Alert: Why does EncrptPad use sockets?

Skip to first unread message

Nov 18, 2018, 6:21:26 AM11/18/18
to EncryptPad
My f-secure virus protection raised an alarm and blocked EncryptPad for suspicious behaviour.
On github I then found Encryptpad is using sockets (ip_sockets.cpp).
Why should a texteditor access the internet???
To me this looks like a serious security flaw.
This is a no-go and I will not use it anymore.


Evgeny Pokhilko

Nov 18, 2018, 6:54:49 AM11/18/18
to, EncryptPad
Hi Lukas,

EncryptPad doesn't use sockets. ip_sockets.cpp comes with stlplus library. EncryptPad doesn't use the ip_sockets, tcp_sockets or udp_sockets provided by the library. You can download the source files and search if it makes any calls to those header files. There is none.

Regarding the anti-virus, unfortunately anti-viruses make false-positives sometimes (see

> --
> You received this message because you are subscribed to the Google Groups "EncryptPad" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
> To post to this group, send an email to
> To view this discussion on the web, visit
> For more options, visit

Evgeny Pokhilko
Message has been deleted

Evgeny Pokhilko

Nov 22, 2018, 4:32:00 AM11/22/18
I am forwarding the reply Lukas received from f-secure regarding the false-positive identification

Begin forwarded message:

Date: Wed, 21 Nov 2018 12:55:02 +0100
From: Lukas
To: Evgeny
Subject: F-Secure: 01953692 encryptpad0_4_0_2_win32 malware warning - fals [ ref:_00Db0JXpV._5000X1bR3tp:ref ]

Dear Evgeny

See below the answer from f-secure.
It is now whitelisted.

Thanks anyway,
Lukas a

---- Original Message ----
Subject: F-Secure: 01953692 encryptpad0_4_0_2_win32 malware warning - fals
[ ref:_00Db0JXpV._5000X1bR3tp:ref ]
Sent: Nov 21, 2018 10:37 AM
From: F-Secure Customer Care
To: lukas


Thank you for your submission.

We have identified the issue as a False Positive, which the file will be
white-listed and file reputation will be reflected via our security cloud.

If there is anything else we can help you with, please do not hesitate to
contact us again.

Best regards,
Hau Vei,
Malware Analyst
F-Secure Security Labs

*Visit our Labs blog at
*Give and get advice in our F-Secure Community at <>*
*Contact Support at

in response to:


--------------- Original Message ---------------
*From:* F-Secure Customer
*Sent:* 21/11/2018 05:38
*To:* lukas
*Subject:* F-Secure: 01953692 encryptpad0_4_0_2_win32 malware warning - fals

Dear Customer,

Thank you for contacting F-Secure. We have received the following service
request submitted by you:

Number: 01953692
Created: 2018-11-20
Subject: encryptpad0_4_0_2_win32 malware warning - false positive

This is an automatic reply which is sent to you as an acknowledgement. Our
Customer Care will contact you as soon as possible.

While we respond as fast as possible, we prioritize phone calls and chats
over email. This may lead to longer response times for email requests. If
your request is urgent, please give us a call.

When contacting our technical support about this service request, please
tell the service request number mentioned in this e-mail. If you want to
send additional information about this service request, please reply to
this e-mail and keep the subject unchanged.

Note also that F-Secure Community is at your service. If you have questions
related to our products and services or want to discuss product issues or
safety in the digital world in general with other users, go to our
Community at

F-Secure Corporation
Customer Care


Evgeny Pokhilko

Nov 30, 2018, 11:40:23 PM11/30/18
to EncryptPad
After receiving the alert I sent the file to f-secure for further analysis.
f-secure confirmed it was a false positive and that they would include it in their white list.
Mail from f-secure: (I remove tags

Betreff: F-Secure: 01953692 encryptpad0_4_0_2_win32 malware warning -
fals [ ref:_00Db0JXpV._5000X1bR3tp:ref ]
Datum: Wed, 21 Nov 2018 09:37:03 +0000 (GMT)
Von: F-Secure Customer Care <customer-care(at)f-secure(dot)com>
An: lukas {removed private address}
Reply all
Reply to author
0 new messages