zzz.i2p

Development discussions
PUA:Win32/iBryteInstaller reported in jcpuid.dll and jbigi.dll « Bug Reports and Feature Requests « I2P Help, Hints, Advice
 
Sun, 22 Mar 2020, 04:39pm #1
parg
I2P Legend

PUA:Win32/iBryteInstaller reported in jcpuid.dll and jbigi.dll

I have a user reporting this - https://github.com/BiglySoftware/BiglyBT/issues... - false positive I assume but wondered if you had come across it before?

I've not updated the DLLs since 2016 and we signed them at that time with a (now expired) Azureus cert.

I've run explicit scans on the file with the latest Windows Defender signatures and Malwarebytes and it doesn't show any issues.

Mon, 23 Mar 2020, 01:01pm #2
zzz
Administrator
Zzz

Seems unlikely.

We haven't updated the Windows dlls since 2016. Never thought about signing them and don't know how to do that, that's very interesting. We are signing our Windows installer now (but not the exe inside... we have more work to do...)

Did you sign all of the ones in installer/lib/jbigi in our tree? Maybe we should also.

I assume you're bundling a jbigi.jar that contains all the files, so you are picking up the new 64 bit linux .so files that we updated last year.

Last edited: Mon, 23 Mar 2020, 01:49pm by zzz

Mon, 23 Mar 2020, 01:44pm #3
parg
I2P Legend

The reason we started signing the DLLs (many years ago) was that it seemed to make some AV products less likely to generate false positives, not sure if that is the case anymore but it can't do any harm.

I believe you sign them in the same way as you'd sign a .exe, Tux handles that side of things.

Our linux .so files are from 2016 - I'll update them, thanks!

Mon, 23 Mar 2020, 01:51pm #4
zzz
Administrator
Zzz

ok thanks for the info. I'll put dll signing on our todo list

Mon, 23 Mar 2020, 02:23pm #5
zzz
Administrator
Zzz

entered http://trac.i2p2.i2p/ticket/2704