Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Google Safe Browsing Blocking releases #16

Closed
harking opened this issue Mar 31, 2020 · 8 comments
Closed

Google Safe Browsing Blocking releases #16

harking opened this issue Mar 31, 2020 · 8 comments

Comments

@harking
Copy link
Contributor

harking commented Mar 31, 2020

Tried to access the releases page and ran into this:
https://transparencyreport.google.com/safe-browsing/search?url=https:%2F%2Fgithub.jparrowsec.cn%2Fbenlye%2Fflash-multi%2Freleases&hl=en-US
@benlye
Copy link
Owner

benlye commented Mar 31, 2020

Ugh, that's great. Fixing this might be very difficult because it requires proving ownership of the site, and there's no way to do that with Github.

I suspect it's probably triggered by the driver installers which are in the downloads, but they are completely safe and only run when the user selects them.

@VirtualEnder
Copy link

Windows is actually registering this file as a trojan.
image

@benlye
Copy link
Owner

benlye commented Apr 11, 2020

Sigh. This has happened before. Fortunately Microsoft are actually decent and provide a way that normal human beings can get them to re-assess the package. I've submitted it to them to take a look at and hopefully it will be unblocked in the next Windows Defender signature update. Normally they turn it around quickly.

I wish I could work out what the cause of all this is. The installer and app really don't do anything that could be construed as malicious. The installer does install drivers, but so do many other software packages.

@benlye
Copy link
Owner

benlye commented Apr 11, 2020

After a little bit more digging, it seems like the most likely culprit is wdi-simple.exe, which is the installer for the Maple USB drivers. It's another open source package on Github: https://github.com/pbatard/libwdi/blob/master/examples/wdi-simple.c

Scanning the compiled wdi-simple.exe file on VirusTotal gives all the same erroneous warnings as the Flash Multi package.

I guess I'll start looking for an alternative way to install the Maple drivers.

@benlye
Copy link
Owner

benlye commented Apr 22, 2020

I'm going to try removing the Windows installer downloads from the releases to see if that helps with the Google Safe Browsing issue. I don't know if it will, or if Google will even re-scan the site in order to detect the change.

In the meantime I have mirrored the repository to an new one, and will not be attaching the executable installers in an attempt to see if that is the problem.

Please go to this repository to download the latest version of Flash Multi:
https://github.com/benlye/flashmulti/releases

@benlye
Copy link
Owner

benlye commented Apr 26, 2020

It seems like removing the executable installers has fixed the issue with Google safe browsing :-)

I'll remove the cloned repo.

@benlye
Copy link
Owner

benlye commented Apr 26, 2020

Hopefully we've seen the last of this!

@benlye benlye closed this as completed Apr 26, 2020
@github-actions
Copy link

This issue has been automatically locked because there was no further activity after it was closed. Please open a new issue for any related problems.

@github-actions github-actions bot locked and limited conversation to collaborators Jan 17, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@harking @VirtualEnder @benlye