You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@openoffice.apache.org by Issy & Vern <ve...@care4free.net> on 2014/04/29 18:54:16 UTC
Open Office 4.1.0 - McAfee Couldn't Verify
Hello,
I’m in the UK. I’ve downloaded OO 4.1.0 from Sourceforge.net. McAfee gave me a red shield with a warning that it could not verify the supplier of the software.
Help please.
Thanks,
Vernon Ford
PS - OO is great and has not given me this problem before.
Re: Open Office 4.1.0 - McAfee Couldn't Verify
Posted by Rob Weir <ro...@apache.org>.
On Tue, Apr 29, 2014 at 10:08 PM, Fernando Cassia <fc...@gmail.com> wrote:
> On Tue, Apr 29, 2014 at 1:54 PM, Issy & Vern <ve...@care4free.net> wrote:
>> McAfee gave me a red shield with a warning that it could not verify the supplier of the software.
>
> I wonder if this is realted to the Windows feature of digitally
> signing executables aka authenticode?
> http://msdn.microsoft.com/en-us/library/ie/ms537361%28v=vs.85%29.aspx
> http://blog.didierstevens.com/2008/12/31/howto-add-a-digital-signature-to-executables/
>
> Does Apache sign its releases w authenticode? never checked.
>
> In any case, the lack of an authenticode signature is no danger by
> itself, if you check the file integrity by other means (ie SHA256SUM).
> Although I admit it´d be nice to have Apache identified as a software
> publisher via authenticode signature of the executables...
>
Modern anti-virus programs have something called "reputation" checks.
If you try to run a program, it does the normal scan for known
viruses. But then it also checks to see if other users have
encountered that program before as well. If many people have run it,
and reported no problems, then it is given the green light. If it is
a program that few people have run, then it is flagged as high risk.
The problem fixes itself after a few days, as more and more people
install AOO 4.1 and the anti-virus companies see AOO 4.1 as common.
Code signing with Authenticode would help as well. They might trust
signed programs, even if they are uncommon.
Regards,
-Rob
> FC
> --
> During times of Universal Deceit, telling the truth becomes a revolutionary act
> - George Orwell
>
> -------------------------------------------
> List Conduct Guidelines: http://openoffice.apache.org/list-conduct.html
> To unsubscribe, e-mail: users-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: users-help@openoffice.apache.org
>
-------------------------------------------
List Conduct Guidelines: http://openoffice.apache.org/list-conduct.html
To unsubscribe, e-mail: users-unsubscribe@openoffice.apache.org
For additional commands, e-mail: users-help@openoffice.apache.org
Re: Open Office 4.1.0 - McAfee Couldn't Verify
Posted by Fernando Cassia <fc...@gmail.com>.
On Tue, Apr 29, 2014 at 1:54 PM, Issy & Vern <ve...@care4free.net> wrote:
> McAfee gave me a red shield with a warning that it could not verify the supplier of the software.
I wonder if this is realted to the Windows feature of digitally
signing executables aka authenticode?
http://msdn.microsoft.com/en-us/library/ie/ms537361%28v=vs.85%29.aspx
http://blog.didierstevens.com/2008/12/31/howto-add-a-digital-signature-to-executables/
Does Apache sign its releases w authenticode? never checked.
In any case, the lack of an authenticode signature is no danger by
itself, if you check the file integrity by other means (ie SHA256SUM).
Although I admit it´d be nice to have Apache identified as a software
publisher via authenticode signature of the executables...
FC
--
During times of Universal Deceit, telling the truth becomes a revolutionary act
- George Orwell
-------------------------------------------
List Conduct Guidelines: http://openoffice.apache.org/list-conduct.html
To unsubscribe, e-mail: users-unsubscribe@openoffice.apache.org
For additional commands, e-mail: users-help@openoffice.apache.org
Re: Open Office 4.1.0 - McAfee Couldn't Verify
Posted by Greg Madden <go...@gci.net>.
On Tuesday 29 April 2014 08:54:16 you wrote:
> Hello,
>
> I’m in the UK. I’ve downloaded OO 4.1.0 from Sourceforge.net.
> McAfee gave me a red shield with a warning that it could not verify
> the supplier of the software. Help please.
>
> Thanks,
> Vernon Ford
>
> PS - OO is great and has not given me this problem before.
You can verify it yourself, a good skill to have.
http://www.openoffice.org/download/checksums.html
--
Peace,
Greg
-------------------------------------------
List Conduct Guidelines: http://openoffice.apache.org/list-conduct.html
To unsubscribe, e-mail: users-unsubscribe@openoffice.apache.org
For additional commands, e-mail: users-help@openoffice.apache.org