[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #5689 [Company]: tor-browser-2.2.35-9_en-US.exe infected?
#5689: tor-browser-2.2.35-9_en-US.exe infected?
-------------------------+--------------------------------------------------
Reporter: taylorkh | Owner: erinn
Type: defect | Status: closed
Priority: critical | Milestone: TorBrowserBundle 2.2.x-stable
Component: Company | Version:
Resolution: fixed | Keywords:
Parent: | Points:
Actualpoints: |
-------------------------+--------------------------------------------------
Changes (by Sebastian):
* status: reopened => closed
* resolution: => fixed
Comment:
Replying to [comment:11 mikeperry]:
> Wow, I don't know about you guys, but this sounds like the malware on
our build machines is what got the update :). How did all of the AV
vendors sync up so fast? Are they usually that responsive?
I'm sorry that I have to dispel your paranoia, but it was _THE SAME FILE_
that got scanned again. At least I pointed it to the same file on our
webserver, and virustotal got the same sha256 for it. Now, if you want to
claim that probably virustotal got owned by the guys who owned our build
machine, then... erm... yeah. whatever.
> And why did an independent build machine produce a clean build
immediately, while they were still flagging our official bundles.
Because the builds aren't deterministic. I tried a couple times more on my
windows VM, and sometimes some of the AV software flags one part of the
tbb as having random malware crap. Basically, AV heuristics are utter
bullshit.
> I'm not sure I want to close this.. I'm still left with more questions
than answers. Does anyone know any staff/contact points at AV companies?
We should at least attempt some minimal fact checking...
I hope what I wrote above convinced you. Next time please don't assume I'm
taking the possibility of malware in our bundles lightly without actual
evidence
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5689#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs