This morning I am getting repeated warnings from Bitdefender that rosetta is trying to install ransomware.

So far files are are flagged as "recovered" (implying reset to prev versions).

This appears to be an ongoing problem as previous msgs have noted it.

A fix?

Allowing bypass of check is not a fix.

Thanks.
Richard

A fix?

Advise Bitdefender there is a problem with their software that they need to fix, and point them here to Rosetta's web site.

Allowing bypass of check is not a fix.

It is when the check is the problem.

---

Grant
Darwin NT

Advise Bitdefender there is a problem with their software that they need to fix, and point them here to Rosetta's web site.

Yes, there are 2 sides to the issue. Rosetta code *appears* to be ransomware. Bitdefender is doing it's job.

Both sides need to know what is going on, so both have been advised. And both need to look at it.

Allowing bypass of check is not a fix.

It is when the check is the problem.

No, the Rosetta software is the problem. Unless you know 100% the issue is false bypassing the check is a risk.

No, the Rosetta software is the problem.

No, it's not.
Software that says there is a problem, when there isn't, is faulty. Broken. Not working. So the producers of that software need to fix it.
It's called a False positive, and it happens all too often when AV/Malware companies get sloppy.

Unless you know 100% the issue is false bypassing the check is a risk.

And since Rosetta isn't a problem, it's not a risk.

---

Grant
Darwin NT

No, the Rosetta software is the problem.

No, it's not.
Software that says there is a problem, when there isn't, is faulty. Broken. Not working. So the producers of that software need to fix it.
It's called a False positive, and it happens all too often when AV/Malware companies get sloppy.

Unless you know 100% the issue is false bypassing the check is a risk.

And since Rosetta isn't a problem, it's not a risk.

So someone else's software is always a problem, is that what you are saying?

Unless you, personally, know that Rosetta is absolutely safe, by testing and does not trigger any known tests then it needs to be confirmed.

That is what should be happening with *both* parties.

Bitdefender is aware of the issue, but what is the Rosetta project doing?

The reason for posting the issue here is to advise Rosetta and other users of the issue.

So someone else's software is always a problem, is that what you are saying?

When theirs is the only software making the claim, yes. When what they are making the claim about isn't malicious, it isn't what they claim it to be, then it is obviously a false claim. Because this happened every few months at Seti when one AV programme or anther stuffed up one of their updates. False positives galore. It's happened before, it'll happen again.

Unless you, personally, know that Rosetta is absolutely safe, by testing

Thousands of Tasks downloaded, still no hijacked system. I think that's a pretty good indication. Tens of thousands of other people/systems doing work for the project, with no such claims from their AV software, no problems with their systems is a pretty good indication. That's a lot of testing.

Bitdefender is aware of the issue, but what is the Rosetta project doing?

No idea if they are doing anything, don't know what the time is over there.
And the only thing for them to do, is point Bitdefender to this site & ask them to substantiate their false claims.

The reason for posting the issue here is to advise Rosetta and other users of the issue.

It is always good to know when there is a problem with AV/Malware software returning false positives.

---

Grant
Darwin NT

So someone else's software is always a problem, is that what you are saying?When theirs is the only software making the claim, yes.

But how is that known unless someone asks?
What you are saying is "don't bother us".
IMO, not a reasonable approach.
EOT.

So someone else's software is always a problem, is that what you are saying?When theirs is the only software making the claim, yes.

But how is that known unless someone asks?
What you are saying is "don't bother us".

It's a shame you didn't bother reading the last line in my previous post.
*shrug*

---

Grant
Darwin NT

So someone else's software is always a problem, is that what you are saying?When theirs is the only software making the claim, yes.

But how is that known unless someone asks?
What you are saying is "don't bother us".

It's a shame you didn't bother reading the last line in my previous post.
*shrug*

Then why didn't you just say that (I did read it...).

Of course, you could have said that in the first place.

This sort of discussion just puts people off.

EOT = don't bother to reply.

Because this happened every few months at Seti when one AV programme or anther stuffed up one of their updates. False positives galore. It's happened before, it'll happen again.

To confirm, it regularly happens at Rosetta too. Before long, an AV update usually solves the issue.
In the end, exclusion of the Boinc data directories is the wisest solution.

The idea that programmers here are going to inject dodgy code when it's such a lot of work to get the coding of tasks right is... yeah, that's not going to happen. Other projects, I don't know about, but not here.

---