From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from sonic317-27.consmr.mail.bf2.yahoo.com (sonic317-27.consmr.mail.bf2.yahoo.com [74.6.129.82]) by sourceware.org (Postfix) with ESMTPS id 358FB3864A32 for ; Wed, 7 Dec 2022 21:54:11 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 358FB3864A32 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=harkless.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=yahoo.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1670450050; bh=RhC5zZGQkxcGrjOpKsx6yLSyH+ZL0Shj0/y3Yn5wMcs=; h=Date:Subject:To:References:From:In-Reply-To:From:Subject:Reply-To; b=DxhEPSqLLCkLi7+9mKXpBgVJQ4kO6XaHLmzwuxJqknTthp4kGAwHWNcjFQP8gaUylRmYC+MFmoJ5HjFsHU/lSPWOtjpemcH179UJT4E3LOfYFg/FGoyeRXjqMb/cAc6oqyv/sbmOSmQuq2q0geo5wzxwioFuejCsYC0NtLyfJtnEKBoXvKufAGt+TQ1mIlRxRKDnFnRk9VB0f1IM8FCB2puSTEtQCl7f9OZeRVRHrpKSeWgYBLPvMmZ44xXzwn8HrVfegfMK9uwMxj1Z4jKHDXODOaBVlQuT3XK2/QMkDoxrcAlAbCb68nH88Hy/OlxD41G0bs3U4qV1r7phILdc+w== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1670450050; bh=Rk9tenHXNtDo2cJ49gVyIuuCAyltIomPu04cVoUny6q=; h=X-Sonic-MF:Date:Subject:To:From:From:Subject; b=fM4xCHruMIDQ3mgUWrI9W3kSD4K303ck847Ut8cff31XTqn1j0lVpSF/MTitwTBY76ur7xEUzscjRqrSpNGZpmYXHgAavH5QJ6IvfMI8RF14VnzwWXoE2j9GkdUiYQuuFvFo8uCSovGBra27ysFCGhFUPGwVxXdTquH9sIhx5+AFqMf9M5ydN2Ua/EeF5MAe7YfB5coDyoxVwVHHRD4Lndp1pW5QWNtWh9FW6hZfR/HoNZc4G/oE7WvltmiGAyx+2iBnWMWCMWnb9sWFeexnWFIWgPEu4kYW4T6PZo8MgpWWtdQ1B/+FMsdbxm8WT1eaF96mqgOOpuyWyeuWjjfokA== X-YMail-OSG: goE1OU4VM1kG_TOQievLVcFVHqCEZ94nRVklODXSgcL8YJcVXfmmcWaC0MTj1Io Qr_n.3YuAUZQYek8XQTxnTDDOOClJIUf08hAL9KsUcds3UXr2IHSuAuIQg35bFe32XwSw7fwiuXR 1SrysA9R_y36BvNQct00sOGMIQoFA0rLSb7AWnu8yM2wOC52eZ9xfezmB3_pBXu7Y42JF5wa2txm 5tIlsqiE_Zr5eihW_W6Jl9Le1Euud3mVt3ku7dGxmB0KVNml2EXD.kYZDVN9evKwxMKC9X1OCTF1 vxnGKJuZnBRJMBQJjR4NNoy1zFuj6JeFzGZKvYGH0uxWZYwNSizCp.mLtFm2o1cHpfbQ1M9N9QMB 5aFrfySXrD8gLEe7Tc_wunDS2Qw5XHRJM.YRj0IlBQY1wRalLu6OF0Oo85xKOE5s8_gOt.AYUKHC nf7E8I5pwbtJUwrRIQX1BPbBi0.nG2gYVYSdLzyueYcvETbR5VhTbMdr1pbOtxfnXGssM1fC6F3F RJ1A2FQBrersYIIBDNVYoEVnEYVn8DqnACeKaXbHSoIsmj.TBmsVq_SAnROQ_c5DWj1D3K_4CZzA 3MvcgdlFgS9.EIVLRFEFvCP5H_7UX8F.HYCVInD_WQWxU3vKN_mYh7E2QeUXX_xU7hLkeCeTN2SM omNQe9m8Igrl.FeVRrF1D2OAMvHcePYuidWEHwNFQpJb.VAhSEz5cGnvXrAH9AwRt2f_Rg4McFt4 G3z7xKlH.jmeFXdTV8hkcQ1yfLcGQvKRhdlhNKfuR4ckls4He1W2iUq_p9.h7yVAwY3WQhbZGaRB Wqzun2MZY7mgqHm2MFpwoKmBJ1KBxoe_W71WBiM8Gq8WsDJoMeD0yBQ19xBxybEB94FMw7iX3gsb f0ZzSP3HvMfc7FJPRB__oqQmQ9HOJQvOPJ5Kn6r6rQ2gVUqZIFOkur9QoQr7Ot7Ux_BNKxwy3qrK 2R6bbVed5ozBRfwOhTnUADX00G8ixuxjP3PcmA7uS7NqkOQdKhYQt3RMlXto8gz6f5zB6dx1spPv GAfWCf9dc.NE1P__XPLWceB.UlwXUhb4JOxyn2bsof3dNCmjV6XWtRZk9bazobhMZHN6aDy_6E6m WaXwBGkqTRidIuxNGpGFv0RLZxW6YxmWcaYhPsPGw4HLz6klUf7pcTJwTjBGrsvn01sAZvuBuWtA jRewnbIy9QBkbJBTcx4lIF77ImYRMMFN5HwBgsfd9XEV4YL3LiEcaXfXU1kPswmUM9tj29ncs2Zn ebjzo694.tVFPQyVkSj2UkOm4TPQUSGL.wVEOo3H2NsopoFpGzvY9J3Tz3HDoTzORCsjYKOWfmVn gJGENzRPx0TpyH.a60vuFQsiwiX_3YnDlhYjP3VbNJPzi_qE9lNcIZdSsM_K5rPmCu_zY5ZoZfuu zDALlGU1moMPFspEY736rhZbl8xKstxgl_3xaDl8KKLUNh1VR9UguOaYSUM45gCxomIHfWuz2rM. yErSSE2u52JMbc.r.CjdVW7x042VbfLIfIcymuNlQmTJx0PGUMxEFKcDy5XrEXqLXtZ1jf6FIA.G 8DFiCptmYxDSfQlN6UFmHaNPex55c.sdvIe6sExw97hzj382BVJWTi0k4JhKz7NlPc4Fy3MWn.a9 c7WTBCibTIlvi299fnCEQeFxrjW5DVYpDRycsdwvDlXmB5WrEjF5eYtKYCOR3n3PbgjsuyjoC_Mb oMeTzNYjiMYq3EMpc1pEfbFCuez0HNT4iGvJeOQyRBCqFVazF3RC6KXZZjM9hMewwi1.rQKJPk4j nZQRsUf2yfHWTe9XZXpo0uiFZsu0CA5LnEbt.NHE9yceHG1UyB6eowZ5zhpw7fN659UpvnvqoVuf YQ0tQxL0glLV5czRg12dFQt1954SduqWz4P8hrF_0QFWRliFOol9cuZDRqVjQSdF_3D5UxU8wr5q 04iRPYNX5S_KqNwRHgUR8us9z804LqV5sWHEHtJU89rNw5ekU6raQQ_1luImtTPEQT.bsquX9KNU JCaIpx6A845UJGUKKqaTyyuQAjxIvNFeZDh8qNd_FQZavo1esUXccgmy1AJz1xCQZH3zzOVhVRuN mU2Ltre3IgzgEtkS_2dltb85wyasO3AMonmLT3vvfP2BFwi2Qkdwfksvil60HwWeaIbqmPJiNyg1 1Jie0Ml.kY_yz2R0dmb3SrWIQ_q8klD_hWt4JTkI2SM.BHKgemCQuvJHYqh0_PQfbmxt3a11KwXz a9ZA6hTmjKxFdMV0BWA-- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Wed, 7 Dec 2022 21:54:10 +0000 Received: by hermes--production-gq1-d898c4779-vj7nk (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 3cfb241068c00953327f72dfda1763d8; Wed, 07 Dec 2022 21:54:07 +0000 (UTC) Message-ID: <14e7843a-5829-2c74-313b-13d08b37243e@harkless.org> Date: Wed, 7 Dec 2022 13:54:04 -0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.4.2 Subject: Re: Cygwin setup reporter as malware To: cygwin@cygwin.com References: Content-Language: en-US From: Dan Harkless In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Mailer: WebService/1.1.20926 mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo X-Spam-Status: No, score=1.2 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Level: * X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 12/7/2022 8:20 AM, Sylwester Rutkowski via Cygwin wrote:Hi, > The setup-x86_64.exe is reported as malicious at https://www.virustotal.com/gui/file/edd0a64dc65087ffe453ca94b267169b39458a983b29ac31320fcaa983d0f97e/detection > > Can this be resolved somehow? No.  It's normal and common for software like Cygwin, which has the power to be used maliciously (as opposed to, say, a Minesweeper game or something), to have false positives on VirusTotal for a handful of vendors.  I've never heard of SecureAge or Trapmine (hmm, maybe it *would* flag Minesweeper...), and I'm pretty well educated in the anti-malware space, so if it were me, I'd just ignore those false positives and pay attention to the credible AV software results (and the Community Score). If you have some corporate policy requiring things to have 0 detections on VirusTotal or something, your only recourse is to contact the SecureAge and Trapmine vendors and convince them somehow to fix their false positives. -- Dan Harkless http://harkless.org/dan/