New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MS Defender Smartscreen #836
Comments
Hi @paolo2504. Thanks for this. Could you provide a little bit more info about the error you had and at least the exact error message string and maybe a screenshot? Thanks |
Denis, when an app that was blocked first by Defender SMartscreen is allowed to run, then it runs without beng blocked anymore. I'll provide you the error msg when it will be shown on future GO versions.... Meanwhile look as follows to the sample error messages users get when smartscreen is blocking potentially dangerous apps. |
I've submitted the install file to Windows Defender online analysis and it returned as safe. But further versions will be triggered as 'unknown' until we provide a certificate embedded in install file. @oleg68 I think this can investigated to avoid annoying messages. |
There are two issues
|
I think the main error is the 'unknown' author. But I don't know which build property to fix. |
And I found this that maybe can be included in build flow: |
Yes, it can. But the two issues mentioned above are still active. |
Indeed, but before going further, we need to check if populating a missing entry for 'unknown' author in build config may be sufficent. |
just a one-cent thought...what about changing the installer tool ? at present it is nsis or Inno setup if am right. perhaps the problem is there. |
@paolo2504 No, it is not. Windows defender requires that windows executables would be signed with a certificate issued by some certification authority. If we had this certificate we could sign both GrandOrgue.exe and the nsis installation file with it. |
Where is this entry? I thing it is in the certificate, isn't it? |
I don't know. I'm referring to the original post of @paolo2504 here above. I wanted to say that if we can fix it simply with adding a missing entry without the certificate stuff... Need exploration. |
If it was possible then Defender could not protect against a malware: everybody could take the GO sources, add some malware code to them, build GO and fill the The protection is based on that only few people have access to the private key (ideally - nobody except the github build bot) and that all changes are merged only after a code revew of several responsible people. The reviewers must check that no malware is added to the source code before their approval. This protection scheme would't be possible without having a private key with high restricted access. |
@paolo2504 unfortunally, we can nothing to fix this without a quite expensive purchasing of a certificate, that is not acceptable for the open source project. |
Every time a new compiled Windows 64bit package is run, MS Defender Smartscreen warns it is a suspicious application and asks for additional information. Reason is "unknown author". To let installation proceed, it is necessary to force it.
In my memory, this didn't happen before, i mean with packages download from sourceforge and probably with early realy by Oleg.
Not an issue, just to notify this. I don't know how Smartscreen works... Maybe it really complains that somewhere in the package the Author is not populated, maybe the reason is different.
The text was updated successfully, but these errors were encountered: