Questions and Answers : Windows : Ransomware warnings
Author | Message |
---|---|
Richard James Send message Joined: 30 Mar 20 Posts: 14 Credit: 2,129,198 RAC: 1,729 |
This morning I am getting repeated warnings from Bitdefender that rosetta is trying to install ransomware. So far files are are flagged as "recovered" (implying reset to prev versions). This appears to be an ongoing problem as previous msgs have noted it. A fix? Allowing bypass of check is not a fix. Thanks. Richard |
Grant (SSSF) Send message Joined: 28 Mar 20 Posts: 1699 Credit: 18,186,917 RAC: 24,275 |
A fix?Advise Bitdefender there is a problem with their software that they need to fix, and point them here to Rosetta's web site. Allowing bypass of check is not a fix.It is when the check is the problem. Grant Darwin NT |
Richard James Send message Joined: 30 Mar 20 Posts: 14 Credit: 2,129,198 RAC: 1,729 |
Advise Bitdefender there is a problem with their software that they need to fix, and point them here to Rosetta's web site. Yes, there are 2 sides to the issue. Rosetta code *appears* to be ransomware. Bitdefender is doing it's job. Both sides need to know what is going on, so both have been advised. And both need to look at it. Allowing bypass of check is not a fix. No, the Rosetta software is the problem. Unless you know 100% the issue is false bypassing the check is a risk. |
Grant (SSSF) Send message Joined: 28 Mar 20 Posts: 1699 Credit: 18,186,917 RAC: 24,275 |
No, the Rosetta software is the problem.No, it's not. Software that says there is a problem, when there isn't, is faulty. Broken. Not working. So the producers of that software need to fix it. It's called a False positive, and it happens all too often when AV/Malware companies get sloppy. Unless you know 100% the issue is false bypassing the check is a risk.And since Rosetta isn't a problem, it's not a risk. Grant Darwin NT |
Richard James Send message Joined: 30 Mar 20 Posts: 14 Credit: 2,129,198 RAC: 1,729 |
No, the Rosetta software is the problem.No, it's not. So someone else's software is always a problem, is that what you are saying? Unless you, personally, know that Rosetta is absolutely safe, by testing and does not trigger any known tests then it needs to be confirmed. That is what should be happening with *both* parties. Bitdefender is aware of the issue, but what is the Rosetta project doing? The reason for posting the issue here is to advise Rosetta and other users of the issue. |
Grant (SSSF) Send message Joined: 28 Mar 20 Posts: 1699 Credit: 18,186,917 RAC: 24,275 |
So someone else's software is always a problem, is that what you are saying?When theirs is the only software making the claim, yes. When what they are making the claim about isn't malicious, it isn't what they claim it to be, then it is obviously a false claim. Because this happened every few months at Seti when one AV programme or anther stuffed up one of their updates. False positives galore. It's happened before, it'll happen again. Unless you, personally, know that Rosetta is absolutely safe, by testingThousands of Tasks downloaded, still no hijacked system. I think that's a pretty good indication. Tens of thousands of other people/systems doing work for the project, with no such claims from their AV software, no problems with their systems is a pretty good indication. That's a lot of testing. Bitdefender is aware of the issue, but what is the Rosetta project doing?No idea if they are doing anything, don't know what the time is over there. And the only thing for them to do, is point Bitdefender to this site & ask them to substantiate their false claims. The reason for posting the issue here is to advise Rosetta and other users of the issue.It is always good to know when there is a problem with AV/Malware software returning false positives. Grant Darwin NT |
Richard James Send message Joined: 30 Mar 20 Posts: 14 Credit: 2,129,198 RAC: 1,729 |
So someone else's software is always a problem, is that what you are saying?When theirs is the only software making the claim, yes. But how is that known unless someone asks? What you are saying is "don't bother us". IMO, not a reasonable approach. EOT. |
Grant (SSSF) Send message Joined: 28 Mar 20 Posts: 1699 Credit: 18,186,917 RAC: 24,275 |
It's a shame you didn't bother reading the last line in my previous post.So someone else's software is always a problem, is that what you are saying?When theirs is the only software making the claim, yes.But how is that known unless someone asks? *shrug* Grant Darwin NT |
Richard James Send message Joined: 30 Mar 20 Posts: 14 Credit: 2,129,198 RAC: 1,729 |
It's a shame you didn't bother reading the last line in my previous post.So someone else's software is always a problem, is that what you are saying?When theirs is the only software making the claim, yes.But how is that known unless someone asks? Then why didn't you just say that (I did read it...). Of course, you could have said that in the first place. This sort of discussion just puts people off. EOT = don't bother to reply. |
Sid Celery Send message Joined: 11 Feb 08 Posts: 2130 Credit: 41,424,155 RAC: 16,102 |
Because this happened every few months at Seti when one AV programme or anther stuffed up one of their updates. False positives galore. It's happened before, it'll happen again. To confirm, it regularly happens at Rosetta too. Before long, an AV update usually solves the issue. In the end, exclusion of the Boinc data directories is the wisest solution. The idea that programmers here are going to inject dodgy code when it's such a lot of work to get the coding of tasks right is... yeah, that's not going to happen. Other projects, I don't know about, but not here. |
Questions and Answers :
Windows :
Ransomware warnings
©2024 University of Washington
https://www.bakerlab.org