Virus found in game installation file?



  • Hey just wondering, windows gave me alert about the game file installation I downloaded I checked it with virusTotal and it warnings about virus, anyone can explain this somehow?


  • TF#12 - PEOPLE'S HERALD

    @MadDogTannen what exactly said Windows?
    Really a virus alert or just that the program is not signed?



  • Cant remind exact words but something like ' are u sure u want to download this file, it can be dangerous'

    https://gyazo.com/cc736980b2105c309cf148f01742ee0e
    Viruses found in the file


  • TF#12 - PEOPLE'S HERALD

    @MadDogTannen hmm thats interesting... @Specter surly can move the topic to the Alpha Section as a bug report.

    I guess it can be the used installer package, maybe too old. 🤷‍♀️
    I know this from a past company, we had similar problems by using an open source installer for our products.


  • TF#6 - DIPLOMAT

    @MadDogTannen good questions deserve good answers, especially when it is about security.

    So what i guess happened here:
    You download it, it's unsigned and therefore some virusscanners just say its unsafe. It's not that the file is unsafe (your -based-on-signature-files-to-match-anti-virusscanner is just not smart enough to know the difference (unlike heimdal or sentinelone ) and its easy to say "unsafe"

    What singing does: it does make sure that the file is not altered during transfer (or altered during store or download or on your computer after download.
    sadly, anyone can sign a file, so... signing alone is not enough.

    A signature alone It still doesn't guarantee its safe, for that an extra step is needed, when a developer like Dynamight Studios use a valid key, then a developer can sign the software that they made and you can validate against a source you trust to see if the file is actually the file that Dynamight Studios Srl has created. As soon as something is altered, the key won't validate (against the dynamight key) and then the file is considered malicious.

    signing software can be done by anybody, so also by hackers. (its really simple if you have a GIT account or when you use PowerShell. https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.security/set-authenticodesignature?view=powershell-7

    This whole principle is based on trusted parties. We trust the bank, but only because the bank has federal stuff. We trust microsoft (yeah i know) and because of that, we have a bunch of trusted certificates already built-in in our windows computers. (microsoft has a very good understanding of security, is unlike AWS -and now the flamewar starts- standing up for customers rights (they have a huge amount of lawyers to prevent abuse -easy access by the government etc.)

    There is much more of that, and there are literal hundreds of books about security and it would be out-of-place to write about it here.)
    Still. i think this might give you some insight into what it actually means, why it happens and what you could do about/with it. (ask yourself: why trust a certain brand of antivirus?)
    have fun!


  • TF#11 - PROCONSUL

    and furthermore, going through the Signing process during an Alpha/Beta test phase can cause unneeded delays, as the file gets changed so often in these phases you'd constantly be resigning the files to keep them matching.


  • TF#6 - DIPLOMAT

    @GamerSeuss signing is easy, i can send you one file with 5 updates of that file in 5 minutes. That's not an issue to consider. you could do it automatically (hence the reference to GIT) Every time you connect to HTTPS you do the same (HTTPS is sending messages SSL over HTTP, using encryption). i can change my website all day long. (what it is https://www.websecurity.digicert.com/security-topics/what-is-ssl-tls-https)

    For those readers who have no clue what we are talking about or try to follow our tiny discussion: https://www.youtube.com/watch?v=AQDCe585Lnc

    // I'll shut up now cuz I write too much and most people just say "meh. I don't care" let's talk about the game 😉 )


  • TF#12 - PEOPLE'S HERALD

    @Dordolio said in Virus found in game installation file?:

    I'll shut up now cuz I write too much and most people just say "meh. I don't care" let's talk about the game

    Spreading knowledge is always a good thing. Even if just one will grab this to improve own knowledge 🙂


Log in to reply
 

Copyright © 2020 Dynamight Studios Srl | Fractured