X2Go Bug report logs - #1444
Firefox flags latest windows client download as virus or malware

Packages: windows, x2goclient; Maintainer for windows is (unknown); Maintainer for x2goclient is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goclient is src:x2goclient.

Reported by: Chris Duffy <cadeon924@gmail.com>

Date: Mon, 2 Mar 2020 23:05:02 UTC

Severity: normal

Tags: not-a-bug

Done: Stefan Baur <X2Go-ML-1@baur-itcs.de>

Bug is archived. No further changes may be made.

Full log


đź”— View this message in rfc822 format

X-Loop: owner@bugs.x2go.org
Subject: Bug#1444: False Alert
Reply-To: Stefan Baur <X2Go-ML-1@baur-itcs.de>, 1444@bugs.x2go.org
Resent-From: Stefan Baur <X2Go-ML-1@baur-itcs.de>
Resent-To: x2go-dev@lists.x2go.org
Resent-CC: X2Go Developers <x2go-dev@lists.x2go.org>, owner@bugs.x2go.org
X-Loop: owner@bugs.x2go.org
Resent-Date: Tue, 31 Mar 2020 12:50:02 +0000
Resent-Message-ID: <handler.1444.B1444.158565899722752@bugs.x2go.org>
Resent-Sender: owner@bugs.x2go.org
X-X2Go-PR-Message: followup 1444
X-X2Go-PR-Package: x2goclient, windows
X-X2Go-PR-Keywords: 
References: <CAKmLXYc04nte7VgLWTQTEZpB4miSAzzCxPFGikhsy-NHZs1J4A@mail.gmail.com>
Received: via spool by 1444-submit@bugs.x2go.org id=B1444.158565899722752
          (code B ref 1444); Tue, 31 Mar 2020 12:50:02 +0000
Received: (at 1444) by bugs.x2go.org; 31 Mar 2020 12:49:57 +0000
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=3.0 tests=BAYES_00,SPF_HELO_NONE,
	URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.2
Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.17.13])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 90A855DAF7
	for <1444@bugs.x2go.org>; Tue, 31 Mar 2020 14:49:51 +0200 (CEST)
Received: from [192.168.0.192] ([78.43.58.112]) by mrelayeu.kundenserver.de
 (mreue109 [212.227.15.145]) with ESMTPSA (Nemesis) id
 1Ml6i2-1iwFqU3VcK-00lWSe; Tue, 31 Mar 2020 14:49:50 +0200
To: 1444@bugs.x2go.org, cadeon924@gmail.com
From: Stefan Baur <X2Go-ML-1@baur-itcs.de>
Autocrypt: addr=X2Go-ML-1@baur-itcs.de; prefer-encrypt=mutual; keydata=
 xsBNBFLfOiwBCACzIiDVwWVRvuMzgSAvXRFRaPaZOSB8s84PG1oGLfmqhwzF44vj1Xv4tcKD
 mvu0TsLTksOkvop8WwGYeeU8lDaxEG1zyN8SOu1WU/FPEKw2jITRox8yIrSkUsMkWYuxdjv/
 9XcAh9qaPsHP7E1jD6/wVZuYZkuX6W41Nxt06VsvDGCfrbQh4ya7w1IiSnoQeIHNNQVN9f3j
 xcHLj5S5YriSCThtbFCdr3AJXfF5iMolu8kLgAXM0bH1C7PxAjM/pQjWmdMVN/Y+uXXzcMO8
 8aQ0f0q3QeGWxCAP2xwBapUfP6LHDRPp/tV7P7ji8wKlabrSGdv0M9Qd9pn/YCYQE0ZdABEB
 AAHNJlN0ZWZhbiBCYXVyIDxwb3N0bWFzdGVyQHN0ZWZhbmJhdXIuZGU+wsCCBBMBAgAsAhsj
 BwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4ACGQEFAlwtWmgFCRK0IbcACgkQbt30GM2+URkj
 nwgAixhVoMxijCsh9jxxCUYBj7lC5HYhJmlAB+bZOfl1XI8xqMLw8YGECfu0VSe++FlaOAuc
 gArofqu79E2+wKxPaqW2lC94eKR1+kgkDOJyqckYj2Xmyi+vDfrOWjbyawIwiq5FUW2CB6zv
 nkTr68ZQ43mAVC1zz2tpAikn2Af4/OdHwUBzSAOpUt4rDbXDe93WW34XuyG2RDma6kE1Cr0u
 ilqvzKOz5SYp5ASmCyaA0wCzs7fjTy2KuMlOCSFRzwPJpzddr8rS9ZiTLdia/BZvShBEjOq4
 MZHWYv+RGK5RB4eDzw0KbPszXRJBUdXiZIcI0jqbC57Ht64ok3lXquXp987ATQRS3zosAQgA
 4KPXmGU1XE8CTRJ/4m/f8MTri3JfEvGJTerWwC2hBuXHGWrSBmmRNAdJHzNTvq5IoR9tQ6Cb
 Nrqxf6alr/v34Vr2bUg0s+jlK9TWOkVLAFoz6zytm/2BrRBIZ5So6Ymfc6efwsScsHOI++wi
 pzqELkpluqtXysb13RsBVLxBdp5TZCVPjCc9pLWjudfjEagQt2oJgtO2WndasrKvoZYkfRi6
 oSCK9B84YjNJoRF00LdK3n7K3SBvj4UPSl+ygzLVaD+3ZdIlbhX+bfn/Vp/10xdJ+/U8Fr7l
 7umrBKr17D8eO3mRYMGY9w1qc+pfNGOR76GIbPWj2tPVaBD9nmUaowARAQABwsBlBBgBAgAP
 AhsMBQJcLVqtBQkStCH9AAoJEG7d9BjNvlEZInkIAIcchwZxurIpwJJR8qMMXD+RSvj7mY55
 VIXOKUX0uAUTEoJTzFcqbdGkzcJB9y0NlUo9dv4chPT21M61y0bjJjhaDUshCLa1+YyFSSWp
 GBOKrLIsWusqC9zVwgf7TtjVmXt23jZwoDWjXoMlg9eQONMi5Z4u+lDOyPKD+lGJAcjJkQsI
 zL9hha3vuhmUclxgdALTJWzQBp+Y7u9QDub4uqf/TyuDpYASiP0winBRfTug+XjP5YZjU//P
 07H9WhiUCsHp6L9j3QzvrovVy2zz0j7JhyhW3e957vHz2skkSVv3QGtHMswcgK3XaQ9YdgWO
 ELHmBhevaIcJIxDvTBl3pYQ=
Message-ID: <a23afcf1-9007-4d46-e611-d81e8e5e5e94@baur-itcs.de>
Date: Tue, 31 Mar 2020 14:49:45 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
 Thunderbird/68.4.1
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature";
 boundary="IswW3AZYBna8NdOy3BwiKx8NK3jjYhIFE"
X-Provags-ID: V03:K1:rzhYncc/7PNC5+nPzDpcQla2mHTlJLluD1rtADhVHK8AGG1J/GP
 WSCUbQ/z9mTR0nRF3sOqG/Zrx3nhm1Olm0zNgqSnsvz2paKgiCwI3Kbc2xacVlfH4y6j/ca
 yl9cNnoyGLGQitfkafYHkHT1WfyJEXdKVl3rZ/DCu/uovIKTFwvS42X+QP6ES94V1xAvbO8
 SKz/3tVlQEbZOQE4wnFEw==
X-UI-Out-Filterresults: notjunk:1;V03:K0:cbs4f+HJxI8=:hm5cLCmUa82jq91qjZhisO
 yaiOrxCf0eJjWk1Rh/Y2Nftg0/fDYkfUdK8hXBJ3E8xihucFkvOxdnSqyA4ZGJ8myRclShYFa
 mGf+yfiwWg25//ft1PoJ2DnlX8mKn5Z9g/K6Ep43XbKXomF27I+BxSQN0L+Fc1GqkT7J2o/Me
 mY45MwmdQkD7k45bw5Pqg5OKoSKU96Tjr8rzrXz4BWcp837tmDtV3Fy/gJm5WslwAJBhwWm5g
 QsNQOkeHgN0jFiBJ5PZziEfy0waqS1hZ2tBMfbBugFG2vwGoQ462BYxlSuDpT/D/XEkExVwzg
 jh1osZqoQOJDQwGYllBUdjbYnfJbaGZTLxHHtVESOeXxa61K4btqnvbbdM0TOkTL8t3/hPHkp
 JKDgq76ur/mvh7RqKRAhl97Nt5sR2q35u6KmiOq0cSIodliX51jFVBF3jdRQuxI1bA86OOaoJ
 pv4D/P/25d9o0DESnwXqeyvrfYrKa7rHC8TWRoBRx280cUfeF6SMYCzESC8znKSX5AL3F8mvL
 KPV4LXUtYwIpvm9Vwv3gQz/UDqi+IC+96JvuJeGIDddp7PF9UHVO14QBdLPbWMAzXZRfpTLBh
 kLA4r5UXhebc86N4pjhcET3zXyqLMKGkxUz0KFlQYGM+RhbCQDn61uZOigZM/qwD4/7au4Aop
 Q1eWiLMQFmKk7QFQ8ORr2hdDVGyxGESKNVHmAIL6Su6M+Sq/ThRdk8l+IcqaUi1dDYOsUQevO
 e7IZmP5P2W+JImRidre6TLVhKSUmucjcUSMvzFrAWdU3tfqK963jHFOtzVOyUTQosBrGOE1B4
 PAxsIcOshBlal9w7+CFi3dna4yMsEavaLYoAyE7nlofiPLryNsbXUaurdQnoDfShO1NzhoL
[Message part 1 (text/plain, inline)]
Control: close -1
Control: tag -1 not-a-bug

Closing this bug as it is a known false alert.  Whenever these
"smartscreen" filters (Chrome and Internet Explorer have them as well)
detect a Windows executable that isn't digitally signed (and our
detached GPG signatures don't count in that regard), and that hasn't
seen a large number of downloads, it will automatically flag it as
malicious.

If enough users report this to Mozilla/Google/Microsoft as a false
alert, a human will review the file and whitelist it.
Possibly this also happens over time, with a rising number of downloads
and/or the detection rates at virustotal.com not rising even after
several weeks.

I've just attempted a test download using the latest Firefox on a
Windows 10 machine, no such warning was issued any more.

-Stefan

-- 
BAUR-ITCS UG (haftungsbeschränkt)
Geschäftsführer: Stefan Baur
Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364
Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243

[signature.asc (application/pgp-signature, attachment)]

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Thu Dec 2 01:05:18 2021; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.