help-octave
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Virus Total positives


From: Kai Torben Ohlhus
Subject: Re: Virus Total positives
Date: Fri, 17 May 2019 09:05:31 +0200

On Fri, May 17, 2019 at 8:16 AM vrozos via Help-octave <address@hidden> wrote:
Virus total gives 3 positives for octave-5.1.0-w32-installer.exe


https://www.virustotal.com/el/file/d2e4d5821496a0c7533abb660810bb31c73cf6dc1bc19430b6b35586bc2f5ff9/analysis/1551082812/

Any ideas/comments?

Thanks

Evangelos Rozos


As far I can judge virustotal.com, it is a service, that throws the official Octave installer to 59 different "Antivirus" products and if fails for Comodo, Trapmine, and Yandex.  All three "Antivirus" products I have never heard about, never worked with. And I hope that the developers of that website not have installed them on a single Microsoft (MS) operating system machine, otherwise they will all detect each other as "malware".  This phenomenon is called "false positive" and even your website has an article detecting official MS products as such:


and I think you did not uninstall MS because of that judgment by virustotal.com, right? ;-) But the question you have is about trust.  It is good to mistrust a binary installer in first place, too many people blindly trust big names and end up with broken systems.  For some reason, you trust MS, virustotal.com, and 59 proprietary products to identify Octave's installer as "malware".  I do not think that you have checked that website + 59 products yourself to detect malware reliably.

If I do not trust the binary Octave installer, I am in a much better position, than if I do not trust those 59 "Antivirus" products or the website.  Octave is free and open source software (FOSS).  You can get all source code, check it with any tool of your choice for potential vulnerabilities, compile it yourself and so on to create trust (I have done this many many times, it is no magic).  This is not possible for the 59 "Antivirus" products you have to trust them blindly.

We would like to help you, but how can we do this?  In particular we need to know what does this mean that Comodo detects the Octave installer as "address@hidden"?  Their official website has not clue, at least does not document this information how they detected this and how to prevent their detection:


Thus if you cannot give us detailed information about the "mystically" detected "malware", you should build the installer yourself https://wiki.octave.org/Windows_Installer and check for any malicious code in this process.

Best,
Kai


reply via email to

[Prev in Thread] Current Thread [Next in Thread]