* This is accomplished through Fido (https://github.com/pbatard/Fido), a *SIGNED*
PowerShell script, that is downloaded from GitHub and that resides in memory for
the duration of a session.
* The reason we use a downloaded PS script, rather than an embedded on, is because:
- Microsoft have regularly been changing the deal with regards to how retail ISOs
can be downloaded, and not for the better, so we can't simply embed a static
means of downloading ISOs and expect that to work forever.
- By using an external script, we can immediately respond to whatever new means of
*ANNOYING* their legitimate users Microsoft will come up with next, as well as
make sure that, the minute a new retail version of Windows becomes available, it
also becomes available for download in Rufus.
* Note that if you are concerned about downloading a remote PS script that is being
run at the same level as an elevated application, you should understand that:
- Only scripts downloaded from GitHub, from an account that is protected with 2FA,
are allowed to run (i.e. someone would first have to steal a *physical* 2FA key
to be in a position to upload a malicious script).
- On top of this, only scripts that are signed with a separate private key (RSA +
AES-256), that is itself also protected with a strong unique password which only
a single person knows (and must manually enter each time they want to make a new
version of the script available for download), are allowed to run.
The above means that there's about as much chance for someone to manage to upload
a malicious script on the GitHub servers, that Rufus would allow to run, as there
is for someone to upload a malicious version of Rufus itself.
Still, if you are paranoid and have concerns that, even as you can validate from
its source that Rufus does not attempt to execute any remote script unless a user
actively selected and clicked the DOWNLOAD button, you can also completely disable
the remote script download feature, if you just set the update check to disabled
(which, by the way, Rufus *EXPLICITLY* asks you to choose whether you want to
enable or not, the very first time you run the application).
* Also remove _unlinkU() which duplicates what DeleteFileU() already does.
* Required to support Debian Live 9.1 in ISO mode
* Note that this only works if the efi.img boot files do not require
additional content besides the one extracted from the ISO.
* Rufus now checks for processes with handles opened on the drives/volumes before
starting the format operation and asks the user if they want to continue.
* This mimics Windows' behaviour when formatting drives, and actually uses the
same message as the one from shell32.dll.mui.
* Closes#773
* The Windows APIs may further modify the label compared to our proposed
version (e.g. remove trailing spaces), and we need an exact label for
the Syslinux/GRUB config file update.
* This issue was reported against Springdale Linux, where the isolinux.cfg
label was patched using 'SPRINGDALE\x20' instead of 'SPRINGDALE'
* Closes#784
* Also ensure that we don't replace NULL buffers in msapi_utf8.h and add
GetVolumeInformationU()
* MSG_002 doesn't display in RTL
* Update Policy dialog loses RTL setting after the first paragraph
* Some text displayed in native Windows message boxes is not using RTL
(even as the Message Box itself will display the rest of the UI elements as RTL)
* Detect if the relevant language pack is installed and use MessageBoxEx to
display native message box buttons using the selected language.
* All theses issues are part of #621
* Also remove trailing whitespaces
* Add a cheat mode for VMWare disk detection
* Add a cheat mode to delete the rufus_files directory
* Don't attempt a grub2 download in case we couldn't read the version
* Don't use a shared message buffer between info and status and also
use a more logical handling of low pri/high pri and timeout
* Also fix unwanted selection of info text on restore from minimize
* Also fix the localization generation and add more messages
* Fix missing DD-Image option when no drive is present
* Prevent formatting of a drive when using an image residing on same drive
* Fix ignored bootable checkbox when using a DD-Image
* Fix wrong title for error messages (due to too many concurrent loc messages)
* Add support for LCID provision to option -l
* Fix French translation
* Fix memory leak for loc_filename
* Don't delete an external 'rufus.loc' file if present
* Use IETF normalized tags
* Add quick instructions and sample for translators in new_translation.loc
* Improve About dialog
* Rufus was downloading c32 files in the last directory browsed, which
meant that the same file may have had to be downloaded more than once
* Closes#154
* update copyright year
* switch relevant files to UTF-8 (without signature).
It's 2013 for crying out loud: if your file editor or file viewer
can't handle plain UTF-8, go back to the 1980s!
* also rename autogen.sh to bootstrap.sh
* Creates an UTF-16 autoconf.inf with label, as well as autoconf.ico
* also fixed extended labels not displaying - closes#48
* also bumped version to rufus-next
* also factorized iso props analysis
* additional fixes
* DOS creation was broken due to missing unlock + close
* added label validation to prevent errors
* added ellipsis to status bar
* also bumped version to rufus next and fixed f/non-f
