Comments (24)
Thanks for the input @mlohnen! This might be another lead for you @Notselwyn?
from seb-win-refactoring.
I'm trying my best to reach out to the students with the issues. I'll reply as soon as I have more info.
from seb-win-refactoring.
I understand. On monday I sent a reminder to the students having this issue. So far only one has responded and will be available on thursday. Hopefully I can update the issue with more info.
If this can not be added to the features of 3.7.0 so be it. I'll be happy to have a solution or workaround by the next exams, which start around half may or beginning of june. That way we don't have to make an exception for those students.
from seb-win-refactoring.
I finally got in contact with one of our students again.
Below you can find the requested info: hwconf.reg-2.txt (File renamed to txt to bypass upload restrictions)
I believe to have cracked the case. I believe that the student used this Microsoft account to log into a Windows VM, which caused VMware to be logged in the historic hardware configurations.
@dbuechel Do you think we should remove these checks? It was originally intended as an extra way to retrieve hardware descriptions from registry, but I didn't know it logs historic device hardware info.
from seb-win-refactoring.
Created PR containing the fix @dbuechel
I ended up deleting the entire check to prevent any false positives from arising in the future. The original purpose of the check was checking local hardware changes, but (assuming the logfiles are indeed from an physical machine) it syncs across devices based on Microsoft accounts.
from seb-win-refactoring.
I had this problem and traced it back to being Impero (software to monitor and control pc's remotely).
Also had to enable 'ignore errors when validating display configuration' in the security tab.
from seb-win-refactoring.
I looked into the initial report and I can't find a lead. systemInfo.Model, systemInfo.Manufacturer, PNP devices, and the devicecache shouldn't raise any flags (those are the only variables I could extract from the logs).
It seems that the false positive happened due to either a weird MAC addresses (i.e. incorrect detection of MAC address), a false flagged CPU, an historic hardware configuration, or a weird BIOS name.
@ThomasL-AP could you please provide us the output of the following cmd.exe commands? This allows us to investigate what is causing the false flag.
- List all MAC addresses:
wmic nicconfig get DNSHostName,MACAddress,Description
- List all CPUs:
wmic cpu get Caption,DeviceID,Manufacturer,MaxClockSpeed,Name
- List all hardware configurations to file
hwconf.reg
:reg export HKEY_LOCAL_MACHINE\SYSTEM\HardwareConfig hwconf.reg
(please attach hwconf.reg to your message) - List the BIOS name:
wmic bios get BIOSVersion,Caption,Description,Manufacturer,Name
Thanks
from seb-win-refactoring.
I had this problem and traced it back to being Impero (software to monitor and control pc's remotely). Also had to enable 'ignore errors when validating display configuration' in the security tab.
Thanks for the feedback. Is this VM detection bug caused by Impero already resolved?
from seb-win-refactoring.
I had this problem and traced it back to being Impero (software to monitor and control pc's remotely). Also had to enable 'ignore errors when validating display configuration' in the security tab.
This might indeed be a lead (or just coincidence). I recently solved another unrelated issue (replied with my other account: jixopp). But it could've been that the student had a similar setup (hardware/software)...
I'll look into that and provide more info as soon as possible.
from seb-win-refactoring.
Any fixes for virtual machine issue. I am having issue on a fresh installation of windows.
SafeBrowser version: 3.6
Windows Version (Win32NT 10.0.22631.0 Microsoft Windows NT 10.0.22631.0)
It works with version SafeBrowser 3.5 though.
Thanks and regards
nicconfig.txt
cpu.txt
hwconf.reg.txt
2024-02-08_02h39m29s_Runtime.log
from seb-win-refactoring.
@ask4jm Thanks for your input. I think your issue relates to a bug we accidentally introduced with version 3.6.0. Could you please try the latest beta build for version 3.7.0 to verify whether it fixes your issue?
from seb-win-refactoring.
@ThomasL-AP Were you able to look into the issue and also could you please provide the output of the commands listed by @Notselwyn above (see #789 (comment))?
from seb-win-refactoring.
As a general remark to all involved: We're on the finishing line for the development of SEB 3.7.0, the feature freeze is planned for Friday, 1st of March. Thus, if the issue is not solved until then (and we cannot solve it without the input from the OP and contributors), it'll have to wait for the next release version (3.8.0).
from seb-win-refactoring.
I'd like to inform all involved contributors that on this Friday, March 1st, we have the feature freeze for version 3.7.0. After that, functional changes are not possible anymore and we'd need to postpone this issue to version 3.8.0.
from seb-win-refactoring.
Thanks for your understanding. Version 3.8.0 is currently scheduled for end of Q2 of this year.
from seb-win-refactoring.
I finally got in contact with one of our students again.
Below you can find the requested info:
hwconf.reg-2.txt
(File renamed to txt to bypass upload restrictions)
C:\Windows\System32>wmic nicconfig get DNSHostName,MACAddress,Description
Description DNSHostName MACAddress
Microsoft Kernel Debug Network Adapter
Intel(R) 82574L Gigabit Network Connection
WAN Miniport (SSTP)
WAN Miniport (IKEv2)
WAN Miniport (L2TP)
WAN Miniport (PPTP)
WAN Miniport (PPPOE)
WAN Miniport (IP) A4:90:20:52:41:53
WAN Miniport (IPv6) A6:F3:20:52:41:53
WAN Miniport (Network Monitor) A6:F3:20:52:41:53
Realtek PCIe GbE Family Controller 48:9E:BD:4C:E9:29
Realtek RTL8822CE 802.11ac PCIe Adapter DESKTOP-M4E2IMT 48:E7:DA:6E:C4:F3
Bluetooth Device (Personal Area Network) 48:E7:DA:6E:C4:F2
Microsoft Wi-Fi Direct Virtual Adapter 4A:E7:DA:6E:C4:F3
Microsoft Wi-Fi Direct Virtual Adapter CA:E7:DA:6E:C4:F3C:\Windows\System32>wmic cpu get Caption,DeviceID,Manufacturer,MaxClockSpeed,Name
Caption DeviceID Manufacturer MaxClockSpeed Name
AMD64 Family 25 Model 80 Stepping 0 CPU0 AuthenticAMD 2600 AMD Ryzen 3 5400U with Radeon GraphicsC:\Windows\System32>wmic bios get BIOSVersion,Caption,Description,Manufacturer,Name
BIOSVersion Caption Description Manufacturer Name
{"HPQOEM - 1", "T78 Ver. 01.15.00", "HP - 10F0000"} T78 Ver. 01.15.00 T78 Ver. 01.15.00 HP T78 Ver. 01.15.00
from seb-win-refactoring.
Thank you for providing the information. I will try to look into it this week.
from seb-win-refactoring.
Apparently the false Virtual Machine detection persists in 3.7 as well. We have at the University of Helsinki a small number of students with laptops usually bought from companies that sell second-hand laptops, so not the original OEM Windows on those. Here are logfiles from a case from the day when SEB 3.7 was released.
Apparently, one student replaced a newer version with an older version (3.3.2) where the virtual detection didn't trigger.
2024-04-03_16h23m49s_Runtime.log
2024-04-03_16h23m49s_Client.log
from seb-win-refactoring.
Thanks a lot for the input, that would then also indicate that a false positive detection has indeed been introduced in any of the VM detection improvements we have made since version 3.3.2.
@Notselwyn You might find some hints in the source control history, e.g. https://github.com/SafeExamBrowser/seb-win-refactoring/commits/master/SafeExamBrowser.SystemComponents/VirtualMachineDetector.cs?since=2022-01-31&until=2024-04-11
from seb-win-refactoring.
Great work! Yes, then I think it's better to remove the checks or at least filter out the historic device hardware info (if that's even possible).
from seb-win-refactoring.
Will you let me know when there is a (beta) release to test?
from seb-win-refactoring.
Yes certainly, the changes can now be tested with the latest beta build: http://sebdev-let.ethz.ch/api/buildjobs/08axvsavj5yqx3oo/artifacts/SEB_3.8.0.685_SetupBundle.exe.
Unfortunately, our build server currently has an issue with HTTPS access, so please do make sure that the setup is correctly signed after downloading it over HTTP.
from seb-win-refactoring.
Where can I find the latest beta? I missed the previous comment and couldn't download it. The above link is broken now.
Exams start next week at our institution. Any idea when 3.8 will be officially released?
from seb-win-refactoring.
Terribly sorry, we renamed our build server from sebdev-let.ethz.ch to sebdev.ethz.ch. You can find the latest beta build of version 3.8.0 here: https://sebdev.ethz.ch/api/buildjobs/uhu49u589dsh8hy9/artifacts/SEB_3.8.0.690_SetupBundle.exe.
from seb-win-refactoring.
Related Issues (20)
- ARM (aarch64) Windows Builds HOT 2
- SEB_3.7.1.704_SetupBundle.exe won't install HOT 1
- Safe Exam Browser is locked HOT 1
- SEB detects virtual machine HOT 8
- Update Installer HOT 4
- Consistency in "minimal macOS version"-setting between Windows and mac HOT 3
- Documentation for SEB Version Restrictions in config tool HOT 1
- SEB 3.7.1 - Failed Display Verification - "Not Supported" in Log HOT 3
- SEB Reset Utility failed to reset 8 items
- SEB setup failed/ not installing HOT 9
- what am I getting this error for? HOT 1
- Fatal error (Invalid class) HOT 5
- Add ARM compatibility HOT 3
- SEB Fails to Start in Offline Mode on Windows 11, No Log Files Generated HOT 2
- Install Fails HOT 1
- INSTALLATION ERROR (INSTALLATION FAILED) HOT 1
- Safe Exam Browser Client terminating HOT 2
- SEB 3.7.1.704 Crash HOT 5
- Message "The browser application has detected a closed URL. Do you want to terminate SEB now?" but only hard shutdown is possible HOT 1
- Session Start Error HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from seb-win-refactoring.