[Solved] Virus warnings in FreeCAD-0.20.2 WIN-x64-installer for windows

Having trouble installing or compiling FreeCAD? Get help here.
Forum rules
Be nice to others! Respect the FreeCAD code of conduct!
jfc4120
Posts: 448
Joined: Sat Jul 02, 2022 11:16 pm

Re: Virus warnings in FreeCAD-0.20.2 WIN-x64-installer for windows

Post by jfc4120 »

This time I downloaded the one from GitHub instead of the site, didn't install yet, but the hash checked and running through Norton got everything was good.

But the day of this post the same file but from the main site got virus warnings.

Huh?
GeneFC
Veteran
Posts: 5373
Joined: Sat Mar 19, 2016 3:36 pm
Location: Punta Gorda, FL

Re: Virus warnings in FreeCAD-0.20.2 WIN-x64-installer for windows

Post by GeneFC »

jfc4120 wrote: Tue Jan 10, 2023 1:46 am But the day of this post the same file but from the main site got virus warnings.
I think there is only one location. The "main site" just links directly to exactly the same github address.

There is only one file; not the same file posted in more than one place.

Gene
jfc4120
Posts: 448
Joined: Sat Jul 02, 2022 11:16 pm

Re: Virus warnings in FreeCAD-0.20.2 WIN-x64-installer for windows

Post by jfc4120 »

Thanks everyone, I am sure it's safe. :D
User avatar
yorik
Founder
Posts: 13640
Joined: Tue Feb 17, 2009 9:16 pm
Location: Brussels
Contact:

Re: Virus warnings in FreeCAD-0.20.2 WIN-x64-installer for windows

Post by yorik »

This is an annoying, recurring issue... Apparently Windows flags everything that's not coming from their store as "unsafe" and "potentially fulll of viruses"... :roll: I'm not sure yet of the right procedure to take to get rid of that problem, as apparently the requirements are unclear and have changed a number of times in the past.

As if the fake FreeCADs found on the Windows store were any safer...

Probably indeed signing the packages, if that's possible, would be a start, but even so I'm not sure that would be enough. Anyone can sign packages, I guess.
jfc4120
Posts: 448
Joined: Sat Jul 02, 2022 11:16 pm

Re: Virus warnings in FreeCAD-0.20.2 WIN-x64-installer for windows

Post by jfc4120 »

@yorik

Windows didn't flag, it was norton antivirus. Yet the two I tested from downloading direct from Github one being the portable version checked out fine with norton.

The only one with problems was the downloaded installer from: https://www.freecadweb.org/downloads.php
GeneFC
Veteran
Posts: 5373
Joined: Sat Mar 19, 2016 3:36 pm
Location: Punta Gorda, FL

Re: Virus warnings in FreeCAD-0.20.2 WIN-x64-installer for windows

Post by GeneFC »

jfc4120 wrote: Sat Jan 14, 2023 9:30 pm The only one with problems was the downloaded installer from: https://www.freecadweb.org/downloads.php
The link on the downloads page leads to

Code: Select all

https://github.com/FreeCAD/FreeCAD/releases/download/0.20.2/FreeCAD-0.20.2-WIN-x64-installer-2.exe

The direct link on the releases page https://github.com/FreeCAD/FreeCAD/releases is

Code: Select all

https://github.com/FreeCAD/FreeCAD/releases/download/0.20.2/FreeCAD-0.20.2-WIN-x64-installer-2.exe

As I said above, there is only one file regardless of how you get there.

My guess is your version of Norton has already accepted this file.

Gene
jfc4120
Posts: 448
Joined: Sat Jul 02, 2022 11:16 pm

Re: Virus warnings in FreeCAD-0.20.2 WIN-x64-installer for windows

Post by jfc4120 »

Probably, it was 2 or 3 days later when I tried again.
User avatar
uwestoehr
Veteran
Posts: 4961
Joined: Sun Jan 27, 2019 3:21 am
Location: Germany
Contact:

Re: Virus warnings in FreeCAD-0.20.2 WIN-x64-installer for windows

Post by uwestoehr »

adrianinsaval wrote: Mon Jan 09, 2023 5:08 pm check that the hash of what you downloaded matches the hash in the release page, we should probably put those hashes on the freecad.org webpage that way one can verify in an independent webpage that github wasn't tampered with. Thoughts @uwestoehr @yorik ?
Having the installer also directly at freecad.org could help here. However, this will create many GB of traffic and thus costs for FreeCAD.
With this background, I don't see the benefit.

There will always be a virus program coming with a false-positive virus check but the FreeCAD community will check this.

Concerning a signature of the installer, this is not an easy task because we would them have to pay Microsoft for this. I had a look last year on how to sign an installer to bring FreeCAD also to the Windows store and personally, I don't like that we are forced to follow the rules one one company to be in their store, to spend money for a certification/signature process this company likes etc.
However, Microsoft store and Windows signature, is something that has to be discussed by the FreeCAD core team sooner or later.
jfc4120
Posts: 448
Joined: Sat Jul 02, 2022 11:16 pm

Re: Virus warnings in FreeCAD-0.20.2 WIN-x64-installer for windows

Post by jfc4120 »

:) A few days after the warnings, all was good, so norton must have caught up. But all good now. :)
User avatar
yorik
Founder
Posts: 13640
Joined: Tue Feb 17, 2009 9:16 pm
Location: Brussels
Contact:

Re: [Solved] Virus warnings in FreeCAD-0.20.2 WIN-x64-installer for windows

Post by yorik »

uwestoehr wrote: Tue Jan 17, 2023 1:04 am However, Microsoft store and Windows signature, is something that has to be discussed by the FreeCAD core team sooner or later.
Yes definitely. There is already an issue open at https://github.com/FreeCAD/FPA/issues/5
Post Reply