Re: Sourceforge pidgin download page blocked by google chrome as malicious
Philippe VIALLE spake unto us the following wisdom: if I may, that's the binary file (Pidgin-2.10.11.exe) that was downloaded that seems to get blocked (in fact, local detection of malicious files by browser itself). OK, this is good information, thank you. The Pidgin Windows installer (typically not Pidgin itself) has been blocked by quite a few anti-virus and anti-malware apps in the past, due to the installer package we use (whatever it is) *also* being used by malware. Perhaps that's what is going on here. It is *also* certainly the case that several Pidgin download URLs were issued to Google in a DMCA takedown notice. The company that issued them is now backtracking (possibly due to actual liability for this act under some European jurisdictions in which both the company in question and Google have offices), but it may be or become a problem. It may not be this problem. Ethan ___ Support@pidgin.im mailing list Want to unsubscribe? Use this link: https://pidgin.im/cgi-bin/mailman/listinfo/support
Sourceforge pidgin download page blocked by google chrome as malicious
Tried to get pidgin-2.10.11 for windows from pidgin.im, and after the 5 second delay on sourceforge, was greeted by a red page in chrome, saying the site was blacklisted. I downloaded the file anyway and chrome deleted it after the download completed, calling the .exe 'malicious' as well. Virustotal says the file is clean ( 2a2c58cba5f9360f5f48cc59ccb5e1f82d59c3cc87a52648e9bd45b3968e10e3 ), maybe someone at google should be politely asked to drop sourceforge.net from their blacklist ? Cheers, Bogdan ___ Support@pidgin.im mailing list Want to unsubscribe? Use this link: https://pidgin.im/cgi-bin/mailman/listinfo/support
Re: Sourceforge pidgin download page blocked by google chrome as malicious
Bogdan Harjoc spake unto us the following wisdom: Tried to get pidgin-2.10.11 for windows from pidgin.im, and after the 5 second delay on sourceforge, was greeted by a red page in chrome, saying the site was blacklisted. I downloaded the file anyway and chrome deleted it after the download completed, calling the .exe 'malicious' as well. Virustotal says the file is clean ( 2a2c58cba5f9360f5f48cc59ccb5e1f82d59c3cc87a52648e9bd45b3968e10e3 ), maybe someone at google should be politely asked to drop sourceforge.net from their blacklist ? This is probably due to a recent, well-known bogus DMCA takedown notice. I expect the courts will straighten it out for us. Ethan ___ Support@pidgin.im mailing list Want to unsubscribe? Use this link: https://pidgin.im/cgi-bin/mailman/listinfo/support
Re: Sourceforge pidgin download page blocked by google chrome as malicious
Guys, if I may, that's the binary file (Pidgin-2.10.11.exe) that was downloaded that seems to get blocked (in fact, local detection of malicious files by browser itself). Here is an example of such an alert with a Chrome derivative browser (Dragon): [image: Images intégrées 1] Despite my efforts, I could not reproduce any scenario where this was the download URL that was blocked, therefore I believe this is a file-based detection. Now if you really look at VirusTotal, the Pidgin installer is not supposed to be fully clean: https://www.virustotal.com/en/file/2a2c58cba5f9360f5f48cc59ccb5e1f82d59c3cc87a52648e9bd45b3968e10e3/analysis/ - Rising AV repots it as PE:Trojan.Win32.Generic.141A9A33!337287731 - Clam AV detects it as PUA - Symantec reputation reports a suspicious.insight This might be due to a detection of screen capture capability (look at Zemana results), but can't be sure right now, just thinking out loud. Anyway, I would try to report this to Google, as a potential FP. My 2 cents, 2015-02-24 20:03 GMT+01:00 Ethan Blanton e...@pidgin.im: Bogdan Harjoc spake unto us the following wisdom: Tried to get pidgin-2.10.11 for windows from pidgin.im, and after the 5 second delay on sourceforge, was greeted by a red page in chrome, saying the site was blacklisted. I downloaded the file anyway and chrome deleted it after the download completed, calling the .exe 'malicious' as well. Virustotal says the file is clean ( 2a2c58cba5f9360f5f48cc59ccb5e1f82d59c3cc87a52648e9bd45b3968e10e3 ), maybe someone at google should be politely asked to drop sourceforge.net from their blacklist ? This is probably due to a recent, well-known bogus DMCA takedown notice. I expect the courts will straighten it out for us. Ethan ___ Support@pidgin.im mailing list Want to unsubscribe? Use this link: https://pidgin.im/cgi-bin/mailman/listinfo/support -- Philippe Vialle ___ Support@pidgin.im mailing list Want to unsubscribe? Use this link: https://pidgin.im/cgi-bin/mailman/listinfo/support
Re: Pidgin Download
C B spake unto us the following wisdom: I don't have a problem to report but rather a suggestion that a checksum (preferably SHA256) be provided for downloads for people to verify that they have a trusted file. Digital signatures are provided, which are a strictly stronger assurance than a simple checksum. There is no link from the pidgin.im download page, but they are available from the SourceForge file list: http://sourceforge.net/projects/pidgin/files/Pidgin/2.10.7/ Ethan signature.asc Description: Digital signature ___ Support@pidgin.im mailing list Want to unsubscribe? Use this link: http://pidgin.im/cgi-bin/mailman/listinfo/support
Re: Pidgin Download
On Mon, Mar 11, 2013 at 10:56 AM, Ethan Blanton e...@pidgin.im wrote: C B spake unto us the following wisdom: I don't have a problem to report but rather a suggestion that a checksum (preferably SHA256) be provided for downloads for people to verify that they have a trusted file. Digital signatures are provided, which are a strictly stronger assurance than a simple checksum. There is no link from the pidgin.im download page, but they are available from the SourceForge file list: http://sourceforge.net/projects/pidgin/files/Pidgin/2.10.7/ In addition to that, the FAQ links to https://developer.pidgin.im/wiki/Are%20the%20packages%20signed which contains details about how to verify that the package you're using is signed appropriately. ___ Support@pidgin.im mailing list Want to unsubscribe? Use this link: http://pidgin.im/cgi-bin/mailman/listinfo/support
pidgin download
hi there. Pidgin 2.10.1 contains a few security updates. Please upgrade! the download file is still 2.10.0 when will 2.10.1 be uploaded to the website for download? thanks. ___ Support@pidgin.im mailing list Want to unsubscribe? Use this link: http://pidgin.im/cgi-bin/mailman/listinfo/support
trojan in Pidgin download
Hi all, Just letting you know that I tried to upgrade from Gaim to Pidgin recently and the Windows distro that I downloaded from the Amsterdam mirror contained a copy of the Zlob trojan (Zlob.Porn.Mag.Pass to be exact). I guess I'll postpone the upgrade for a bit :) Thanks, Nina ___ Yahoo! Answers - Got a question? Someone out there knows the answer. Try it now. http://uk.answers.yahoo.com/ ___ Support mailing list Support@pidgin.im http://pidgin.im/cgi-bin/mailman/listinfo/support