus formats | |||
* PNG and WebP raster images in 8px, 16px, 24px, 32px, 48px and 64px. | |||
## Getting Started | |||
#### For code samples and everything else you need to get started with Open Iconic, check out our [Icons](http://useiconic.com/open#icons) and [Reference](http://useiconic.com/open#reference) sections. | |||
### General Usage | |||
#### Using Open Iconic's SVGs | |||
We like SVGs and we think they're the way to display icons on the web. Since Open Iconic are just basic SVGs, we suggest you display them like you would any other image (don't forget the `alt` attribute). | |||
``` | |||
<img src="/open-iconic/svg/icon-name.svg" alt="icon name"> | |||
``` | |||
#### Using Open Iconic's SVG Sprite | |||
Open Iconic also comes in a SVG sprite which allows you to display all the icons in the set with a single request. It's like an icon font, without being a hack. | |||
Adding an icon from an SVG sprite is a little different than what you're used to, but it's still a piece of cake. *Tip: To make your icons easily style able, we suggest adding a general class to the* `<svg>` *tag and a unique class name for each different icon in the* `<use>` *tag.* | |||
``` | |||
<svg class="icon"> | |||
<use xlink:href="open-iconic.svg#account-login" class="icon-account-login"></use> | |||
</svg> | |||
``` | |||
Sizing icons only needs basic CSS. All the icons are in a square format, so just set the `<svg>` tag with equal width and height dimensions. | |||
``` | |||
.icon { | |||
width: 16px; | |||
height: 16px; | |||
} | |||
``` | |||
Coloring icons is even easier. All you need to do is set the `fill` rule on the `<use>` tag. | |||
``` | |||
.icon-account-login { | |||
fill: #f00; | |||
} | |||
``` | |||
To learn more about SVG Sprites, read [Chris Coyier's guide](http://css-tricks.com/svg-sprites-use-better-icon-fonts/). | |||
#### Using Open Iconic's Icon Font... | |||
##### โฆwith Bootstrap | |||
You can find our Bootstrap stylesheets in `font/css/open-iconic-bootstrap.{css, less, scss, styl}` | |||
``` | |||
<link href="/open-iconic/font/css/open-iconic-bootstrap.css" rel="stylesheet"> | |||
``` | |||
``` | |||
<span class="oi oi-icon-name" title="icon name" aria-hidden="true"></span> | |||
``` | |||
##### โฆwith Foundation | |||
You can find our Foundation stylesheets in `font/css/open-iconic-foundation.{css, less, scss, styl}` | |||
``` | |||
<link href="/open-iconic/font/css/open-iconic-foundation.css" rel="stylesheet"> | |||
``` | |||
``` | |||
<span class="fi-icon-name" title="icon name" aria-hidden="true"></span> | |||
``` | |||
##### โฆon its own | |||
You can find our default stylesheets in `font/css/open-iconic.{css, less, scss, styl}` | |||
``` | |||
<link href="/open-iconic/font/css/open-iconic.css" rel="stylesheet"> | |||
``` | |||
``` | |||
<span class="oi" data-glyph="icon-name" title="icon name" aria-hidden="true"></span> | |||
``` | |||
## License | |||
### Icons | |||
All code (including SVG markup) is under the [MIT License](http://opensource.org/licenses/MIT). | |||
### Fonts | |||
All fonts are under the [SIL Licensed](http://scripts.sil.org/cms/scripts/page.php?item_id=OFL_web). |
@ -0,0 +1,21 @@ | |||
{ | |||
"name": "open-iconic", | |||
"description": "An open source icon set in SVG, webfont and raster formats", | |||
"version": "1.1.1", | |||
"license": [ | |||
"MIT", | |||
"OFL-1.1" | |||
], | |||
"homepage": "https://useiconic.com/open", | |||
"repository": { | |||
"type": "git", | |||
"url": "git://github.com/iconic/open-iconic.git" | |||
}, | |||
"main": [ | |||
"./sprite/open-iconic.min.svg" | |||
], | |||
"ignore": [ | |||
"*.json", | |||
"*.md" | |||
] | |||
} |
@ -0,0 +1,952 @@ | |||
/* Bootstrap */ | |||
@font-face { | |||
font-family: 'Icons'; | |||
src: url('../fonts/open-iconic.eot'); | |||
src: url('../fonts/open-iconic.eot?#iconic-sm') format('embedded-opentype'), url('../fonts/open-iconic.woff') format('woff'), url('../fonts/open-iconic.ttf') format('truetype'), url('../fonts/open-iconic.otf') format('opentype'), url('../fonts/open-iconic.svg#iconic-sm') format('svg'); | |||
font-weight: normal; | |||
font-style: normal; | |||
} | |||
.oi { | |||
position: relative; | |||
top: 1px; | |||
display: inline-block; | |||
speak:none; | |||
font-family: 'Icons'; | |||
font-style: normal; | |||
font-weight: normal; | |||
line-height: 1; | |||
-webkit-font-smoothing: antialiased; | |||
-moz-osx-font-smoothing: grayscale; | |||
} | |||
.oi:empty:before { | |||
width: 1em; | |||
text-align: center; | |||
box-sizing: content-box; | |||
} | |||
.oi.oi-align-center:before { | |||
text-align: center; | |||
} | |||
.oi.oi-align-left:before { | |||
text-align: left; | |||
} | |||
.oi.oi-align-right:before { | |||
text-align: right; | |||
} | |||
.oi.oi-flip-horizontal:before { | |||
-webkit-transform: scale(-1, 1); | |||
-ms-transform: scale(-1, 1); | |||
transform: scale(-1, 1); | |||
} | |||
.oi.oi-flip-vertical:before { | |||
-webkit-transform: scale(1, -1); | |||
-ms-transform: scale(-1, 1); | |||
transform: scale(1, -1); | |||
} | |||
.oi.oi-flip-horizontal-vertical:before { | |||
-webkit-transform: scale(-1, -1); | |||
-ms-transform: scale(-1, 1); | |||
transform: scale(-1, -1); | |||
} | |||
.oi-account-login:before { | |||
content:'\e000'; | |||
} | |||
.oi-account-logout:before { | |||
content:'\e001'; | |||
} | |||
.oi-action-redo:before { | |||
content:'\e002'; | |||
} | |||
.oi-action-undo:before { | |||
content:'\e003'; | |||
} | |||
.oi-align-center:before { | |||
content:'\e004'; | |||
} | |||
.oi-align-left:before { | |||
content:'\e005'; | |||
} | |||
.oi-align-right:before { | |||
content:'\e006'; | |||
} | |||
.oi-aperture:before { | |||
content:'\e007'; | |||
} | |||
.oi-arrow-bottom:before { | |||
content:'\e008'; | |||
} | |||
.oi-arrow-circle-bottom:before { | |||
content:'\e009'; | |||
} | |||
.oi-arrow-circle-left:before { | |||
content:'\e00a'; | |||
} | |||
.oi-arrow-circle-right:before { | |||
content:'\e00b'; | |||
} | |||
.oi-arrow-circle-top:before { | |||
content:'\e00c'; | |||
} | |||
.oi-arrow-left:before { | |||
content:'\e00d'; | |||
} | |||
.oi-arrow-right:before { | |||
content:'\e00e'; | |||
} | |||
.oi-arrow-thick-bottom:before { | |||
content:'\e00f'; | |||
} | |||
.oi-arrow-thick-left:before { | |||
content:'\e010'; | |||
} | |||
.oi-arrow-thick-right:before { | |||
content:'\e011'; | |||
} | |||
.oi-arrow-thick-top:before { | |||
content:'\e012'; | |||
} | |||
.oi-arrow-top:before { | |||
content:'\e013'; | |||
} | |||
.oi-audio-spectrum:before { | |||
content:'\e014'; | |||
} | |||
.oi-audio:before { | |||
content:'\e015'; | |||
} | |||
.oi-badge:before { | |||
content:'\e016'; | |||
} | |||
.oi-ban:before { | |||
content:'\e017'; | |||
} | |||
.oi-bar-chart:before { | |||
content:'\e018'; | |||
} | |||
.oi-basket:before { | |||
content:'\e019'; | |||
} | |||
.oi-battery-empty:before { | |||
content:'\e01a'; | |||
} | |||
.oi-battery-full:before { | |||
content:'\e01b'; | |||
} | |||
.oi-beaker:before { | |||
content:'\e01c'; | |||
} | |||
.oi-bell:before { | |||
content:'\e01d'; | |||