pouët.net

Why is, it seems, that mingw is flagged

category: code [glöplog]
 
All my mingw compiled programs get the following message when downloading with chrome 33 on windows

BB Image

Why is this? Even wth a program that looks like this

Code: int main(void){ }


I still get that dirty message. Is there anything that can be done to prevent it?
added on the 2014-02-22 07:37:52 by sigflup sigflup
In general any executable is considerred dangerous because a program can't analize another program to determine what it does so basically any executable and infact contain a hundreds of viruses. Even the programs that seem to have a purpose, something like a music player can in background install as many viruses it wishes.
Viruses spread like wildfire because people download and doubleclick on files like "top_10_cutest_kittens.jpg.exe"

Solution

1 - send only the source, never executables
2 - rename your files so that the extesion is not recognized eg .zip -> .z_i_p

This system is designed for protecting your standard everyday user who browses web and the most complicated thing this user can do on a computer is create a power point presentation.
added on the 2014-02-22 10:20:16 by musk musk
Chrome complains about everything. No way around it, just ignore it.
added on the 2014-02-22 10:29:19 by Preacher Preacher
I'd like not to ignore it. It's kinda embarrassing when someone tries to download one of my programs.

Does this happen with Visual Studio programs? I'm just wondering if it's specific
to mingw, so maybe then I could fix it
added on the 2014-02-22 11:06:43 by sigflup sigflup
It gets a lot more lenient if the executable is digitally signed.
added on the 2014-02-22 12:07:06 by Gargaj Gargaj
ooooohhhh!!!!! Ok cool. I'll look into that
added on the 2014-02-22 12:16:37 by sigflup sigflup
Quote:
analize

What now?
added on the 2014-02-22 14:48:51 by ringofyre ringofyre
use firefox.
added on the 2014-02-22 14:54:00 by Defiance Defiance
Quote:
It gets a lot more lenient if the executable is digitally signed.


Exactly.. Newer versions of IE (10+ IIRC) will also complain.
added on the 2014-02-22 15:19:12 by Canopy Canopy
Quote:
Does this happen with Visual Studio programs? I'm just wondering if it's specific
to mingw, so maybe then I could fix it


There is no guarantee, but in my experience binaries produced with alink (or similar free tools) are more likely to be reported as "dangerous", "trojan" or whatever by braindead security pretending borgware than those generated by MS tools.

Using a runtime compressor seems to be the #1 cause for false positives, though.

Solution: Avoid stupid semi-security solutions. And tell visitors of the website that the majority of todays widespread security add-ons are seriously flawed.
added on the 2014-02-23 00:45:21 by T$ T$
Quote:
Using a runtime compressor seems to be the #1 cause for false positives, though.


100% of my intros/demos are detected as virus because the exe are packed with kkrunchy :)
added on the 2014-02-23 01:57:07 by rez rez
You know the solution to that.

Code your own exe packer as a replacement for kkrunchy :). Maybe make it a private group tool?
added on the 2014-02-23 04:02:46 by mudlord mudlord
It's a .ZIP protection of Google Chrome for unknown hosts (probably a unknown subdomain).

The same file can cause this error.

cpu-z-124.zip 259 KB mirror #1 - error
cpu-z-124.zip 259 KB mirror #2 - pass

You can change the file extension or change your host.
added on the 2014-02-23 05:47:44 by botjao botjao
This is just my solution - put a txt file in your ftp folder called something like "False AV Positives.txt" describing the use of packers and chrome's security settings. Also place a link to a good online av scanner - I always use jotti but you go with what you know. Maybe even place a regularly appended log file from said site in the same ftp folder.
added on the 2014-02-23 07:36:23 by ringofyre ringofyre
lol. and i thought when norton internet security complained about mingw compiled stuff it was silly already...
added on the 2014-02-23 22:32:44 by groepaz groepaz

login