Rockbox General > Rockbox General Discussion

Virus in Rockbox Utility 1.2.8 Installer

<< < (3/5) > >>

saratoga:

--- Quote from: marthirial on October 01, 2010, 12:13:00 PM ---Well well... seems like the file has or was pulled from download. 

That's more constructive than talking platitudes about the reliability of antivirus software.

--- End quote ---

I don't understand why you're trying to defend this crap.  No one takes these automated heuristics seriously because they're not useful.  They're marketing crap designed to give gullible and uninformed people a sense of false security so they look at a few extra ads or cough up couple bucks for a subscription.

torne:

--- Quote from: marthirial on October 01, 2010, 12:13:00 PM ---Well well... seems like the file has or was pulled from download. 

--- End quote ---
It hasn't been pulled, the link you put in your post just has the R and U of RockboxUtility in lower case, which is wrong.

marthirial:
It's just that I thought this was a serious Open Source software development team OPEN (!) to discussion about how to improve accessibility and satisfaction for the software.

Instead it turned into a AV bashing circlejerk distracting from the initial point: Is it 100% safe to download and install RB Utility 1.2.8 with the developers' knowledge that this false positive could occur?

Most software that may behave similar as a virus because of the resources it will access has a warning and disclaimer in the download page.  That may be also helpful in this case.

Is there a mature developer in this forum who can post an official statement a bit more reassuring than "I don't understand why you're trying to defend this crap." ?

saratoga:

--- Quote from: marthirial on October 01, 2010, 01:12:16 PM ---It's just that I thought this was a serious Open Source software development team OPEN (!) to discussion about how to improve accessibility and satisfaction for the software.

--- End quote ---

It is, we're just interested in things a little more serious then this.


--- Quote from: marthirial on October 01, 2010, 01:12:16 PM --- Is it 100% safe to download and install RB Utility 1.2.8 with the developers' knowledge that this false positive could occur?

--- End quote ---

Yes of course.  We all know that false positives occur and we still put up the link.  We wouldn't give you a download link if we thought there was a risk.


--- Quote from: marthirial on October 01, 2010, 01:12:16 PM ---Most software that may behave similar as a virus because of the resources it will access has a warning and disclaimer in the download page.  That may be also helpful in this case.

--- End quote ---

"Warning:  if you use bad virus software, you should get better software before using this site"

Not sure thats really helpful.  :)


--- Quote from: marthirial on October 01, 2010, 01:12:16 PM ---Is there a mature developer in this forum who can post an official statement a bit more reassuring than "I don't understand why you're trying to defend this crap." ?

--- End quote ---

Heres one:  stop being such a noob.  These things happen with every program on earth, no need to get so upset about them. 

Llorean:
You could attempt to show some maturity yourself. Posting on Reddit about how a virus was found in Rockbox's installer (when there is no solid evidence one actually is there right now) isn't the behaviour of someone who's just interested in a discussion of how to improve accessibility.

Have you gone to the antivirus software authors and told them about the false positive? Are you proactively trying to solve this, or just attempting to complain about a non-issue.

Basically, false positives happen. Our software doesn't behave similar to a virus (in the sense that it is in no way self replicating, does not attempt to hide its activity from the system, etc, etc) but does do some fundamentally low level things to certain players (that we make no secret of). What warning should we offer? We can't consistently predict when a virus scanner will get it wrong. Any behaviour could set it off.

The virus that has been detected is in the category "hoax" which is specifically non-harmful viruses which means it's not likely even any of our abnormal activity that triggered the warning, but rather some of our normal activity that shares a similar behaviour to some virus. It could be as simple as how we choose to download the builds from the master build server (plenty of malware downloads further things). The link to the virus description you posted on Reddit specifically says that all this type of program does is try to convince you to send SMS messages after claiming to be encrypted and requiring an unlock. Did you take the time to verify whether RBUtil does this before reporting on it, or blindly trust a virus scanner that says nothing more than it's "suspicious"?

Navigation

[0] Message Index

[#] Next page

[*] Previous page