search

GAM-team / got-your-back

Got Your Back (GYB) is a command line tool for backing up your Gmail messages to your computer using Gmail's API over HTTPS.
https://github.com/GAM-team/got-your-back/wiki
Apache License 2.0
2.56k stars 203 forks source link

Many VirusTotal vendors flagging GYB as Trojan #396

Closed lwcorp closed 1 year ago

lwcorp commented 1 year ago

The issue tracker is for reporting product deficiencies. How do I questions should be posted to the discussion forum at https://groups.google.com/group/got-your-back. When in doubt, start at the discussion forum and return here only when instructed to do so.

Please confirm the following:

Full steps to reproduce the issue:

  1. Download gyb-1.70-windows-x86_64.zip, gyb-1.70-windows-x86_64.msi and/or gyb-1.70-linux-aarch64-glibc2.35.tar.xz
  2. Upload each of them to https://www.virustotal.com
  3. Observe the results

Expected outcome (what are you trying to do?): Get 2-3 accusations at max, but hopefully 0.

Actual outcome (what errors or bad behavior do you see instead?):

  1. Get up to 14 complains - see this, that and also this.
  2. Get your Internet connection blocked if you use SentinelOne.

I know it's similar to #341 but this time it's much worse. Why so many complaints and why trojan? This program largely appeals to workplaces which might stop using it because if it, even though we all love the program. Actual outcome 2 was a very unpleasant experience.

image

image

image

jay0lee commented 1 year ago

This isn't something GYB can totally control, AV vendors are simply overly aggressive in identifying these free tools as malware. However some tweaks in 1.71 may at least reduce the frequency of detection here.

bryantech commented 1 year ago

Yeah I'm getting the same thing I went back to 1.62 and I'm not having as many virus deletions from virus software. Absolutely love this software he's at all the time.

On Mon, Oct 3, 2022, 10:25 Jay Lee @.***> wrote:

Closed #396 https://github.com/GAM-team/got-your-back/issues/396 as completed.

— Reply to this email directly, view it on GitHub https://github.com/GAM-team/got-your-back/issues/396#event-7509383590, or unsubscribe https://github.com/notifications/unsubscribe-auth/AI2EB6PDVPEEAOYX77VZS4LWBMJJXANCNFSM6AAAAAAQECCS6Y . You are receiving this because you are subscribed to this thread.Message ID: @.***>

lwcorp commented 1 year ago

I indeed see less detections now, thanks! Workplaces don't care if it's outside the control of GYB, they just block the entire workstation. If more detections come up, you can always approach each and every of these one of these vendors and submit a false positive report. It's not nice but that's reality.

quack79 commented 5 months ago

I had to add gyb as an exception in TotalAV as it quarantined it.