Windows Defender false alarm #16
Comments
|
@ooiikkjj — Thank you for pointing out this problem with Windows Defender. cal-4018 does not contain any viruses. It is compiled from human-readable source code, using a compiler whose source code is part of that human-readable source code. The source code is short enough that individual persons can, and have, read and analyzed all of the code in various versions of the CAL. Windows Defender keeps a library of tiny snippets of executable code. For example, it thought that the code "to bump a rider" along a string in cal-4016 was suspicious. (This code literally just incremented two pointers.) One of the changes in cal-4018 was a minor change in how this incrementing was done, which (for a while) caused Windows Defender to not complain about cal-4018. At this time, I do not have time to investigate this issue. But if you (and/or someone else) can identify:
Then I will be happy to:
You do not need to do all four steps yourself. Simply providing Windows Defender's full complaint about cal-4018 would be helpful. |
|
Thank you for the response
(Also thank you for keeping Plain English active...it's a mightily
worthwhile project, but still haven't seen something awesome made with it
yet!)
Here's the Windows Defender message below; the other things you suggest are
far beyond my programming ability (am a novice!)
[image: image.png]
…On Sat, May 29, 2021 at 6:59 PM Folds ***@***.***> wrote:
@ooiikkjj <https://github.com/ooiikkjj> — Thank you for pointing out this
problem with Windows Defender.
cal-4018 does not contain any viruses. It is compiled from human-readable
source code, using a compiler whose source code is part of that
human-readable source code. The source code is short enough that individual
persons can, and have, read and analyzed all of the code in various
versions of the CAL.
cal-4018 is capable of copying files, and of making a new version of
itself. But it only does so in response to specific requests by the user.
The documentation explains how to make such requests.
Windows Defender keeps a library of tiny snippets of executable code. For
example, it thought that the code "to bump a rider" along a string in
cal-4016 was suspicious. (This code literally just incremented two
pointers.) One of the changes in cal-4018 was a minor change in how this
incrementing was done, which (for a while) caused Windows Defender to not
complain about cal-4018.
At this time, I do not have time to investigate this issue. But if you
(and/or someone else) can identify:
- What virus Windows Defender is complaining about,
- Which snippet of executable code is making Windows Defender
suspicious,
- Which line(s) of source code correspond to that executable code, and
- A proposed change to the source code that is functionally
equivalent, but allays Windows Defender's suspicions,
Then I will be happy to:
- Verify that the proposed change is functionally equivalent, and
- Release an updated version of the CAL.
You do not need to do all four steps yourself. Simply providing Windows
Defender's full complaint about cal-4018 would be helpful.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#16 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ASAJO57RLF2S3FVK3WVLUE3TQFWUPANCNFSM45YO4HHQ>
.
--
***@***.*** is a temp mail id used while travelling
please reply to *original email id* you'd sent the email to
|
cal-4018 shows up in Windows Defender as infected by virus
is there a new version?
thanks...
The text was updated successfully, but these errors were encountered: