search

simulot / immich-go

An alternative to the immich-CLI command that doesn't depend on nodejs installation. It tries its best for importing google photos takeout archives.
GNU Affero General Public License v3.0
1.2k stars 36 forks source link

0.18.2 release being flagged by Defender #353

Open chrisjeter opened 2 days ago

chrisjeter commented 2 days ago

I downloaded the 0.18.2 release this morning from the repo. When trying to run an import Windows Defender is flagging the exe as a Trojan and Quarantining it as Win32/Bearfoos.A!ml. I've verified that all Defender signatures are up to date. 0.18.1 does not display the same issue. Screenshot 2024-07-04 133513

simulot commented 2 days ago

The binary isn't signed, which is suspicious in Windows Defender eyes. I have tested the latest release with Windows Defender on a Win11 box. No detection.

I have checked the binary from the release with the virus total web site: https://www.virustotal.com/gui/file/dc7b3fc7873ffc23e3b8cd2da7e1b8e1b9345639fa5a4123ae9231d77f98ad2a/detection

1 positive over 74 tests. It's likely to be a false alarm.

The windows binary is complied on a linux box less susceptible to be infected. I'll check how to build the binaries in a secured environment and to sign the binaries.