Re: [go-nuts] Go for windows has a virus (again)
1,073 views
Skip to first unread message
Jan Mercl
Apr 12, 2013, 3:52:17 AM4/12/13
to capnm, golang-nuts
On Fri, Apr 12, 2013 at 7:59 AM, capnm <cap...@gmail.com> wrote:
> This time, every binary produced by the go go1.1 beta*
> tool chain contains the TR/Crypt.XPACK.Gen2 killer virus,
> says avira aka antivir. This currently successfully blocks
> any attempt to install or to use Go on almost any
> school computer.
You're using a -beep- antivirus SW. Please complain to the producer of
it or change your AV or use a real OS. (Flame on me ;-)
-j
> This time, every binary produced by the go go1.1 beta*
> tool chain contains the TR/Crypt.XPACK.Gen2 killer virus,
> says avira aka antivir. This currently successfully blocks
> any attempt to install or to use Go on almost any
> school computer.
You're using a -beep- antivirus SW. Please complain to the producer of
it or change your AV or use a real OS. (Flame on me ;-)
-j
nvcnvn
Apr 12, 2013, 7:55:15 AM4/12/13
to golan...@googlegroups.com
Why don;t you download and build the source code? A virus in an 100% open source??? Wow!!!
BTW maybe your Avira has a virus, over maybe your Windows has a virus...
Vào 12:59:57 UTC+7 Thứ sáu, ngày 12 tháng tư năm 2013, capnm đã viết:
Vào 12:59:57 UTC+7 Thứ sáu, ngày 12 tháng tư năm 2013, capnm đã viết:
This time, every binary produced by the go go1.1 beta*tool chain contains the TR/Crypt.XPACK.Gen2 killer virus,says avira aka antivir. This currently successfully blocksany attempt to install or to use Go on almost anyschool computer.
virustotal and my false positive reportWell, as somebody has noted, Go was written by hackers;)
Jeff Mitchell
Apr 12, 2013, 9:36:19 AM4/12/13
to capnm, golan...@googlegroups.com
capnm wrote:
> Tell that the school admins. As a teacher you can't do anything a about it.
> They probably see "antivirus" and it's "freeware!" so they fulfilled
> some government
> rules and are happy.
Based on the fact that you are able to download the Go installer, it
seems like perhaps you have some level of install capabilities on the
computer.
That said, perhaps it would be feasible (if a bit lengthy in execution)
to use a free Windows VM solution like VirtualBox, install a Linux VM,
and use Go in there?
--Jeff
> Tell that the school admins. As a teacher you can't do anything a about it.
> They probably see "antivirus" and it's "freeware!" so they fulfilled
> some government
> rules and are happy.
Based on the fact that you are able to download the Go installer, it
seems like perhaps you have some level of install capabilities on the
computer.
That said, perhaps it would be feasible (if a bit lengthy in execution)
to use a free Windows VM solution like VirtualBox, install a Linux VM,
and use Go in there?
--Jeff
Devon H. O'Dell
Apr 12, 2013, 9:51:58 AM4/12/13
to capnm, golang-nuts
2013/4/12 capnm <cap...@gmail.com>:
> TR/Crypt.XPACK.Gen3
> for Go 1.2. Maybe the gophers should vehement tell the AV, that Go is a
> programming language
> and not a virus ;-) They have a nice upload page:
> https://analysis.avira.com/en/submit
Did you file a false positive report on the website you linked here?
Instructions are provided on the referenced page.
--dho
> --
> You received this message because you are subscribed to the Google Groups
> "golang-nuts" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to golang-nuts...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
> Tell that the school admins. As a teacher you can't do anything a about it.
> They probably see "antivirus" and it's "freeware!" so they fulfilled some
> government
> rules and are happy.
>
> I'm sure there will be TR/Crypt.XPACK.Gen2+ for the release and
> They probably see "antivirus" and it's "freeware!" so they fulfilled some
> government
> rules and are happy.
>
> TR/Crypt.XPACK.Gen3
> for Go 1.2. Maybe the gophers should vehement tell the AV, that Go is a
> programming language
> and not a virus ;-) They have a nice upload page:
> https://analysis.avira.com/en/submit
Did you file a false positive report on the website you linked here?
Instructions are provided on the referenced page.
--dho
> --
> You received this message because you are subscribed to the Google Groups
> "golang-nuts" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to golang-nuts...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
Svip
Apr 12, 2013, 11:22:46 AM4/12/13
to nvcnvn, golan...@googlegroups.com
On 12 April 2013 13:55, nvcnvn <nvc...@gmail.com> wrote:
> Why don;t you download and build the source code? A virus in an 100% open
> source??? Wow!!!
Wouldn't be the first time that has happened. Clever developers with
> Why don;t you download and build the source code? A virus in an 100% open
> source??? Wow!!!
intent on havoc can sneak in malware in open source projects.
steve wang
Apr 12, 2013, 11:31:19 AM4/12/13
to golan...@googlegroups.com
I had a similar experience on go1.0.3, and it turned out to be a misreport caused by some files built by mingw.
On Friday, April 12, 2013 1:59:57 PM UTC+8, capnm wrote:
On Friday, April 12, 2013 1:59:57 PM UTC+8, capnm wrote:
This time, every binary produced by the go go1.1 beta*tool chain contains the TR/Crypt.XPACK.Gen2 killer virus,says avira aka antivir. This currently successfully blocksany attempt to install or to use Go on almost anyschool computer.
Svip
Apr 12, 2013, 11:34:36 AM4/12/13
to ty...@torbit.com, golan...@googlegroups.com, nvcnvn
On 12 April 2013 17:27, <ty...@torbit.com> wrote:
> While what you say is possible, it is highly unlikely. What is more likely
> is that someone wrote a virus using Go and an incompetent anti-virus firm
> included sections of the run-time and/or compiled standard libraries in
> their definition for that virus.
I apologise, I did not mean to imply that Go had been infected with
it, I just mentioned that it is not completely out of the question for
an open source project to be infected.
> While what you say is possible, it is highly unlikely. What is more likely
> is that someone wrote a virus using Go and an incompetent anti-virus firm
> included sections of the run-time and/or compiled standard libraries in
> their definition for that virus.
I apologise, I did not mean to imply that Go had been infected with
it, I just mentioned that it is not completely out of the question for
an open source project to be infected.
capnm
Apr 12, 2013, 5:39:22 PM4/12/13
to golan...@googlegroups.com, capnm
On Friday, 12 April 2013 15:51:58 UTC+2, Devon H. O'Dell wrote:
Did you file a false positive report on the website you linked here?
Instructions are provided on the referenced page.
Yes, the link get lost in Jan's post:
>>The file 'go.exe' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection is removed from our virus definition file (VDF) with the version: 7.11.72.74.<<
etc.
A good news, but it does't mean something really changed.
Reply all
Reply to author
Forward
0 new messages