PDA

View Full Version : Reputation building - may I ask you for a favor?



NewsArchive
02-13-2019, 10:28 AM
Hello all,

as you may remember, some weeks ago Friedrich and later on Don Ridly ask to
download a tiny installer, which is code-signed and does nothing!

:-)

Now it's up to me!

Although I have my recent Comodo-Certificate for quite a while now, Microsoft
still likes to tease me when I run a newly compiled EXE. Especially when it got
downloaded from the Internet. And as we are going to publish our new
hospital-programm very soon, I will really sleep better if I know, that this
darn warning messages do not pop up in front of the hospital admins. Not that I
scare them away...

You can help me to aquiant Microsoft with my certificates by downloading this
dummy installer from the following address:

https://abc.odata.de/downloads/reputation/index.html

There you can see the message, that wait to scare you. Even scarier, they are
in german! (but only in my screenshots ;-))

If you could please download that dummy with several browsers from probably
different IP-addresses. The more the better....

Thank you very much for your help and assistance!


Regards,
Wolfgang Orth
www.odata.de

Please note:
From time to time it happens, that I overlook a reply to my postings.
Please don't be angry.
In case of an emergency, try to contact me via mail.

Bitte beachten:
Von Zeit zu Zeit passiert es mir, dass ich Antworten auf meine Postings übersehe.
Bitte nicht böse sein.
Im Notfall bitte Kontakt per Mail versuchen.

NewsArchive
02-13-2019, 10:29 AM
> You can help me to aquiant Microsoft with my certificates by downloading
> this dummy installer from the following address:

Done from different IPs.

Friedrich

NewsArchive
02-13-2019, 10:29 AM
>> You can help me to aquiant Microsoft with my certificates by downloading
>> this dummy installer from the following address:
>
>Done from different IPs.
>
>Friedrich
>

(bow_down_to_the_ground)

:-)


Regards,
Wolfgang Orth
www.odata.de

Please note:
From time to time it happens, that I overlook a reply to my postings.
Please don't be angry.
In case of an emergency, try to contact me via mail.

Bitte beachten:
Von Zeit zu Zeit passiert es mir, dass ich Antworten auf meine Postings übersehe.
Bitte nicht böse sein.
Im Notfall bitte Kontakt per Mail versuchen.

NewsArchive
02-13-2019, 10:30 AM
>> You can help me to aquiant Microsoft with my certificates by downloading
>> this dummy installer from the following address:
>
>Done from different IPs.
>
>Friedrich


I just sent the file to VirusTotal and this is the result:
Link to the Website https://abc.odata.de/downloads/reputation/index.html - no problem!
https://www.virustotal.com/#/url/6b734f96ea0a8b947d7cca47df536300d8a75e2692626a0687 2e4ec6367cc7dd/detection

uploaded file
https://www.virustotal.com/#/file/522da075e2d390e89ba22dfdb0d013a0ce10e2205caddee57c 95b7b151040fba/detection

Jiangmin claims it to be a dropper.

Oh myyyy!

This Jianming does not appear on the first page.

So - whats next? Ignore, because I do not deliver to China?

What else? I have never heard of them.



Regards,
Wolfgang Orth
www.odata.de

Please note:
From time to time it happens, that I overlook a reply to my postings.
Please don't be angry.
In case of an emergency, try to contact me via mail.

Bitte beachten:
Von Zeit zu Zeit passiert es mir, dass ich Antworten auf meine Postings übersehe.
Bitte nicht böse sein.
Im Notfall bitte Kontakt per Mail versuchen.

NewsArchive
02-13-2019, 10:31 AM
> Jiangmin claims it to be a dropper.
>
> Oh myyyy!
>
> This Jianming does not appear on the first page.
>
> So - whats next? Ignore, because I do not deliver to China?
>
> What else? I have never heard of them.

Jiangmin is a never ending story. No way to get any feedback from these
guys.

http://www.lindersoft.com/forums/showthread.php?46564-Jiangmin-KV-Antivirus-(Definition-Version-2015-03-07)

Ignore them. Or send them an e-mail so they can ignore you <g>.

Friedrich

NewsArchive
02-13-2019, 10:32 AM
Hi Wolfgang,

Your (or SetupBuilder) reputation is perfect here. No warnings while
downloading and running.

Best regards,
---
Oleg Fomin
http://www.fomintools.com

NewsArchive
02-13-2019, 11:31 AM
>
>Ignore them. Or send them an e-mail so they can ignore you <g>.
>

Hahahahaha




Regards,
Wolfgang Orth
www.odata.de

Please note:
From time to time it happens, that I overlook a reply to my postings.
Please don't be angry.
In case of an emergency, try to contact me via mail.

Bitte beachten:
Von Zeit zu Zeit passiert es mir, dass ich Antworten auf meine Postings übersehe.
Bitte nicht böse sein.
Im Notfall bitte Kontakt per Mail versuchen.

NewsArchive
02-13-2019, 11:32 AM
>Hi Wolfgang,
>
>Your (or SetupBuilder) reputation is perfect here. No warnings while
>downloading and running.

Now that sounds cool!

Thank you so much!

Regards,
Wolfgang Orth
www.odata.de

Please note:
From time to time it happens, that I overlook a reply to my postings.
Please don't be angry.
In case of an emergency, try to contact me via mail.

Bitte beachten:
Von Zeit zu Zeit passiert es mir, dass ich Antworten auf meine Postings übersehe.
Bitte nicht böse sein.
Im Notfall bitte Kontakt per Mail versuchen.

NewsArchive
02-13-2019, 11:33 AM
>>Your (or SetupBuilder) reputation is perfect here. No warnings while
>>downloading and running.
>
> Now that sounds cool!
>
> Thank you so much!

You still need some more downloads to make the system happy. IMO, you'll be
done tomorrow evening or on Friday.

Fredrich

NewsArchive
02-14-2019, 03:06 PM
> If you could please download that dummy with several browsers from probably
> different IP-addresses.

ran on one PC only (sorry <g>)

--

best regards,
Guennadi

NewsArchive
02-14-2019, 03:07 PM
>> If you could please download that dummy with several browsers from probably
>> different IP-addresses.
>
>ran on one PC only (sorry <g>)

I am thankful though!

Its the power of the crowd. With some global testing it should work.

In the german NG I received 2 feedbacks, that the MSFT Windows Defender claims
to have detected a trojan, but VirusTotal has a complete different opinion on
that.

Sometimes I think, these guys are just tumbling dice.

Regards,
Wolfgang Orth
www.odata.de

Please note:
From time to time it happens, that I overlook a reply to my postings.
Please don't be angry.
In case of an emergency, try to contact me via mail.

Bitte beachten:
Von Zeit zu Zeit passiert es mir, dass ich Antworten auf meine Postings übersehe.
Bitte nicht böse sein.
Im Notfall bitte Kontakt per Mail versuchen.

NewsArchive
02-21-2019, 06:11 AM
I ran it, and saw no complaints.

Jeff Slarve
www.jssoftware.com

Ones and Zeros are my Heroes

NewsArchive
02-21-2019, 06:11 AM
Done on Chrome... no problem.

Ray Rippey
VMT Software

NewsArchive
02-21-2019, 06:11 AM
Also done on 2 machines/ 2 IPs without warnings.

But I'm a bit surprised, Wolfgang. Your code-signing certificate is dated
12/18/2017.

Have you not been using it for signed items that get downloaded in the past
year? Is this the first time Windows has tried to schütz you??

We don't just want to be building a reputation for the
WolfgangReputation.exe.

jf

NewsArchive
02-21-2019, 06:13 AM
>Also done on 2 machines/ 2 IPs without warnings.
>
>But I'm a bit surprised, Wolfgang. Your code-signing certificate is dated
>12/18/2017.

Well, yes, Jane, the project did not progress as planned, so the certificate is
nearly ran out, before we hit the streets. Ohhh myyy!



>
>Have you not been using it for signed items that get downloaded in the past
>year? Is this the first time Windows has tried to schütz you??

I have had some test installs on different machines, but not many, during the past year.
Most of them on my LAN. It has not been a problem so far.

>
>We don't just want to be building a reputation for the
>WolfgangReputation.exe.

WAIT!

What does that mean?

Does this newly aggregated reputation not span over all my EXEs now?

Please, don't plung me into desperation!

Regards,
Wolfgang Orth
www.odata.de

Please note:
From time to time it happens, that I overlook a reply to my postings.
Please don't be angry.
In case of an emergency, try to contact me via mail.

Bitte beachten:
Von Zeit zu Zeit passiert es mir, dass ich Antworten auf meine Postings übersehe.
Bitte nicht böse sein.
Im Notfall bitte Kontakt per Mail versuchen.

NewsArchive
02-21-2019, 06:16 AM
> WAIT!
>
> What does that mean?
>
> Does this newly aggregated reputation not span over all my EXEs now?
>
> Please, don't plung me into desperation!

You'll have to do it again when you have received a new code-signing
certificate!

Friedrich

NewsArchive
02-21-2019, 06:17 AM
>> WAIT!
>>
>> What does that mean?
>>
>> Does this newly aggregated reputation not span over all my EXEs now?
>>
>> Please, don't plung me into desperation!
>
>You'll have to do it again when you have received a new code-signing
>certificate!

That means, all my recent EXE with my recent certificate enjoy the same reputation.

Thats what I want!!! <phoooooooooo> <= sound_of_relief

Another cretificate, another game.

Not really what I want, but so are the rules.



Regards,
Wolfgang Orth
www.odata.de

Please note:
From time to time it happens, that I overlook a reply to my postings.
Please don't be angry.
In case of an emergency, try to contact me via mail.

Bitte beachten:
Von Zeit zu Zeit passiert es mir, dass ich Antworten auf meine Postings übersehe.
Bitte nicht böse sein.
Im Notfall bitte Kontakt per Mail versuchen.

NewsArchive
02-21-2019, 06:17 AM
Hi Wolfgang,

> That means, all my recent EXE with my recent certificate enjoy the same
> reputation.
>
> Thats what I want!!! <phoooooooooo> <= sound_of_relief
>
> Another cretificate, another game.
>
> Not really what I want, but so are the rules.

Yes, that is correct.

The rules are as follows:

1.) An .EXE *without* a code-signature can only build reputation for this
specific .EXE file. But only if you have luck <g>. There is no guarantee.
And if you recompile the .EXE, you have to try again to build a reputation.

2.) An .EXE *with* a code-signature from a standard code-signing certificate
builds a reputation for your certificate. When you buy a new code-signing
certificate, you have to start again.

3.) EV (extended validation) code-signing certificates are not required to
build or maintain reputation. An .EXE *with* a code-signature from an
Extended Validation code-signing certificate has reputation from day one.

But an Extended Validation Code Signing certificate requires a VERY strict
validation and authentication process and is very expensive. This is not
fun at all <g>. We have access to discounted Comodo EV-certificates, but
have not made them available yet.

Friedrich

NewsArchive
02-21-2019, 06:17 AM
Friedrich,

thanks for the clarification!

The way you described it is actually the cascade I expected it. Or hoped it to be.

What makes me wonder is, that only a few colleagues have requested this
community support for rapidly build a reputation.

Anyway, if someone else asks, we would not let him/her down!

Regards,
Wolfgang Orth
www.odata.de

Please note:
From time to time it happens, that I overlook a reply to my postings.
Please don't be angry.
In case of an emergency, try to contact me via mail.

Bitte beachten:
Von Zeit zu Zeit passiert es mir, dass ich Antworten auf meine Postings übersehe.
Bitte nicht böse sein.
Im Notfall bitte Kontakt per Mail versuchen.

NewsArchive
02-21-2019, 06:19 AM
I guess this is why I get a lot of slack from AV programs and Windows
after I first publish with a new code sign? We get dozens of downloads a
month, plus upgrades (not sure if that counts)... so I guess that builds
up our reputation for us?


Ray Rippey
VMT Software

On 02/20/19 3:14 AM, Friedrich Linder wrote:
> 2.) An .EXE*with* a code-signature from a standard code-signing certificate
> builds a reputation for your certificate. When you buy a new code-signing
> certificate, you have to start again.

NewsArchive
02-21-2019, 06:19 AM
Hi Ray,

> I guess this is why I get a lot of slack from AV programs and Windows
> after I first publish with a new code sign? We get dozens of downloads a
> month, plus upgrades (not sure if that counts)... so I guess that builds
> up our reputation for us?

You can use the following method to build up your reputation before you
publish with a new code-signing certificate:

http://www.lindersoft.com/forums/showthread.php?47837-Need-Help-SetupBuilder-certificate-2018-reputation-(screenshots-attached)

I would suggest to do this with Internet Explorer (Edge) and Google Chrome.

Downloads and program executions increase the reputation counter.

Friedrich