Ventoy - Open source USB boot utility for both BIOS and UEFI

As I think the ventoy_wimboot.img building directly on the user PC is an easy to fix subject, I downloaded the release you make available "just for testing porpouses" and I can confirm it is working fine on Bios, I will test it on a UEFI machine and comment back.

alacran

As I think the ventoy_wimboot.img building directly on the user PC is an easy to fix subject, I downloaded the release you make available "just for testing porpouses" and I can confirm it is working fine on Bios, I will test it on a UEFI machine and comment back.

 

alacran

Yes, that's what I think about. 

As for parted magic 0520, you can try ventoy-1.0.12, I have tested it on my laptop and it worked fine.

JFX's tool GWT.exe   (Get Waik Tools) will download a file or group of files from a Microsoft ISO.

e.g. to get a Win8.1 version of bootmgr

GWT -range:8808448-9236127 -out:"%USBDRIVELETTER%\_ISO\e2b\grub\DPMS\NTBOOT.MOD\bootmgr" -title:"Downloading Win8.1 Bootmgr" -link:/download/B/9/9/B999286E-0A47-406D-8B3D-5B5AD7373A4A/9600.16384.WINBLUE_RTM.130821-1623_X86FRE_ENTERPRISE_EVAL_EN-US-IRM_CENA_X86FREE_EN-US_DV5.ISO -silent

There is  tool to work out the magic range numbers needed.

https://msfn.org/boa...-the-huge-isos/

https://msfn.org/boa...comment-1140305

Iso2Offset.exe Win10_1809Oct_EnglishInternational_x64.iso -UDF EFI\boot\bootx64.efi

[efi\boot\bootx64.efi]
Range=4957421568-4958890807

Maybe JFX could add a switch to GWT so that it downloads all  MBR and EFI boot files in one go?

It should be possible to then just make a .cmd file to automatically build ventoy_wimboot.img file?

English: http://care.dlservic...64FRE_EN-US.ISO

I agree, GetWAIKTools by JFX is a great tool (as is WinNTSetup by the same author).

Unfortunately (?), it's not open source, I believe.

(BTW, I fully respect JFX's decision about that).

EDIT: I also like your idea for an extra switch to GWT.exe to download the boot files!

And while we're at it: Is there any difference in different boot files though the years? I always use the latest version (those usually work for older PEs), but has anyone ever noticed any actual differences (besides newer build dates and new signatures)?

yes. There are differences. For instance chenalls NTBOOT grub4dos scripts modify a BCD file with the path of a WIM or VHD file for use by bootmgr. This does not boot if you use a win10 version of bootmgr, it only works with certain Win 8.1 versions of bootmgr.

I think .efi files are same, with extra tweaks\changes added over time.

P.S. Windows is not open source - so you better not use Windows...

Thanks.

My question was mainly about differences (in the boot files) between all the Windows 10 builds (sorry, should have been clearer).

I don't mind that GetWAIKTools is not open source, but maybe Ventoy does. Well, I guess he then has to write the code himself, I''m sure he could do it, he has a good track record so far :-)

Not saying you're wrong

I'm not. But you are clearly trying to imply that I am.
 

but can you be more precise?

I don't have to. Try to distribute one of the Windows ISOs, even the ones that Microsoft publicly provides, from one of your servers, wherever you want to locate it, and see how long it takes for Microsoft to send a DMCA to your hosting provider. If you spend some time looking for Windows ISO content or Microsoft copyrighted content, you will find tons of notices about "this link has been removed due to DMCA". Or I can just point to this link.

If that's the point you are trying to make, there is no legal difference between distributing a collection of copyrighted works you have no right to distribute or a single copyrighted work. It's be like saying "Well, I was only distributing one song from artist X on my server! It's not like I was redistributing the whole album...". That is not going to fly in any court of law, regardless of jurisdiction, because international copyright laws are well defined at this stage and do apply.
 
Oh, and you can try to claim "fair use" or "but I'm not trying to profit from it!" and see where that takes you.
 
If you want to prove the point that Microsoft won't do anything if you redistribute one of their copyrighted files, and want to disprove what I am stating, then please go ahead and publicly announce that "I, dije, will be redistributing this specific Microsoft copyrighted file, not for profit and on the grounds of what I believe to be fair use. You can download it from my server at this URL". In other words, the onus is on you to prove me wrong, and not on me to demonstrate that "In every single case where someone published a Microsoft copyrighted file, Microsoft issued a DMCA", which isn't actually the point I am making and which, of course is not something that can be demonstrated, especially as I am confident that, as I said, there exist many many cases that will fly under Microsoft's radar.
 

I'm asking because I seem to have a vague recollection -- do not rely on this, anyone, IANAL -- that there is some precedent for a court accepting that MS was in practice so lax on enforcement that they could be held to be in tacit collusion with piracy of their own product. (The reason for their laxity is said to be because they prefer you to have a pirated copy of their software to a licit copy of someone else's, so long as nobody is making money, in order to maintain their monopoly -- monopoly being a crime of which MS definitely has been convicted in US federal court).

Ah, yes, the old "I've heard that there might have been some instance of something that went in my way... too bad I can't actually point to anything that corroborates what I am asserting".

For someone asking somebody else to demonstrate their assertion (which I did with the DMCA notices for Microsoft copyrighted work above), you sure are light with regards to tangible evidence for the point you are trying to make.

My statement is not based on hear say, but on actual instances that I have seen happening. If you look hard enough, I would assert that you can still find some copies of the HPUSBFW floating around with the MS-DOS files, and then newer versions where it was removed. And again, as I have shown above, MS DMCA notices are literally a dime a dozen.

On the other hand, your assertion is pure hear and say.
 

Anyway, just to be clear, I am not advocating or recommending that anyone circulate MS binaries without MS' permission (...)

Yet it does seem to me like you do believe that there are legal exceptions to do so.

Until proven otherwise (with the onus on you to find a public legal case where that actually happened because, in this instance, you only have to find a single example, as opposed to what you asked me to demonstrate, that in every possible instance and jurisdiction, Microsoft will go against redistribution of their work), there is no legal framework or precedent where anyone that hasn't entered a redistribution agreement with Microsoft, is entitled, even implicitly, to publish binaries that are copyrighted by Microsoft that aren't also subject to a non-proprietary license (since Microsoft does sometime publish Open Source work, but that is a different matter, and the files we are talking about clearly do not fall under that category).
 

The prospect of MS execs arbitrarily shutting down Github projects is exactly why I have taken my code off Github and moved it to a more open and freedom-respecting service, and I urge everyone to act similarly.

I wouldn't go that far.

As long as you do take copyright seriously and don't try to brush it under the carpet with the hope that, maybe, the owner of the copyrighted work will just let it slide, you will be fine with GitHub...

However, with Microsoft now owning GitHub, one can easily imagine them having a script, that parses the content of every single GitHub repo for binaries that contain a "Copyright Microsoft", to flag them for closer inspection, and potential removal or repo shutdown...
 

There's a lot of naive lauding of MS for its current moves around open source. (Notice that they still can't bring themselves to say "free software"). As if MS would make those moves if they still had any other choice! MS fought long, hard and very, very dirty, at tremendous cost to more talented, more ethical people, and they lost. They tried every kind of malicious and underhanded scheme they could think of; they lost. We beat them, and we didn't even have to try. MS' malignity was utterly defeated by the one thing they could not control through monopolist licensing: freedom-respecting software.
 
Listen to us greybeards: once a scorpion, always a scorpion. Do not trust Microsoft. Ever. It only exists because of the crime of monopoly. All that money came from the denial of choice to the market, not free choice by the market. Nobody ever chose Microsoft, and everybody inside Microsoft knows it. Don't be surprised when the scorpion stings; it can't help it. It just has to, sooner or later. Try not to be the one being stung. Make and use better software that everyone is irrevocably free to use, read, change and distribute.

I am actually not sure if you are being ironic here.

Microsoft has made a lot of strides towards Open Source, but as far as I'm concerned, as long as they forcibly continue to prevent anything GPLv3 from being signed for Secure Boot, even as they happily sign shims that in turn allow GPLv3 binaries to be executed in a Secure Boot environment (which, logically, completely invalidates their alleged "reasoning" for not wanting to sign GPLv3 because it would force them to relinquish keys and leave Secure Boot wide open), it remains pretty clear that, yes, some of their "We're friendly to Open Source now!" message is just a facade.

Maybe I can only provide the shell script to generate the image file in the project. https://github.com/ventoy/wimiso

Yes. The only legal way I see around this is to have users generate the image themselves (or write your own version of the files your want to provide, but that's obviously not a good solution unless you are very familiar with the Windows boot process and have a lot of time on your hands).
 
As others have pointed to, this is most certainly doable as, one way or another, users can obtain the required files online.
 

Remove the binary release, and  let users to provide bootmgr etfsboot.com bootx64.efi .... by themselves.

That's one possibility but it's of course inconvenient and requires a lot more user involvement, which isn't great.
 

Or they can provide the whole Windows ISO file, and just run  xxx.sh Windows.iso or xxx.bat Windows.iso.

Well, if you are sure there is a Windows ISO you can rely on, and since you already have some ISO handling libraries, then picking the files from the local drive is probably the best solution.

I would still offer the possibility of picking them from an online ISO, in case the user want to generate the image before they add their Windows ISO.

I think your worry is that users would have to download a full ISO before they can extract the files needed, but that is not actually the case if the are located at the beginning of the ISO, which is likely, because what you can do, once you have a link to a public Microsoft ISO, is indicate that you only want to download part of the file, and with an ISO9660 or UDF file format, you certainly don't need to have access to the whole ISO to be able to download the data blocks for the file you are after, as long as you know which sectors they occupy (which you can easily find out, as MS ISOs are pretty much immutable).

So the way I'd do it is write a script that:

• Gets a specific Windows10 ISO link (e.g. Windows 10 x64 2004 US)
• Downloads only the relevant part of it (I think that the MS servers honour the "Start download at position #" HTTP request, but if not, I would assert that the data you need should be at the beginning so you can always stop the download once you have enough data)
• Extract the relevant data blocks from the partial ISO downloaded to reconstruct the files
• Create the image from the reconstructed files.

This way, users don't need to already have access to an ISO. All they need is an internet connection.

EDIT: The first 3 points are pretty much covered with GWT.exe that steve6375 pointed to above.

Yes. The only legal way I see around this is to have users generate the image themselves (or write your own version of the files your want to provide, but that's obviously not a good solution unless you are very familiar with the Windows boot process and have a lot of time on your hands).
 
As others have pointed to, this is most certainly doable as, one way or another, users can obtain the required files online.
 

That's one possibility but it's of course inconvenient and requires a lot more user involvement, which isn't great.
 

Well, if you are sure there is a Windows ISO you can rely on, and since you already have some ISO handling libraries, then picking the files from the local drive is probably the best solution.

 

I would still offer the possibility of picking them from an online ISO, in case the user want to generate the image before they add their Windows ISO.

 

I think your worry is that users would have to download a full ISO before they can extract the files needed, but that is not actually the case if the are located at the beginning of the ISO, which is likely, because what you can do, once you have a link to a public Microsoft ISO, is indicate that you only want to download part of the file, and with an ISO9660 or UDF file format, you certainly don't need to have access to the whole ISO to be able to download the data blocks for the file you are after, as long as you know which sectors they occupy (which you can easily find out, as MS ISOs are pretty much immutable).

 

So the way I'd do it is write a script that:

• Gets a specific Windows10 ISO link (e.g. Windows 10 x64 2004 US)
• Downloads only the relevant part of it (I think that the MS servers honour the "Start download at position #" HTTP request, but if not, I would assert that the data you need should be at the beginning so you can always stop the download once you have enough data)
• Extract the relevant data blocks from the partial ISO downloaded to reconstruct the files
• Create the image from the reconstructed files.

This way, users don't need to already have access to an ISO. All they need is an internet connection.

 

EDIT: The first 3 points are pretty much covered with GWT.exe that steve6375 pointed to above.

Thank you for your suggestions.

Maybe I can provide 3 scripts about generate the image file,  from local, from internet and from ISO file.

The internet is indeed a problem in some areas.

If the user can download windows ISOs and .wim files, they probably have good internet.

The main problem is compatibility with different versions of the boot files. The ISO that the user uses as the source or the source files on his Win7/8/10/server xxx system may not be compatible with Ventoy/wim booting and how will you know what precise version they have used if\when they report an issue?

It is best to get it directly from a Long Term Support Microsoft ISO on the internet so that you know that always the same\correct version is used - or if not - ask them to download a specific ISO and check the length of the files or xsum\hashes afterwards?

If the user can download windows ISOs and .wim files, they probably have good internet.

The main problem is compatibility with different versions of the boot files. The ISO that the user uses as the source or the source files on his Win7/8/10/server xxx system may not be compatible with Ventoy/wim booting and how will you know what precise version they have used if\when they report an issue?

It is best to get it directly from a Long Term Support Microsoft ISO on the internet so that you know that always the same\correct version is used - or if not - ask them to download a specific ISO and check the length of the files or xsum\hashes afterwards?

The problem is that in some areas the internet is not good to visit some website (only few KB/s), it may have taken them long long time to download the iso files.

I'm considering provide something like this

As for the version of boot files, I think something i can do:

1. suggest for a version with better compability

2. suggest for the version match the WIM file (I can give some info about the WIM file by the tool)

3. If the WIM file contains such boot file, like bootmgr, maybe i can use it directly.

4. A menu before boot can be added for user to select which img to use for this time like the auto installation script and persistence image file as bellows:

Edited by ventoy, 31 May 2020 - 01:22 PM.

For the record, HP, which used to produce the HPFWUSB tool did try to embed MS-DOS files in their application, and from what I gather, Microsoft came onto them like a ton of brick, because they hadn't acquired a license to do so, and this forced them to remove these files from subsequent versions of their utility.

Still for the record (and for the record only), they (the HP guys) never "removed" them, they made the tick box to install MS-DOS not selectable, the files were still in HPUSBFW, and they could be extracted with - say - 7-zip, so -technically - they insisted on distributing them nonetheless, only they  hid them, and even more intrerestingly clonezilla used it (the HP tool, not the MS-DOS within it) sneakily:

http://reboot.pro/to...ub4dos/?p=38099

http://reboot.pro/to...fwexe/?p=107795

@dije @Steve6375

I would add to the "usual" discussion about files being (or being not) redistributable that there is a risk of having too much accent on "they will go after you" (or "but they never went after these other people, that did the same"), whether they will (or they won't) go after you should be irrelevant, if something is illegal or only just unethical it remains so, no matter if the enforcement is effective or not.

I.e. you do not (should not) run red lights because it is illegal (or just wrong) to do so, not because you have spotted a police car near the traffic light and fear to be stopped and fined.

It is important to make this distinction because a lot of other software Authors (that decide - and it is their right to do so - to not make their programs redistributable) that may not have the means to enforce removal of illegally redistributed files, should have their will respected nonetheless.

Back to topic, before GWT, we had httpdisk:
http://reboot.pro/to...ole-waik-first/

maybe *something like it* should be what is needed.

Wonko

they (the HP guys) never "removed" them, they made the tick box to install MS-DOS not selectable, the files were still in HPUSBFW, and they could be extracted with - say - 7-zip

I believe they did remove the files after a while, because from looking at various versions of that utility, there was an obvious decrease in size for some of the newer versions that were published.
 
In fact, since I reverse engineered the tool, I did post about HP hiding the DOS file in some of their versions (which indeed corroborates what you state) so that they would be available only when some specific USB HP hardware was present:
 

By the way, if you get your hands on an older version of the HPUSBFW tool --the one that is about 400 KB in size, you should be advised that it contains, as a resource, a self extracting UPX compressed executable that will extract the Windows 98 DOS files. The utility itself is designed to only enable extraction of these files if specific HP USB hardware (VID:PID 03F0:0023) is detected, however that can easily be patched to enable any device (F0 03 75 15 → F0 03 90 90 & 23 00 75 0C → 23 90 90 0C) and one could use HPUSBFW as a standalone USB DOS boot utility.

However, I am pretty confident that subsequent versions had these files removed, as I distinctly remember comparing various versions of the utility, and really I don't see myself posting "if you get your hands on an older version" if I had seen these file still being present in newer versions...

I do take your point about unfair onus bias in my question to you and setting myself a lower standard of proof. Sorry.

in this instance, you only have to find a single example, as opposed to what you asked me to demonstrate, that in every possible instance and jurisdiction, Microsoft will go against redistribution of their work), there is no legal framework or precedent where anyone that hasn't entered a redistribution agreement with Microsoft, is entitled, even implicitly, to publish binaries that are copyrighted by Microsoft that aren't also subject to a non-proprietary license

 

https://en.wikipedia...nagement#Israel

No legislative basis for enforcement in what I'm sure we would agree is a non-trivial jurisdiction in the tech world.

A good page for everyone who's interested to have a look at, especially the "Shortcomings" and "Opposition" sections.

 the owner of the copyrighted work

A copyright holder does not own a work. They hold a temporary monopoly on the reproduction and distribution of that work. The original intent of copyright was to provide some reasonable but time-limited reward and protection for creators at the cost of a temporary sacrifice of the right of the general public to participate in cultural life freely, fully and equally without regard to wealth or rank. It was not to give imperishable and unconditional ownership of anything to anyone. That is why copyright notices have to include a date to be valid. "Own" may be a convenient shorthand for some purposes, but it is misleading in this context.

https://en.wikipedia...nagement#Israel

Thanks for providing an example.

I would assume that this was more about Israeli secret services feeling they'd be hampered in their ability to gain access to systems they shouldn't legally be entitled to gain access to than the provision of unlicensed copies of copyrighted digital material (else, I suppose the Pirate Bay would have long found permanent hosting in Israel), but I appreciate that you do indeed make a good point about copyright law not being as universal as one might think, which is legitimate.

If one wants to go that way, I guess one could also bring the Sealand/HeavenCo hosting facility, which "technically" allowed the provision of copyrighted content, though I suspect that, unless you are a an actual resident of Sealand, copyright law could probably get you from the act of uploading content there, if it becomes apparent that you are attached to the uploading of the copyrighted files...

Still, I would push towards solving the Ventoy matter in a manner that doesn't involve having to thread dicey waters...

I am actually not sure if you are being ironic here.

 
I think it's more a case of us being in violent agreement.
 

Microsoft has made a lot of strides towards Open Source, but as far as I'm concerned, as long as they forcibly continue to prevent anything GPLv3 from being signed for Secure Boot, even as they happily sign shims that in turn allow GPLv3 binaries to be executed in a Secure Boot environment (which, logically, completely invalidates their alleged "reasoning" for not wanting to sign GPLv3 because it would force them to relinquish keys and leave Secure Boot wide open), it remains pretty clear that, yes, some of their "We're friendly to Open Source now!" message is just a facade.

Hear hear.

I.e. you do not (should not) run red lights because it is illegal (or just wrong) to do so, not because you have spotted a police car near the traffic light and fear to be stopped and fined.

 

OK - well I guess I am guilty because last winter some temporary traffic lights by some roadworks on the only road leading into my village were permanently stuck on red. I waited 10 minutes and because it was dark and I could tell there was no oncoming traffic, so I went through the red light.

No one seemed to care even when I phoned the police and told them what I had done and asked them to send someone out to fix the lights.

Though I do agree that 'legally' you should not redistribute MS binaries that are licensed and copyrighted, but my point was, do MS actually care about non-commercial use of their boot files when it is probably being used to fix\repair\install their product anyway and the end user has a license to use Windows\WinPE because they own a Windows Licence anyway?

"Own" may be a convenient shorthand for some purposes

Which is exactly how it is being used here. Sadly, the copyright of the files we are talking about is not going to expire in 10 or 20 years, so as far as we are concerned, the fact that there exists a "best before" date on that can of worms is not really relevant (though it is of course worth reminding people that, as much as Disney and other companies are trying to make it so, copyright is not supposed to be in perpetuity).
 

Do MS actually care about non-commercial use of their boot files (...)?

Well, I'm not against anyone trying to find that out. But I'd rather not have them finding that out the hard way if it can be avoided...

 

Yes, that's what I think about. 

 

As for parted magic 0520, you can try ventoy-1.0.12, I have tested it on my laptop and it worked fine.

 

name: pmagic_2020_05_20.iso

size: 835715072

MD5 : 81a44cd6684f493bdc3dc9d84cb7e162

 

Thanks, just tested and it is working fine.

The problem is that in some areas the internet is not good to visit some website (only few KB/s), it may have taken them long long time to download the iso files.

 

I'm considering provide something like this

 

 

As for the version of boot files, I think something i can do:

1. suggest for a version with better compability

2. suggest for the version match the WIM file (I can give some info about the WIM file by the tool)

3. If the WIM file contains such boot file, like bootmgr, maybe i can use it directly.

4. A menu before boot can be added for user to select which img to use for this time like the auto installation script and persistence image file as bellows:

It looks as a good idea, but I have a suggestion:

I already took a look to Bios and UEFI BCD files on actual release and I would like to make a suggestion that has proven to work very fine on UEFI_MULTI and VHD_WIMBOOT (both programs from wimb), it may be good to have both options, (or at least let the user select his prefered BCDs before building), plese see attached pictures.

alacran

Non-enforcement as deliberate (and profitable) policy:

https://papers.ssrn....tract_id=386141

Eben Moglen, of the Software Freedom Law Center:

https://en.wikipedia...iki/Eben_Moglen

"“It has always been in Microsoft’s interests for software to be available at two different prices — expensive for the people that can afford it and inexpensive for those that can’t,” Mr. Moglen says. “At the end of the day, if you’re a monopolist, you have to tolerate a large number of copies you don’t get paid for just to keep everyone hooked.”

Quoted in a FUD piece in the NYT

https://www.nytimes....y/07piracy.html

So far this are my findings testing the new WIM files booting capavility of Ventoy v1.0.12:

ChrisPE-10x64.wim boots fine as Bios or as UEFI (I have secure mode disabled permanently)

ChrisPE-8.1x64.wim boots fine as Bios or as UEFI (I have secure mode disabled permanently)

ChrisPE-8.1x86.wim only boots fine as Bios

Win10XPE_x64.wim only boots fine as Bios

Partition_Wizard-10.2.wim only boots fine as Bios

PC_Unlocker.wim only boots fine as Bios

JFYI

All mentioned WIM files boot fine from Win bootmanager created by UEFI_MULTI, so there is not a problem related to the files.

Your friend

alacran

Here's what respecting bad law gets you:

"Eric Lundgren will spend 15 months in prison for selling discs that let people reinstall Windows on licensed machines."

https://techcrunch.c...e/?guccounter=1

The SS, Gestapo and other Third Reich operatives never broke the law. The people who hid Anne Frank and her family did.

@ dije

Please don't take this in the wrong way:

I kindly suggest you to open a new thread to talk especifically of all you want about legal points of view related to non free software.

I'm sure they will be many people interested in that thread, and let the other members here to continue talking of the main subject on this thread.

Since on this project the author already has some ideas to solve the potential legal issues, there is no point to continue talking of legalities here.

By the way WELCOME to the forum.

Your friend

alacran