Re: Sourceforge pidgin download page blocked by google chrome as malicious
Philippe VIALLE spake unto us the following wisdom: if I may, that's the binary file (Pidgin-2.10.11.exe) that was downloaded that seems to get blocked (in fact, local detection of malicious files by browser itself). OK, this is good information, thank you. The Pidgin Windows installer (typically not Pidgin itself) has been blocked by quite a few anti-virus and anti-malware apps in the past, due to the installer package we use (whatever it is) *also* being used by malware. Perhaps that's what is going on here. It is *also* certainly the case that several Pidgin download URLs were issued to Google in a DMCA takedown notice. The company that issued them is now backtracking (possibly due to actual liability for this act under some European jurisdictions in which both the company in question and Google have offices), but it may be or become a problem. It may not be this problem. Ethan ___ Support@pidgin.im mailing list Want to unsubscribe? Use this link: https://pidgin.im/cgi-bin/mailman/listinfo/support
Sourceforge pidgin download page blocked by google chrome as malicious
Tried to get pidgin-2.10.11 for windows from pidgin.im, and after the 5 second delay on sourceforge, was greeted by a red page in chrome, saying the site was blacklisted. I downloaded the file anyway and chrome deleted it after the download completed, calling the .exe 'malicious' as well. Virustotal says the file is clean ( 2a2c58cba5f9360f5f48cc59ccb5e1f82d59c3cc87a52648e9bd45b3968e10e3 ), maybe someone at google should be politely asked to drop sourceforge.net from their blacklist ? Cheers, Bogdan ___ Support@pidgin.im mailing list Want to unsubscribe? Use this link: https://pidgin.im/cgi-bin/mailman/listinfo/support
Re: Sourceforge pidgin download page blocked by google chrome as malicious
Bogdan Harjoc spake unto us the following wisdom: Tried to get pidgin-2.10.11 for windows from pidgin.im, and after the 5 second delay on sourceforge, was greeted by a red page in chrome, saying the site was blacklisted. I downloaded the file anyway and chrome deleted it after the download completed, calling the .exe 'malicious' as well. Virustotal says the file is clean ( 2a2c58cba5f9360f5f48cc59ccb5e1f82d59c3cc87a52648e9bd45b3968e10e3 ), maybe someone at google should be politely asked to drop sourceforge.net from their blacklist ? This is probably due to a recent, well-known bogus DMCA takedown notice. I expect the courts will straighten it out for us. Ethan ___ Support@pidgin.im mailing list Want to unsubscribe? Use this link: https://pidgin.im/cgi-bin/mailman/listinfo/support
Re: Sourceforge pidgin download page blocked by google chrome as malicious
Guys, if I may, that's the binary file (Pidgin-2.10.11.exe) that was downloaded that seems to get blocked (in fact, local detection of malicious files by browser itself). Here is an example of such an alert with a Chrome derivative browser (Dragon): [image: Images intégrées 1] Despite my efforts, I could not reproduce any scenario where this was the download URL that was blocked, therefore I believe this is a file-based detection. Now if you really look at VirusTotal, the Pidgin installer is not supposed to be fully clean: https://www.virustotal.com/en/file/2a2c58cba5f9360f5f48cc59ccb5e1f82d59c3cc87a52648e9bd45b3968e10e3/analysis/ - Rising AV repots it as PE:Trojan.Win32.Generic.141A9A33!337287731 - Clam AV detects it as PUA - Symantec reputation reports a suspicious.insight This might be due to a detection of screen capture capability (look at Zemana results), but can't be sure right now, just thinking out loud. Anyway, I would try to report this to Google, as a potential FP. My 2 cents, 2015-02-24 20:03 GMT+01:00 Ethan Blanton e...@pidgin.im: Bogdan Harjoc spake unto us the following wisdom: Tried to get pidgin-2.10.11 for windows from pidgin.im, and after the 5 second delay on sourceforge, was greeted by a red page in chrome, saying the site was blacklisted. I downloaded the file anyway and chrome deleted it after the download completed, calling the .exe 'malicious' as well. Virustotal says the file is clean ( 2a2c58cba5f9360f5f48cc59ccb5e1f82d59c3cc87a52648e9bd45b3968e10e3 ), maybe someone at google should be politely asked to drop sourceforge.net from their blacklist ? This is probably due to a recent, well-known bogus DMCA takedown notice. I expect the courts will straighten it out for us. Ethan ___ Support@pidgin.im mailing list Want to unsubscribe? Use this link: https://pidgin.im/cgi-bin/mailman/listinfo/support -- Philippe Vialle ___ Support@pidgin.im mailing list Want to unsubscribe? Use this link: https://pidgin.im/cgi-bin/mailman/listinfo/support
