Sean Meighan

Welcome => Do You Need Help? Post it here => Topic started by: johnpucci@comcast.net on November 01, 2020, 05:22:43 PM

Title: On download "xLights64_2020_46.exe was blocked because it could harm your device
Post by: johnpucci@comcast.net on November 01, 2020, 05:22:43 PM

Tried a number of times to download xLights and always fails with the message "xLights64_2020_46.exe was blocked because it could harm your device."

Title: Re: On download "xLights64_2020_46.exe was blocked because it could harm your device
Post by: Ebuechner on November 01, 2020, 07:12:40 PM

That's normal. I have to turn off my virus software every time I download.
Windows will also try to block the install you have to tell it to run anyway.

Title: Re: On download "xLights64_2020_46.exe was blocked because it could harm your device
Post by: johnpucci@comcast.net on November 03, 2020, 04:49:06 PM

Ok thanks, will try that.

Title: Re: On download "xLights64_2020_46.exe was blocked because it could harm your device
Post by: Henry on November 14, 2020, 11:32:58 PM

I hit this also.  I went ahead and actually submitted (for an earlier version) the file for analysis to Microsoft, and they indicated that particular one I uploaded had no known virus/etc. 

However, this problem will continue to occur with each and every release, until the release binaries are digitally signed.

For now, I download xLights (bypassing these warnings), but leave the file alone for a few weeks, before running it through an online virus scanners a few weeks later.

I really hope adding digitally signed releases is on on the xLight roadmap.

Title: Re: On download "xLights64_2020_46.exe was blocked because it could harm your device
Post by: Gilrock on November 16, 2020, 12:31:28 PM

Its like child safety locks...eventually you learn how to deal with them...lol

Title: Re: On download "xLights64_2020_46.exe was blocked because it could harm your device
Post by: Henry on November 16, 2020, 01:34:51 PM

Sure, when you've never experienced the need for anti-malware, it all seems like an annoyance.  Similarly, once you've experienced the pain and frustration of malware, and the time it takes to rebuild, then suddenly security becomes important.

xLights HAS a solution to making the releases trustable ... and it's a well understood process.  Releases must be digitally signed, to provide a digital identity for the software and provide evidence that the software is what the author intended to provide.  This also allows some level of trust to "carry over" between versions, because it's tied to the same identity.  The digital signature also provides users with the ability to know that the software hasn't been changed since it was signed (including after download), which provides additional protection.  Digital signing of releases is a strong indication of a software's maturity.

I do wish that the process of securely signing software (both the binaries and the installers) was much easier, and especially wish that popular open-source programs had available a way to digitally size at zero/low cost.

Title: Re: On download "xLights64_2020_46.exe was blocked because it could harm your device
Post by: Gilrock on November 16, 2020, 01:39:08 PM

You're probably sitting in your house alone wearing a mask aren't you.