Windows binarie is reporting virus by windows defender #4012
Comments
|
Hello, Furthermore, i compared hashes of binaries produced by the pipeline with hashes of binaries present in the Release section, and they correspond. Now, the actual issue: sometimes the Windows binary gets recognized as a virus by Windows Defender. This has already happened in the past. A way that is 100% guaranteed to solve the issue consists into signing Windows binaries with certificates released from a Certificate Authority. The lowest price is 250$ / year. This project actually does not have any income and does not need it since there are no direct infrastructure or development expenses. We cannot do it. A middle way consists into signing binaries with a public certificate. This won't guarantee that executables will be recognized as virus-free, but will allow users to check whether there's some interference between the open source CD pipeline and their local copy of the binary. This can be implemented. |
|
Thanks to #4095, checksums of binaries are now computed and shown in the release page. This is the first step for improving the security of binaries and ensuring no one is interfering with the release process. Next steps will involve the introduction of signing through GPG, Windows-specific signing through certificates and macOS-specific signing. |
|
This issue is mentioned in release v1.11.0 🚀 |
Which version are you using?
1.10.0
Which operating system are you using?
Windows amd64 standard
Describe how to replicate the issue
Server logs
Here is the virus reported: Trojan:Script/Wacatac.B!ml, it didn't happen in the old versions
Network dump
No response
The text was updated successfully, but these errors were encountered: