From: Brian Inglis <Brian.Inglis@SystematicSw.ab.ca>
To: cygwin@cygwin.com
Subject: Re: Cygwin setup error
Date: Tue, 21 Apr 2020 16:07:02 -0600 [thread overview]
Message-ID: <f6464b74-70ff-08ef-dc22-bea63e643c06@SystematicSw.ab.ca> (raw)
In-Reply-To: <8d287574-f820-564b-4794-e35e3429174c@gmail.com>
On 2020-04-21 12:33, Marco Atzeri via Cygwin wrote:
> Am 21.04.2020 um 18:08 schrieb Antonio Cesar Rosa:
>> I do not think so. See the output from Virustotal:
>> 2431de4597a2162f3e1d60af90f638b41677265b07cc66fcb0231fdde452c841
>> setup-x86_64.exe 1.29 MB 2020-04-21 00:31:19 UTC
>> Size
>> 15 hours ago
>> 64bits direct-cpu-clock-access overlay peexe runtime-modules
>> DETECTION DETAILS BEHAVIOR COMMUNITY
>> SecureAge APEX Malicious MaxSecure Trojan.Malware.300983.susgen
>> Lastline MALWARE Acronis Undetected
Scoring 2[.5]/71 is not exactly a threatening consensus - believe the 69 and
ignore the 2[.5].
The URL check has eight more checkers excluding the three false positives score
0/80.
Many AVs use "heuristic/WAG" approaches which often give false positives on
installers.
This group probably sees about one false positive a month, but I don't ever
recall a real issue in about/over ten years.
> please reply on mailing list in copy.
> Virus Total with the URL https://cygwin.com/setup-x86_64.exe
> gives all clean.
> If you have a different result. likely you have a tampered file.
> And using the signature available on
> https://cygwin.com/install.html
> we also have:
> $ gpg2 --verify setup-x86_64.exe.sig
> gpg: assuming signed data in 'setup-x86_64.exe'
> gpg: Signature made Sat, Mar 21, 2020 6:35:25 PM CET
> gpg: using DSA key 1169DF9F22734F743AA59232A9A262FF676041BA
> gpg: checking the trustdb
> gpg: marginals needed: 3 completes needed: 1 trust model: pgp
> gpg: depth: 0 valid: 1 signed: 1 trust: 0-, 0q, 0n, 0m, 0f, 1u
> gpg: depth: 1 valid: 1 signed: 0 trust: 1-, 0q, 0n, 0m, 0f, 0u
> gpg: next trustdb check due at 2022-02-26
> gpg: Good signature from "Cygwin <cygwin@cygwin.com>" [ultimate]
> gpg: Signature made Sat, Mar 21, 2020 6:35:25 PM CET
> gpg: using RSA key 56405CF6FCC81574682A5D561A698DE9E2E56300
> gpg: Good signature from "Cygwin <cygwin@cygwin.com>" [full]
$ TZ=UTC wget -N http://cygwin.com/setup-x86{_64,}.exe{.sig,}
2020-04-21 21:26:37 URL:http://cygwin.com/setup-x86_64.exe.sig [661/661] ->
"setup-x86_64.exe.sig" [1]
2020-04-21 21:26:38 URL:http://cygwin.com/setup-x86_64.exe [1352723/1352723] ->
"setup-x86_64.exe" [1]
2020-04-21 21:26:38 URL:http://cygwin.com/setup-x86.exe.sig [661/661] ->
"setup-x86.exe.sig" [1]
2020-04-21 21:26:41 URL:http://cygwin.com/setup-x86.exe [1248787/1248787] ->
"setup-x86.exe" [1]
FINISHED --2020-04-21 21:26:41--
Total wall clock time: 4.4s
Downloaded: 4 files, 2.5M in 2.2s (1.12 MB/s)
$ TZ=UTC ls -glo --full setup-x86{_64,}.exe{.sig,}
-rw-r--r--+ 1 1248787 2020-03-21 17:28:48.000000000 +0000 setup-x86.exe
-rw-r--r--+ 1 661 2020-03-21 17:29:04.000000000 +0000 setup-x86.exe.sig
-rw-r--r--+ 1 1352723 2020-03-21 17:35:04.000000000 +0000 setup-x86_64.exe
-rw-r--r--+ 1 661 2020-03-21 17:35:25.000000000 +0000 setup-x86_64.exe.sig
$ TZ=UTC sha256sum setup-x86{_64,}.exe{.sig,}
9e99b618cf6cf0e7a6efac9bff2028acebdb44fd552407e4cb7839f0867b035e
*setup-x86_64.exe.sig
2431de4597a2162f3e1d60af90f638b41677265b07cc66fcb0231fdde452c841 *setup-x86_64.exe
c7b45a34a0ef18b409a385c7157fd7bb68a799148c212bab74037e0438f5addb *setup-x86.exe.sig
d218a41a45fcec581affd0e1ccc66011aa06a3a9b299576104546074e8480064 *setup-x86.exe
$ TZ=UTC gpg2 --verify setup-x86_64.exe{.sig,}
gpg: Signature made 2020 Mar 21 Sat 17:35:25 UTC
gpg: using DSA key 1169DF9F22734F743AA59232A9A262FF676041BA
gpg: Good signature from "Cygwin <cygwin@cygwin.com>" [full]
gpg: Signature made 2020 Mar 21 Sat 17:35:25 UTC
gpg: using RSA key 56405CF6FCC81574682A5D561A698DE9E2E56300
gpg: Good signature from "Cygwin <cygwin@cygwin.com>" [full]
$ TZ=UTC gpg2 --verify setup-x86.exe{.sig,}
gpg: Signature made 2020 Mar 21 Sat 17:29:04 UTC
gpg: using DSA key 1169DF9F22734F743AA59232A9A262FF676041BA
gpg: Good signature from "Cygwin <cygwin@cygwin.com>" [full]
gpg: Signature made 2020 Mar 21 Sat 17:29:04 UTC
gpg: using RSA key 56405CF6FCC81574682A5D561A698DE9E2E56300
gpg: Good signature from "Cygwin <cygwin@cygwin.com>" [full]
Same files from a month ago with same digests and signatures.
Many have downloaded and used it in that timeframe for dozens of package
installs and upgrades with no issues or reports before yours.
--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
next prev parent reply other threads:[~2020-04-21 22:07 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-21 15:29 Antonio Cesar Rosa
2020-04-21 15:53 ` Marco Atzeri
[not found] ` <CAHCu2igRV=guUb2nNm1gDPxtxi9g_hqFo7RMh4xERveaNWjYqQ@mail.gmail.com>
2020-04-21 18:33 ` Marco Atzeri
2020-04-21 22:07 ` Brian Inglis [this message]
-- strict thread matches above, loose matches on Subject: below --
2005-07-21 4:40 cygwin " "Dr. M. C. Nelson"
2005-07-21 5:18 ` Larry Hall
2005-07-21 4:28 "Dr. M. C. Nelson"
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f6464b74-70ff-08ef-dc22-bea63e643c06@SystematicSw.ab.ca \
--to=brian.inglis@systematicsw.ab.ca \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).