[saurik]

Frankly, it is really annoying when developers working at one of the large closed-source platform oligopolists blame their users for trying to work around the deficiencies (or even outright hostile "business model" optimizations) in their software by whatever scant means are left to them: maybe if Microsoft didn't keep removing good functionality and stopped forcing bad "features" on everyone, fewer people would see a need to install and use these extensions that are being scapegoated here for the lack of satisfaction in Windows updates.

Just look through the comments on this article to see people pointing out how Microsoft keeps removing options for how people can do this in less risky ways, or even ideas for how Microsoft can improve the safety of these extensions (which aren't all exactly right but I will note that if Microsoft embraced these more and provided an official loader--not one that limited the access but merely coordinated the installation--this is easily solved with the same kind of "safe mode" I designed for shell extensions on jailbroken iOS devices).

To quote one of the comments:

> Not just this article, but far too often when articles such as this are written, about widely used 3rd party tweaks, and the commenting strongly supports the tweak in question, but MS charges forward that “all these enthusiasts are wrong, we will continue our way” is telling of how far out of touch the Win dev team is away from its user base.

[lcnPylGDnU4H9OF]

A reply from the article author sort of communicates why they don’t work with the patcher:

> They don’t use the shell extension mechanism to get into the process. They sneak in by nefarious means. Patching is not supported. There is no “correct” way of doing it. Just different levels of bad.

I assume the “nefarious” ways are similar to rootkits in that they exploit vulnerabilities to gain system access they’re not intended to have.

It’s also only really the reason they don’t care that the patcher breaks. The reason I assume they don’t add or retain these features is maintenance and support cost.

[poizan42]

No, the "nefarious" means they are simply using APIs like WriteProcessMemory/ VirtualProtectEx/CreateRemoteThreadEx to modify the memory of runing programs or use SetWindowsHookEx to install global hooks (which inject your dll into every process for the non low-level events)

[Vvector]

Is this any different than what a virus would do?

[Filligree]

Yes. Intent matters.

[xboxnolifes]

Is these APIs are only used by viruses, why do they exist?

[jdewerd]

Because they are also used by debuggers, security tools, and other flavors of "keep the world humming along despite its best efforts to kill itself."

[NoMoreNicksLeft]

We might add to the list "tools and utilities desired by power users".

[13of40]

In the open source world, I think the equivalent here would be to export an internal function in the desktop environment so you can call it with a third party extension. Open source might help you choose the function, but that's not a ton of help if the project owner rejects your pull request because it doesn't mesh with their worldview.

[layer8]

The “correct” way to do this would be to check that the surroundings of the code you’re injecting into are as expected, similar to how applying a diff patch file contains lines before/after to synchronize with the text being patched. When confronted with an incompatible change, the extension would just disable itself and not proceed with the patching. I’ve heard of MS Office extensions that function like that and work robustly.

[mst]

One of the comments on the post mentions an Explorer extension that makes the effort as well.

IMO if you're doing something that far into "don a rubber glove and root around inside somebody else's rectum" territory then the responsibility rests with the author of the crazy, not the authors of the program being fettled.

(and I'd note that I have written code that was very definitely in that territory, held myself to that standard, and having planned to do so from the start didn't find it overly onerous ... I do have a certain sympathy for people who didn't, though)

[rob74]

Well yeah, I mean no one forces you to use Explorer for file management under Windows. I'm an old-time Norton Commander user, and when Windows came around I switched to Total Commander. There are open-source alternatives too, even cross-platform ones, like this one: https://doublecmd.sourceforge.io/.

That being said, no one forces you to use Windows either - except maybe your employer or the software you are using, but this is getting less and less of a problem fortunately (web apps, Proton etc.).

[abbeyj]

This isn't really about using Explorer for file management. It is about using Explorer as the shell. That's the default setup for everybody. Changing the default steel is difficult and some programs may not be compatible with whatever alternative shell you switch to.

Most people don't want to learn a whole new shell. They just want the Explorer shell to have the features that it has had since Windows 7. Features that Microsoft inexplicably chose to remove in Windows 11 and that they are only now belatedly adding back.

[bigstrat2003]

I disagree strongly. If you start mucking around in the memory of the system, and shit breaks, it's on you and not Microsoft. The amount of effort they put into compatibility is Herculean, and honestly is way above and beyond what is reasonable to expect. It's not their fault that they can't handle every single edge case of programmers going rogue and stomping all over the rest of the system.

[redleader55]

> This program patches Explorer in order to accomplish its enhancements, and apparently one of its patches went awry

The fact this is possible is the clowniest thing! Why would a major system component allow "extensions" to run without a sandbox and modify its code?

[kmeisthax]

Caught the Apple employee.

When most of this code was written, sandboxes didn't exist. Existing security concepts were built around protecting users from hacking each other on a shared multi-user system. Of course a user is allowed to patch their own processes, how else are they going to debug them and why should we stop them from doing so?

[arcfour]

If you have Administrator access, you can patch the memory of anything...a normal user wouldn't be permitted to patch Explorer.

Trying to prevent patching in userland code sounds like a nightmare.

[Spivak]

Because you're admin and you can do anything you want with that power good or bad.

[throwawaaarrgh]

You must do BJJ, to be able to twist yourself into such knots to blame Microsoft for a 3rd party vendor's unsupported buggy hacks. No mention of how the 3rd party vendor lies by omission to the users by not telling them that their software is very literally using unsupported, buggy means to accomplish its goals. Leaving the user to blame Microsoft for the crash, when if the user knew the truth, they may feel differently, and maybe not even use the 3rd party software. But it feels better to blame the big bad corporation, despite the fact that they have not lied, and are just trying to fix security issues.