Comments (13)
RIP... There's not much that I can do on my end, to be honest. Submitting Picocrypt as a false positive to those providers would be the only reliable way.
from picocrypt.
All of the antiviruses seem to recognize a Win64 Mde class or a Win 64 dropper in the executable. Not sure about what is Mde class, but how could Picocrypt be the dropper if the only file it drops is sdelete exe, which is clean on virustotal. Every normal antivirus seems to be kind to Picocrypt, so it is fine.
Evan, you wouldn't put a malware in your app, right? :p
from picocrypt.
Not sure what exactly is going, but I can definitely promise you that there is no malware
Avast owns AVG (IIRC), so those two essentially have the same engine. Avast is a pretty poor AV anyway, so no need to worry about it. I have no idea what McAfee-GW-Edition is, so I wouldn't worry too much about it either. And the last one, Sangfor Engine Zero sounds pretty obscure, so we can ignore it. As long as the big players like Bitdefender, Kaspersky, etc. are okay, we should be fine.
Picocrypt only drops one file, which as you have correctly pointed out, is sdelete64.exe, which is directly from Microsoft Sysinternals and used to shred files. No other file is dropped, although since Picocrypt is packed with UPX and I also embed files within the executable, there may be one or two additional dropped files. There also is a network request, which is just to check if a new version is available (not for telemetry), if anyone was wondering.
Some similar cases:
https://community.mcafee.com/t5/Malware/BehavesLike-Win32-Dropper-vc/td-p/638414
vercel/pkg-fetch#93
These issues seem to be a problem for many other FOSS projects, since most people can't afford a signing certificate which costs hundreds if not thousands of US dollars a year. I guess we can't do much other than submit false positives.
from picocrypt.
What's interesting is that I uploaded a 1.20 preview which you posted here in issue #49 on VirusTotal (https://www.virustotal.com/gui/file/ec4fddf9f865298cf086aa595910903b2721ef4ab58dd012966dc2d17be307ad) and all of the antiviruses say that there is no malware in it. Not sure, but maybe it has something to do with the rework/update of the app you're working on.
from picocrypt.
I didn't pack it with UPX, which I'm starting to suspect is the reason. I think we don't need to worry about this for now, unless it becomes a serious problem. Welcome to the wonderful world of antiviruses :P
from picocrypt.
I didn't pack it with UPX, which I'm starting to suspect is the reason. I think we don't need to worry about this for now, unless it becomes a serious problem. Welcome to the wonderful world of antiviruses :P
This world is really wonderful, haha. Just wondering, are you going to pack the final version with UPX or you will consider changing the utility?
from picocrypt.
I'll probably still pack each official release with UPX because it compresses very well and is very fast with decompression. UPX's last release was more than a year ago, so hopefully when the latest branch gets released, some of the AV issues might be solved
from picocrypt.
so hopefully when the latest branch gets released, some of the AV issues might be solved
🤷
I hope so. Anyway, waiting for the final release to come out, maybe wiil give a try to the preview version you posted, just to get a taste of the new version :p
from picocrypt.
If you mean final version as in the final revision of v1.20, that'll come in a couple of weeks. If you mean the final version of Picocrypt, that'll probably be a year since there are still things I have yet to implement.
from picocrypt.
If you mean final version as in the final revision of v1.20, that'll come in a couple of weeks. If you mean the final version of Picocrypt, that'll probably be a year since there are still things I have yet to implement.
Meant the final of the v1,20, didn't know that the FINAL version could be a thing
from picocrypt.
This issue went far from the malware problem I suppose. However, have you considered publishing the pre-releases via the so-called github release. Just an idea that came into my head :p
Just think it would be more convenient.
from picocrypt.
FINAL version
It's not really a "final" version, but some time in the future when I've complete all features, I won't be adding any new features and will only focus on rock-solid stability and security. At that point, it's safe to say that it's pretty much a final version since there won't be any new functionality.
I did consider using a GitHub release candidate, but that would potentially confuse the less-experienced people, so I decided to just drop a link from a GH issue to prevent any confusion. I'll publish v1.20 soon!
from picocrypt.
I did consider using a GitHub release candidate, but that would potentially confuse the less-experienced people, so I decided to just drop a link from a GH issue to prevent any confusion.
Got it.
I'll publish v1.20 soon!
Waiting for it!
from picocrypt.
Related Issues (20)
- [BUG] Memory overusage, memory leak HOT 2
- [Suggestion] Encrypt files in a folder individually instead of packing the folder into a zip package. HOT 11
- Add Features HOT 18
- Memory issue with Picocrypt HOT 1
- Picocrypt Recursive option derives the key for each file HOT 4
- Hardcoded dependency on particular version of glibC HOT 1
- Question/future request: CLI version that supports all options as in GUI HOT 1
- Enhancement: It would be great to be able to switch languages. HOT 5
- How Does Plausible Deniability Work? HOT 10
- "Cancel" has no effect HOT 3
- Unable to decrypt file with no .pcv extension HOT 5
- "Confirm password" is not requested HOT 6
- Comments are not encrypted (by default) and this is not mentioned in the program window HOT 2
- Memory leak during decryption with keyfile HOT 13
- Cannot add keyfiles for decryption HOT 2
- picocrypt informs the attacker that key files were used during encryption HOT 7
- picocrypt only uses the first 1 GB of the key file (and this is not documented) HOT 8
- "Deriving key..." predates "Reading keyfiles..." HOT 5
- [WEAK KEYS] XORing keyfile digests with each other is bad practice HOT 2
- [feature/idea] Open with Picocrypt HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from picocrypt.