incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rory O'Farrell <ofarr...@iol.ie>
Subject Re: [ANNOUNCEMENT] Apache OpenOffice 3.4.1 (incubating) released
Date Fri, 24 Aug 2012 18:40:41 GMT
On Fri, 24 Aug 2012 14:26:53 -0400
Rob Weir <robweir@apache.org> wrote:

> On Fri, Aug 24, 2012 at 10:52 AM, Rory O'Farrell <ofarrwrk@iol.ie> wrote:
> > On Fri, 24 Aug 2012 10:44:34 -0400
> > Rob Weir <robweir@apache.org> wrote:
> >
> >> On Thu, Aug 23, 2012 at 6:43 PM, Rory O'Farrell <ofarrwrk@iol.ie> wrote:
> >> > On Thu, 23 Aug 2012 18:29:57 -0400
> >> > "Maurice Howe" <maurice@stny.rr.com> wrote:
> >> >
> >> >> I use AVG 2012.0.2180 Free Edition
> >> >>
> >> > I installed AOO 3.4.1 on one of my Windows machines today and AVG didn't
complain.  I'll check in detail tomorrow when the machine is awake - near midnight here and
I'm closing down. It is often the case that new OpenOffice releases trigger false positives
from virus scanners.
> >> >  --
> >>
> >> I put AVG free version on an XP VM, updated virus signatures,
> >> installed AOO 3.4.1 Windows en-US from the website and did a full
> >> scan.  No issues reported.
> >>
> >> So if Maurice was indeed getting an AV hit, that suggests he might
> >> actually have something, either preexisting on his machine, or from
> >> downloading AOO from another website.  If it were really a false
> >> positive, wouldn't we be seeing it as well?
> >>
> >> -Rob
> >>
> >> > Rory O'Farrell <ofarrwrk@iol.
> >>
> >
> > I'm sure we would all be seeing a warning if there was an intrinsic problem in the
compiled code.  Normal reaction from Volunteers on en-Forum is that a virus/malware warning
on a new release of OpenOffice from the approved download sites is a false positive and I
think so it has always proved; with the transition to Apache special care is needed until
the AOO releases become well established, lest there be adverse publicity/comment.
> >
> > It would be helpful if Maurice could tell us the URL of the download site, the actual
file name and size.
> >
> 
> I finally found the image attachment that Maurice sent out originally.
>  It said of the download, it "is not commonly downloaded and could
> harm your computer'".
> 
> So this was not a false negative but part of the "reputation-based"
> mechanisms that AV's are starting to use.  They look at a variety
> factors, including the age of the EXE and how many other users have
> installed it.  If the program is new and not well known, then you will
> get warnings like this.  The warnings go away over time.  The only way
> to prevent them initially is to have your code be signed, or to
> whitelist your hashes in advance with the AV vendor.
> 
> -Rob
> 
> 
> > --
> > Rory O'Farrell <ofarrwrk@iol.ie>
> 

I've just seen on Forum a similar report, originating from an installed McAfee.  I reassured
the User, who downloaded and installed, with no further gripes reported from McAfee.

-- 
Rory O'Farrell <ofarrwrk@iol.ie>

Mime
View raw message