News:

Simutrans.com Portal
Our Simutrans site. You can find everything about Simutrans from here.

Makeobj-Extended and Windows Defender

Started by Rollmaterial, December 23, 2017, 07:30:22 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Rollmaterial

Windows Defender now suddenly considers the Makeobj-Extended binary from the Bridgewater-Brunel server a severe security threat and quarantines it instantly. Which one is at fault?

jamespetts

Quote from: Rollmaterial on December 23, 2017, 07:30:22 PM
Windows Defender now suddenly considers the Makeobj-Extended binary from the Bridgewater-Brunel server a severe security threat and quarantines it instantly. Which one is at fault?

I do not know how Windows Defender works, so it is very hard to tell. I do not know whether Makeobj-Extended has some memory leak or similar that might be triggering the warning? I do not generally check for this, as a memory leak in makeobj makes little difference in practice.
Download Simutrans-Extended.

Want to help with development? See here for things to do for coding, and here for information on how to make graphics/objects.

Follow Simutrans-Extended on Facebook.

DrSuperGood

QuoteI do not know how Windows Defender works, so it is very hard to tell. I do not know whether Makeobj-Extended has some memory leak or similar that might be triggering the warning? I do not generally check for this, as a memory leak in makeobj makes little difference in practice.
Likely Windows Defender uses a heuristic algorithm to detect malicious like code. It is possible that a small part of the binary triggers the detection for a piece of malicious software that was freshly added to its database. Solving it could be as simple as making enough changes so the detection no longer triggers.

If it is a warning one can tell it to ignore it from a user perspective. Depending on the program features of the anti virus one can even add that sort of file to exclusions.

Another, more permanent, way to solve this is to sign the executable with an asymetric cryptographic key authorised from some cryptographic provider. Instead of Windows 10 saying the executables may be unsafe and requiring one press "more" to run them, they would come up with a proof of authenticity prompt before continuing. Such prompts are seen when installing all reputable software such as products from Microsoft, Adobe, NViaia, AMD, Intel, Google, Oracle, etc...

jamespetts

Quote from: DrSuperGood on December 24, 2017, 12:54:00 AM
Likely Windows Defender uses a heuristic algorithm to detect malicious like code. It is possible that a small part of the binary triggers the detection for a piece of malicious software that was freshly added to its database. Solving it could be as simple as making enough changes so the detection no longer triggers.

If it is a warning one can tell it to ignore it from a user perspective. Depending on the program features of the anti virus one can even add that sort of file to exclusions.

Another, more permanent, way to solve this is to sign the executable with an asymetric cryptographic key authorised from some cryptographic provider. Instead of Windows 10 saying the executables may be unsafe and requiring one press "more" to run them, they would come up with a proof of authenticity prompt before continuing. Such prompts are seen when installing all reputable software such as products from Microsoft, Adobe, NViaia, AMD, Intel, Google, Oracle, etc...


May I ask how one might go about setting that up for a nightly build system?
Download Simutrans-Extended.

Want to help with development? See here for things to do for coding, and here for information on how to make graphics/objects.

Follow Simutrans-Extended on Facebook.

DrSuperGood

Sorry I only know about signing executables, not actually how to do it. Seeing how common it is in this day and age the process should not be that hard to set up I would imagine. Hardest part is getting the authenticated keys, as unfortunately that is not usually free.

jamespetts

Quote from: DrSuperGood on December 24, 2017, 02:31:28 AM
Sorry I only know about signing executables, not actually how to do it. Seeing how common it is in this day and age the process should not be that hard to set up I would imagine. Hardest part is getting the authenticated keys, as unfortunately that is not usually free.


That does not really seem to be an appropriate sort of process for free software.
Download Simutrans-Extended.

Want to help with development? See here for things to do for coding, and here for information on how to make graphics/objects.

Follow Simutrans-Extended on Facebook.