Jump to content

Codesign price Help me

rootx

By rootx,
in Developer General Discussion

 Share

Recommended Posts

rootx Universalist

rootx

Posted
Posted (edited)

Hi guys, I'm tired of having false positive problems, there is no life to free software without a digital signature, do you have a free method? I do not think you have it, I found this offer that you think of it, any suggestion is welcome. THX

<snip>

Edited by Melba23
Link removed
Link to comment
Share on other sites
iamtheky Universalist

iamtheky

Posted
Posted (edited)

https://www.globalsign.com/en/code-signing-certificate/code-signing-tool/

 

you will still have false positives, especially if you packed with UPX.

Edited by iamtheky 

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Link to comment
Share on other sites
  • Moderators
Melba23 Universalist

Melba23

Posted
  • Moderators
Posted

rootx,

You should know by now we do not accept links to payware.

M23

Public_Domain.png.2d871819fcb9957cf44f4514551a2935.png Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind

Open spoiler to see my UDFs:

Spoiler

ArrayMultiColSort ---- Sort arrays on multiple columns
ChooseFileFolder ---- Single and multiple selections from specified path treeview listing
Date_Time_Convert -- Easily convert date/time formats, including the language used
ExtMsgBox --------- A highly customisable replacement for MsgBox
GUIExtender -------- Extend and retract multiple sections within a GUI
GUIFrame ---------- Subdivide GUIs into many adjustable frames
GUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView items
GUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeView
Marquee ----------- Scrolling tickertape GUIs
NoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxes
Notify ------------- Small notifications on the edge of the display
Scrollbars ----------Automatically sized scrollbars with a single command
StringSize ---------- Automatically size controls to fit text
Toast -------------- Small GUIs which pop out of the notification area

 

Link to comment
Share on other sites
rootx Universalist

rootx

Posted
  • Author
Posted
16 hours ago, iamtheky said:

https://www.globalsign.com/en/code-signing-certificate/code-signing-tool/

 

you will still have false positives, especially if you packed with UPX.

I tried without success.. can you explain how to use it

I have installed .net framework 4.6 and I have C:\Program Files (x86)\Windows Kits\10\bin\x64\signtool.exe but I recive this error

 

x.PNG

Link to comment
Share on other sites
iamtheky Universalist

iamtheky

Posted
Posted (edited)

use the command line arguments provided in the instructions, and not whatever GUI that is?

but again, and this time with feeling; if you are trying to eliminate 'false positives' this is not the answer.  You will just have a self-signed exe that throws false positives, most likely because you just hit F7 and prayed real hard. 

Edited by iamtheky 

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Link to comment
Share on other sites
spudw2k Universalist

spudw2k

Posted
Posted

I doubt it...that's be pretty naive to assume just because a program is signed it is not malicious.  Malware, to my greater knowledge, is based on file heuristics regardless if it is digitally signed or not.  

Spoiler

Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of CardsHideItICUIcon FreezerIpod EjectorJunos Configuration ExplorerLink DownloaderMD5 Folder EnumeratorPassGen ◊ Ping ToolQuick NICRead OCRRemoteITSchTasksGuiSpyCamSystem Scan Report ToolSystem UpTimeTransparency Machine VMWare ESX Builder
Misc Code Snippets: ADODB ExampleCheckHover ◊ Detect SafeModeDynEnumArrayGetNetStatData ◊ HashArrayIsBetweenDates Local AdminsMake ChoiceRecursive File ListRemove Sizebox StyleRetrieve PNPDeviceIDRetrieve SysListView32 ContentsSet IE Homepage Tickle Expired PasswordTranspose Array
Projects: Drive Space Usage GUI ◊ LEDkITPlasma_kIt ◊ Scan Engine BuilderSpeeDBurnerSubnetCalc
Cool Stuff: AutoItObject UDF Extract Icon From ProcGuiCtrlFontRotateHex Edit FuncsRun binaryService_UDF

 

Link to comment
Share on other sites
rootx Universalist

rootx

Posted
  • Author
Posted
10 hours ago, spudw2k said:

I doubt it...that's be pretty naive to assume just because a program is signed it is not malicious.  Malware, to my greater knowledge, is based on file heuristics regardless if it is digitally signed or not.  

If the software is not signed, it is automatically seen as potentially dangerous, and if you had read the new Google policy regarding the no ssl web sites and software not signed would understand the issue better.

The programs should have a valid code signing issued and verified by a certificate authority presenting verifiable publisher information.

https://www.google.com/about/company/unwanted-software-policy.html

 

Link to comment
Share on other sites
spudw2k Universalist

spudw2k

Posted
Posted

Well, I was talking about malware in general in response jguinch.  I don't see where Google was brought up in this thread until you just did.

Spoiler

Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of CardsHideItICUIcon FreezerIpod EjectorJunos Configuration ExplorerLink DownloaderMD5 Folder EnumeratorPassGen ◊ Ping ToolQuick NICRead OCRRemoteITSchTasksGuiSpyCamSystem Scan Report ToolSystem UpTimeTransparency Machine VMWare ESX Builder
Misc Code Snippets: ADODB ExampleCheckHover ◊ Detect SafeModeDynEnumArrayGetNetStatData ◊ HashArrayIsBetweenDates Local AdminsMake ChoiceRecursive File ListRemove Sizebox StyleRetrieve PNPDeviceIDRetrieve SysListView32 ContentsSet IE Homepage Tickle Expired PasswordTranspose Array
Projects: Drive Space Usage GUI ◊ LEDkITPlasma_kIt ◊ Scan Engine BuilderSpeeDBurnerSubnetCalc
Cool Stuff: AutoItObject UDF Extract Icon From ProcGuiCtrlFontRotateHex Edit FuncsRun binaryService_UDF

 

Link to comment
Share on other sites
iamtheky Universalist

iamtheky

Posted
Posted (edited)

wait, if you need a valid CA and you don't want to pay, you may want to go look at Let's Encrypt.

But these just say that you existed before, and someone gave you a sticker that says you existed, and they know for sure you exist now because they gave you a sticker.  Still not going to change your false positive rate.

Edited by iamtheky 

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Link to comment
Share on other sites
TheSaint Universalist

TheSaint

Posted
Posted

Sometimes there is just no working around things, and Life isn't easy.

Are you, like iamtheky suggested, using UPX or another compressor/packer?
That can make it harder to scan your program, especially by slack AV or those who go over the top with protection.

I was recently asked why my programs get so few positives (about 99% success rate when submitted). And I couldn't really say. Except that it might be due to level of complexity or the older version of AutoIt (v3.3.0.0) and UPX that I use, my reputation (sic) and no password ... or all three four etc. ;)

Make sure brain is in gear before opening mouth!
Remember, what is not said, can be just as important as what is said.

Spoiler

What is the Secret Key? Life is like a Donut

If I put effort into communication, I expect you to read properly & fully, or just not comment.
Ignoring those who try to divert conversation with irrelevancies.
If I'm intent on insulting you or being rude, I will be obvious, not ambiguous about it.
I'm only big and bad, to those who have an over-active imagination.

I may have the Artistic Liesense ;) to disagree with you. TheSaint's Toolbox (be advised many downloads are not working due to ISP screwup with my storage)

userbar.png

Link to comment
Share on other sites
TheDcoder Universalist

TheDcoder

Posted
Posted

You can upload your program to VirusTotal so that security experts can analyse your program, they may rarely fix the false positive in their Anti-Virus software.

EasyCodeIt - A cross-platform AutoIt implementation - Fund the development! (GitHub will double your donations for a limited time)

DcodingTheWeb Forum - Follow for updates and Join for discussion

Link to comment
Share on other sites
jguinch Universalist

jguinch

Posted
Posted

For my part, I manage the antivirus protection for my company's network. I make an exclusion rule for each compiled (based on the full path name) and I have zero false positive.
I asked the question to the support : can I avoid a false positive by signing the program. The answer is : "no. You have to submit your exe file to the false positive form on our web site". Same thing for each antivirus.


 

Spoiler

Network configuration UDF,  _DirGetSizeByExtension, _UninstallList      Firefox Configuration
Array multi-dimensions, Printer Management UDF

 

Link to comment
Share on other sites
rootx Universalist

rootx

Posted
  • Author
Posted
18 hours ago, jguinch said:

For my part, I manage the antivirus protection for my company's network. I make an exclusion rule for each compiled (based on the full path name) and I have zero false positive.
I asked the question to the support : can I avoid a false positive by signing the program. The answer is : "no. You have to submit your exe file to the false positive form on our web site". Same thing for each antivirus.


 

Same answer.....

A question might be, how do you certify applications with obfuscated code, the software company encrypts the source code even with passwords, I recommend everyone to read this article by a developer that everyone knows or almost!

http://blog.nirsoft.net/2009/05/17/antivirus-companies-cause-a-big-headache-to-small-developers/

Link to comment
Share on other sites
TheSaint Universalist

TheSaint

Posted
Posted (edited)

Exclusion is certainly the way to go, if you have Admin Rights.

In fact, I exclude my Projects & Projects Backup drives, to speed up things and ensure nothing nasty happens. They are encrypted container files anyway and the drives don't exist when they are closed. But that's all at the other end of your story.

So, like has been said, you can't do much more than Exclude & Submit ... and the situation isn't likely to change anytime soon ... maybe even get worse, for we are at the whim of the AV companies.

Edited by TheSaint

Make sure brain is in gear before opening mouth!
Remember, what is not said, can be just as important as what is said.

Spoiler

What is the Secret Key? Life is like a Donut

If I put effort into communication, I expect you to read properly & fully, or just not comment.
Ignoring those who try to divert conversation with irrelevancies.
If I'm intent on insulting you or being rude, I will be obvious, not ambiguous about it.
I'm only big and bad, to those who have an over-active imagination.

I may have the Artistic Liesense ;) to disagree with you. TheSaint's Toolbox (be advised many downloads are not working due to ISP screwup with my storage)

userbar.png

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...