speedtest-backend.exe classified as threat

librespeed / speedtest-go

Go backend for LibreSpeed

GNU Lesser General Public License v3.0

700 stars 152 forks source link

speedtest-backend.exe classified as threat #47

Open cascaabreu opened 2 years ago

cascaabreu commented 2 years ago

Description

On the lastest release 1.1.5, Windows Defender while fully updated classifies it as a threat. Somehting to do with the patches on "fix Windows build"? (https://github.com/librespeed/speedtest-go/commit/9cbc95a6db3b933f22b79cdc6cc9413b31af7ed0)

Server

Windows 10 Caddy webserver

Client

Steps to reproduce

Download latest release
Bad stuff may happen

Expected behaviour

No threat?

Screenshots

maddie commented 1 year ago

I think this is due to the fact that the binary is UPX compressed. You can try decompress it using upx -d to see if Windows is still complaining.

cascaabreu commented 1 year ago

Took some time...

Got the latest release from https://github.com/upx/upx and ran upx -d speedtest-backend.exe inside Windows Sandbox to get away from Windows Defender. Copied the resulting file to the server without warnings or getting it quarantined!

Great! What about future releases? Should I integrate this step (upx -d) into my updater script?

cascaabreu commented 1 year ago

Although now I'm unable to start the service with a ton of runtime errors.