Was thinking about to test the player version, but this prevents me:
https://www.virustotal.com/#/file/7182a ... /detection
All versions have something, not sure if this are false positives.
Virustotal found something in ZIP and Setupfiles, False Positivies?
-
- KVRist
- Topic Starter
- 99 posts since 30 Mar, 2005
-
- KVRist
- 75 posts since 9 Feb, 2004
Hey there,
rest assured that these are false positives, but believe me, this topic never gets old.
A scanner that returns "packed" simply recognized the file as compressed and cannot uncompress it. Unless this is true for multiple scanners it does not mean anything. On the other hand, a scanner that returns a "heuristic" result as a positive means it has absolutely not a shred of a clue what is going on, which is about as useful as a middle-age witch burning.
All releases and builds of Resonic and Resonic Pro are always double-checked before release and digitally triple-signed (!) as proof of origin:
To sum this up:
Unless the digital signatures on the files are broken (in which case someone has meddled with the file), or multiple high-quality AV scanners report the same (or very similar) thing, you can safely disregard these results.
We put all our time into this project, and our goal is to create something awesome. We certainly don't want to compromise the relationship with our users and customers.
Resonic is, was, and will always be free of malicious content or intentions, including malware and comparable things. We also have and always will respond to random company's offers to integrate our software with their ad-ware wrappers for monetization with a heartfelt "f*ck off."
Low-end AV scanners (e.g., TrendMicro) should really have no right to exist these days. They report false positives despite whenever something looks remotely packed, which Resonic is, as part of the licensing system that protects our work, or when their random number generator decides that it's another great day to scare users.
It's worth mentioning that we also had our share of battles with the likes of Symantec, who for example have an infrastructure so questionable it is almost impossible to get rid of false positives, unless you're lucky and your report hits the right worker at the right time.
I hope this answers your concerns sufficiently. Any other question you may have, please always feel free to get back to me.
Cheers, Tom
rest assured that these are false positives, but believe me, this topic never gets old.
A scanner that returns "packed" simply recognized the file as compressed and cannot uncompress it. Unless this is true for multiple scanners it does not mean anything. On the other hand, a scanner that returns a "heuristic" result as a positive means it has absolutely not a shred of a clue what is going on, which is about as useful as a middle-age witch burning.
All releases and builds of Resonic and Resonic Pro are always double-checked before release and digitally triple-signed (!) as proof of origin:
- the executable and DLL files contain a high-security digital code signing certificate
- the setup version (MSI) is also signed with the same certificate to keep things consistent
- the main executables and some DLLs also contain Software Taggant certificates which are an industry standard specifically made for virus scanners (that prefer to exist in the present) in order to add another layer of security to identifying the origin and assessing the safety of the file
To sum this up:
Unless the digital signatures on the files are broken (in which case someone has meddled with the file), or multiple high-quality AV scanners report the same (or very similar) thing, you can safely disregard these results.
We put all our time into this project, and our goal is to create something awesome. We certainly don't want to compromise the relationship with our users and customers.
Resonic is, was, and will always be free of malicious content or intentions, including malware and comparable things. We also have and always will respond to random company's offers to integrate our software with their ad-ware wrappers for monetization with a heartfelt "f*ck off."
Low-end AV scanners (e.g., TrendMicro) should really have no right to exist these days. They report false positives despite whenever something looks remotely packed, which Resonic is, as part of the licensing system that protects our work, or when their random number generator decides that it's another great day to scare users.
It's worth mentioning that we also had our share of battles with the likes of Symantec, who for example have an infrastructure so questionable it is almost impossible to get rid of false positives, unless you're lucky and your report hits the right worker at the right time.
I hope this answers your concerns sufficiently. Any other question you may have, please always feel free to get back to me.
Cheers, Tom
You do not have the required permissions to view the files attached to this post.
-
- KVRist
- Topic Starter
- 99 posts since 30 Mar, 2005
Ok, good to know. I always recheck downloaded files via multi scanners like virustotal. Maybe you should report them as false positive as often as you can, so you will atleast try to reduce the results. I'm sure, i'm not the only one, who firstly don't want to install / try it, when this report pops up. Anyway, thank you for your reply.
-
- KVRist
- 75 posts since 9 Feb, 2004
While it is undoubtedly important to make sure no false positives are being reported it is virtually impossible to do. To be honest, we have given up on TrendMicro and some others. For every single new file we released we had to file separate reports on several sites.aquilyzer wrote:Ok, good to know. I always recheck downloaded files via multi scanners like virustotal. Maybe you should report them as false positive as often as you can, so you will atleast try to reduce the results. I'm sure, i'm not the only one, who firstly don't want to install / try it, when this report pops up. Anyway, thank you for your reply.
The major AV producers seem to have finally accepted the Taggant certificate recently, which took them ages (many years now) considering that they have agreed upon this system in the first place. But you know, nothing is permanent when it comes to that.
All I can suggest to users is to stay away from questionable brands and stick to reliable AV scanners that do not slow down the system too much (and they do.) This is likely something Pro audio users don't want in the first place.
Resonic is a highly optimized application for a very specific purpose of handling large amounts of files smoothly. Simply because of that I would recommend serious users to make sure they add a folder scan exclusion/exception for the Resonic install location in their AV scanner (whichever one it may be) anyways, which makes sure the scanner does not interfere with Resonic's optimizations constantly, ensuring the best possible performance.
A few words on this here: https://resonic.at/faq#slowstartup
Cheers, Tom
-
- KVRist
- 75 posts since 9 Feb, 2004
