Closed Gwani closed 3 months ago
daringer
commented
3 months ago Thanks for the report, we've seen reports of this before, looks like the service has to first "learn" from various installations that this is not malware .. we are also investigating, if it wouldn't make sense to use an EV certificate instead. But for now this is a "won't fix" I suppose :/
Gwani
commented
3 months ago Thanks for the report, we've seen reports of this before, looks like the service has to first "learn" from various installations that this is not malware .. we are also investigating, if it wouldn't make sense to use an EV certificate instead. But for now this is a "won't fix" I suppose :/
Thanks. That's good enough for me. My (blind) guess would be that the USB- and security-related code in the app raised a few alarms in some AI-based malware analysis tools. You almost always get false positives when you check legitimate software with e.g. VirusTotal (where the MSI also gets flagged by 2 vendors btw) nowadays, and i often find AI scanners to produce them. So it might actually be the case that the service has to "learn" that the App is not malicious :)
I'm referring to this file:
nitrokey-app-v2.2.1-x64-windows-installer.msi
The
exefile is not flagged. However, both files come up clean in Windows Defender (i'm not using any other AV product) and Microsoft Edge also doesn't complain about the file. This indicates that this file might be identified as malicious by Google’s Safe Browsing service. As far as i understand both browsers use that service for checking Downloads.You might want to look into this, as it effectively prevents downloading the MSI (without explicitly ignoring the browser warning and allowing access).