-
-
Notifications
You must be signed in to change notification settings - Fork 162
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bitdefender blocks installation and quarantines the .exe and .ink #138
Comments
I think the best solution would be to contact bitdefender and label it as 'false-positive'. |
Not sure if i should create my own issue, but Bullguard anti-virus also treats the temp files as a threat and quarantines them, causing the installer to fail. |
It all comes down to the same issue. I have no idea how to go about obtaining a microsoft code signing certificate . . |
Hhmm, windows for one, warns about the file, but i can run the installer anyway, and windows doesnt do anything after that. |
Windows warns about the file because I don't pay the Microsoft Maffia code signing cert and it's not a popular enough app to be included default . . I have not heard about bullguard, is it a popular computer-slow-down-application? Anyways . . all jokes aside . . Since I have not used Windows in the last 15 years, I know very little about it's security-through-nagging systems and popular on-access blacklist and sometimes-heuristics-based pseudo-security applications. This will also slow down the release cycle, since currently the builds are handled by an external service. If anyone has experience in this field, please let me know. I would love to prevent having to buy a Windows licence for a virtual machine, set that shit up, get a code-signing key and invest even more time I will never get back into supporting this backward, extortionist non-free platform . . |
I checked it with virustotal, got no alarm bells going off, not for bitdefender, not for microsoft, not sure about bullguard. Compare the SHA256 with the file I submitted for screening, might be possible that your internet is compromised or that this is simply a case of a false-positive. About the "windows smart screen": Check if you have "unblocked" the file (explorer -> right click on file -> properties -> unblock). This is a default blockade when you download unsigned files from the internet and have your security settings set too high. |
I was not insinuating, in fact I was sure it has to be a stupid false positive. I am using the free version of Bitdefender so it might be slightly different from the commercial one. I believe they don't provide support for the non paying customer :). Anyway, the windows signing it not that big of a deal, but it depends on the type of user. You have to click the "More Information" button/link sometimes to reveal the "Install anyway" button. That's not a problem for me, but I think there should be a wiki somewhere showing this step to the casual user. |
Yes, completely agree.. I've submitted False Positive reports to:
The rest were using engines from the above or didn't have (sane) ways of reporting false positives. Also having a chat about signed binaries this weekend. |
Back down to only 2 scanners with a false positive, since most vendors updated their definitions. Unfortunately the latest (pre-1.1) build is giving the same false positives. I'm submitting another set of reports, this time asking if they have a hint as to what bit of code or assets is causing the issue. |
👍 |
The last 5 builds have been issue free, seems escalating helped 🎯 |
I'm closing this issue and opening a new one about signed binaries #149 Keeping an eye out and will make sure next release (probably 1.1) will be cleared before it is released. |
And the false positives are back for v1.1.1 |
Submitted to:
|
4 down, 4 left to go . . ALYac (uses bitdefender) AegisLab and Rising seem to have weird submit forms which imply the files are suspect or mallicious. Submitted to: |
Even though I have not automated uploading to virustotal with AppVeyor yet, I'm closing this issue, since it is in my (not yet public) release routines . . |
Very strange, my Bitdefender AV (free edition) has got crazy. It threats the program like a very nasty virus, lol. Also, Windows Smart Screen too blocks installation. Can it be signed somehow ?
The text was updated successfully, but these errors were encountered: