-
-
Notifications
You must be signed in to change notification settings - Fork 417
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add File Hashes #20
Comments
It shouldn't per its VirusTotal results it's not detected as a False Positive by Microsoft The full results are here: I don't know the exact translation but I know that Chrome blocks uncommon downloads, this may be a similar feature. |
This is due to Microsoft Smartscreen. Not sure how you can bypass that other than disabling smartscreen. |
Consider printing the artifact's hash as part of the workflow @rcmaehl. While this won't help with Edge's warning, it will allow users to know that the binary they are downloading is built from this repo. |
I am pretty sure that @rcmaehl builds release builds locally. And to my knowledge autoit doesnt produce reproducible binaries (but I didn't read much into it, so maybe it is possible) |
Releases should have binaries from the CI. Safety is a concern with projects like this. As long as the build comes from the CI, there is no need for reproducible binaries. The process would go like this.
|
Microsoft SmartScreen has block first-seen feature, which blocks executables are first seen on the Internet. Ignoring the prompt is okay for this project. |
zipping the file doesnt help much, this stuff happens literally all the time over in emulation projects where the builds can come out really fast, which doesn't give the heuristic network enough time and training to realize that they arent malicious |
Google chrome and Edge uses Chromium code base. File types that are mostly blocked are listed here https://source.chromium.org/chromium/chromium/src/+/main:components/safe_browsing/core/resources/download_file_types.asciipb defender smart screen blocks them based on Authenticode certificates and file hash allowed. You can create the below registry key to allow the file type downloadable without warning **Execute the below code in PS ISE **** $regpath="HKLM:\Software\Policies\Microsoft\Edge\ExemptDomainFileTypePairsFromFileTypeDownloadWarnings" if (!(Test-Path $regpath)) { New-ItemProperty -Path $regpath -Name "1" -Value '{"domains": ["*"], "file_extension": "exe"}' -PropertyType String -Force |
Can be closed now. |
The text was updated successfully, but these errors were encountered: