search

etesync / etesync-dav

This is a CalDAV and CardDAV adapter for EteSync
https://www.etesync.com
GNU General Public License v3.0
290 stars 47 forks source link

Dav exe file marked as malicious #194

Closed xunil89 closed 3 years ago

xunil89 commented 3 years ago

The file etesync-dav.exe v0.30.6 downloaded from your repo is marked as malicious by firefox and 26 antivirus! How come? https://www.virustotal.com/gui/file/c8dd38618ba4920e40f8e98471a59383c4d6cfe576604f86c5e4635b4447f722/

tasn commented 3 years ago

Duplicate of #190. Short answer: because the damn anti virus companies are sloppy and they just mark a lot of things. It sometimes gets flagged and sometimes doesn't. :|

See #190. We will probably address it by signing the binaries at some point.

xunil89 commented 3 years ago

Unfortunately I don't have enough computer knowledge to evaluate the source code, even if it seems quite unlikely that an opensource software on github has malicious code. But the high positivity of the file forces me to desist from installing it for safety.

tasn commented 3 years ago

I understand, that's a reasonable approach.

tx3eh8IUD1 commented 3 years ago

I have the same issue. When I download the file, firefox marks it as malicious: image

Affects versions 0.30.6 and 0.30.5 but not 0.30.4

xunil89 commented 3 years ago

I have the same issue. When I download the file, firefox marks it as malicious: image

Affects versions 0.30.6 and 0.30.5 but not 0.30.4

To tell the truth they are all "infected" some more or less, the last one is the one with the most reports

tasn commented 3 years ago

To tell the truth they are all "infected" some more or less, the last one is the one with the most reports

Which just comes to show how unreliable all of these virus checkers are. :(

Let's continue the discussion in #190, as this one is a duplicate.