Hi, just thought I'd mention Norton is now causing problems with our
install. I sent them a whitelist request and mentioned the install was
created by SetupBuilder and signed by Comodo.

Are people signing software with viruses?

I think this anti-virus issue is starting to hurt our bottom line.
Anyone ever done a class action against these anti-virus companies for
loss of business?

It won't be long and they'll be charging software companies to be white
listed. What's the point in signing everything when the anti-virus
companies ignore the signature?


--
Ray Rippey
VMT Software

Ray Rippey,

> Are people signing software with viruses?

If you compiled the EXE on an infected system it could actually have a
virus. The signing simply says that you are responsible for the
contents of the EXE and that no one has altered the EXE since it was
signed.

False negatives are becoming more frequent because the bastards<g>
that write viruses are getting better day by day and anti-virus
software is getting pushed to the limit of its ability far more often.

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Creative Reporting: http://www.CreativeReporting.com

Product Release & Update Notices
http://twitter.com/DeveloperPLUS

Windows 8 brings us "The Oval, Bumper Car, Roller Coaster of Wait!"

Ray,

> Hi, just thought I'd mention Norton is now causing problems with
> our install. I sent them a whitelist request and mentioned the
> install was created by SetupBuilder and signed by Comodo.
>
> Are people signing software with viruses?
>
> I think this anti-virus issue is starting to hurt our bottom line. Anyone
> ever done a class action against these anti-virus companies
> for loss of business?
>
> It won't be long and they'll be charging software companies to be
> white listed. What's the point in signing everything when the
> anti-virus companies ignore the signature?

That's a problem for more than 10+ years now. They don't "ignore" the
signature. There are other factors that also play a role. For example, the
"reputation" of your certificate (most protection software products are
based on a "reputation" technology now), or the IP address (range) where the
file is coming from. Or the heuristic detection in the security software
detected a very specific byte combination in your setup or application.
Sometimes a re-compile / re-code-sign can help in this case (because it
changes the binary contents).

BTW, you should check all your app files with www.virustotal.com on a
regular basis. Once you are flagged by multiple vendors (there seems to be
a "secret" global list) you are lost.

Friedrich

> There are other factors that also play a role. For example, the
> "reputation" of your certificate (most protection software products
> are based on a "reputation" technology now)

BTW, I am not talking about the reputation of the "Comodo" issued
certificate. I mean your "own" reputation for your code-signing certificate
(means: *you* need "trusted" downloads).

Note: if you sign a file named "spyware_virus.exe" with your code-sign
certificate and upload it to some download portals, then chances are very
high that this will kill any good reputation sooner or later. In other
words, if you have a "nice" competitor then they can even destroy your good
reputation.

Friedrich

And make sure your IP address has a "good" reputation (not blacklisted,
etc.). This can also "flag" your downloaded files.

Friedrich

> False negatives are becoming more frequent because the bastards<g>

Ohhhhhh yes <g>

Friedrich

Thanks for the info. We did just move our download to another site
(a2webhosting) because for some strange reason our Godaddy site slowed
way down and in some cases the download didn't go all the way through
correctly (Thanks to the Verification system inside setupbuilder we knew
about it).

(Wouldn't it be great if setupbuilder could send me an email when the
install happened or didn't happen!)

I checked with the virustotal.com site and while it couldn't check our
file because it was over 32mb, it seems to have given an OK to the site
at A2.

This crap keeps up and we're going to be sending CD's again. At least we
call the biz's that download (if they give the right number) and we find
out if there's a problem.

Thanks again...

Ray
VMT

You could try the attached. ;)

--

Russ Eggen
RADFusion International, LLC

Or this ;) Quite a few developers use it to send install and uninstall
information from the client machine.

Friedrich

Friedrich,

> Or this ;-) Quite a few developers use it to send install and uninstall
> information from the client machine.

One of the reasons I like you so much, CLASSIC!<g>

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Creative Reporting: http://www.CreativeReporting.com

Product Release & Update Notices
http://twitter.com/DeveloperPLUS

Windows 8 brings us "The Oval, Bumper Car, Roller Coaster of Wait!"

Lee,

>
> One of the reasons I like you so much, CLASSIC!<g>
>

I am so old school style <g>

Friedrich

Nice!

Now if I could only understand what that means! <g>

--

Russ Eggen
RADFusion International, LLC

Friedrich/Russ

> Or this ;-) Quite a few developers use it to send install and uninstall
> information from the client machine.

Please dont' send screenshots with buttons this late at night. I open
them before I have had coffee and start clicking the damn buttons like
crazy and the screenshot doesn't close<g>

Best regards,

--
Arnor Baldvinsson - Icetips Alta LLC

ROFL!

Thanks Arnor, I needed a good chuckle!

--

Russ Eggen
RADFusion International, LLC

When you see the black helicopter....run my friend ;)

Friedrich

Wrong thread... Sorry :)

Friedrich

>Or this ;-) Quite a few developers use it to send install and uninstall
>information from the client machine.

Cute!

But what, if the machine is not connected to the Internet? Will there be an errormessage?

I suppose, if an Admin has installed a software-firewall, it will pop up
instantly and threaten him.... Admins usually dislike programs phoning home! If
the first impression is a shock like this, they will uninstall on the heel!

Is there a chance to make this internet access optional?


Regards,
Wolfgang Orth
www.odata.de

Wolfgang Orth,

> But what, if the machine is not connected to the Internet? Will there be an errormessage?

Use this...

Lee White

Thank you, Lee!

BTW, your hibernation was short..... ;-)

Regards,
Wolfgang Orth
www.odata.de