Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
The .exe I'm building is currently recognized by Avast as "File might be dangerous". It is not a false positive because the antivirus software finally doesn't find any virus in it, but just an alarm saying that this file has been "rarely downloaded".
I've contacted Avast but they don't seem to offer a solution except sending them the .exe for whitelisting.
Things I have tried, but that didn't solve the problem:
Have proper resource.rc file in Visual C++, with details about the .exe: BLOCK "StringFileInfo", VALUE "CompanyName", "MyCompany\0", etc.
Use makecert, certutil, signtool as detailed in this answer: How do I create a self-signed certificate for code signing on Windows?
Things that won't work:
Add to local avast exclusion (I can't ask every customer to do this!)
Redo a "Submit file to Avast Lab for scan" for each new build of the .exe. It's not scalable to have to re-submit the .exe to Avast (and all other 50+ antivirus software!) for each new build.
Paying $200 per year for code-signing (it might work, but I don't find it fair to have to give a $xxx ransom per year just for being whitelisted)
Are there common solutions that can help to avoid "Rarely downloaded file / File might be suspicious" antivirus alarms?
Note: I've read How to prevent my .exe to be recognized as malware?, how can I make my software not to be discovered by antivirus?, but it did not really cover the topic here.
Note2: I've read these guidelines, etc. but it did not currently help.
It depends of what this exe going to do. I've seen these av balloons two times.
First when I've add some compiled assembler code into (signed?) exe file and another one happens when I'd deploy system wide hook to catch all keystrokes in the system while app is inactive (exe were not enough for it and there were own dll).
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
can somebody explain to me please:
1) Can a py file just by its mere "existence" on your hard drive (if not opening it), cause any kind of malicious harm for your computer system? And if your goal is only to see the content (text of code) of the file, how could you open it to be 100% sure it could not harm your system (for example by the standard text editor tool?)? Or can you only get to the content with Python specific programs?
2) If someone asks you to look at her python code, and wants to send you for this reason several py files - could opening such file harm your computer system/perform "malicious" actions (how?)?
Please take into account for your answer, these three different ways of how you would open the files:
a) you open with the program from python.org
b) you open with a IDE
And a third question:
3) What about the official program from python.org itself - does this program somehow open up your system to additional internet attack types, just by having it installed?
Finally,
4) Is it more secure in terms of online security, to interact with python programs on a separate computer and not the one you do everyday business?
Thanks community!
Q1: No, it's just a text file. So you can view it with any text editor
Q2. If you mean by "opening", viewing in text edit, see answer to Q1. If by opening, you mean executing the script, then the answer depends on what the script does
web services don't run on your local computer, so they can't harm it.
Q3. The answer is no, because python installed on your computer is dormant.
Q4: There are lots of thing you can do on your computer which can do damage. For instance, you could delete all your files in your file explorer. Surely you already have backups?
Python scripts are human readable which makes them a very ineffective place to put secret code which does nasty things.
I've never heard anyone put python anywhere in a list of security risks, but if you are worried, use virtual box and run it in a virtual machine. I do a lot of my python development in a virtual machine, but not to minimise security risks ... there are other advantages to VMs (such as ease of backup, ease of moving to another computer). The other advantage, if you are using Windows, is that you can use a Linux VM, such as Ubuntu, which is a better experience for modern development. I think because of this, Microsoft has actually made it easy to install Ubuntu directly into Windows, if you have a recent version on Windows 10, so that's another option (e.g. https://tutorials.ubuntu.com/tutorial/tutorial-ubuntu-on-windows#0)
I haven't look at web IDEs for a while. As long as they have interactive python debugging, they could be a good option. I had the impression that cloud 9, now an amazon offer, was the best one, last time I checked them out.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 6 years ago.
Improve this question
I just became familiar with ember js and came to know that I have to build ember app and deploy the dist folder to my server. As I join new job and they were already using ember so I have to use it but I figured out some thing very bad. I wanted to share and ask for clarification.
It creates one large js file which was near 2MB and will increase as modules usage and features will increase.
As it is compiled to one file I cannot figure out which feature was broken and I have to look at it in the latest release or some thing like that.
While developing when I run the ember server it kills me when it is taking time.
Please let me know if you know some good points about ember also the bad points.
Before this question gets closed, let me slip in some thoughts:
It creates one large js file which was near 2MB and will increase as modules usage and features will increase.
Yes, it does. Basically, Ember is large. People have been exploring approaches to this for years, but AFAIK there is no silver bullet at the moment.
As it is compiled to one file I cannot figure out which feature was broken and I have to look at it in the latest release or some thing like that.
I don't understand this part of your question. Perhaps you could provide details on a specific case.
While developing when I run the ember server it kills me when it is taking time.
It's most likely the build process, not the server, which is slow. There are some approaches to solving this, including running the Windows console in administrator mode, which you can find by googling for "ember build slow". Here's a possibly out-of-date SO question on the topic. The simplest approach is to get a faster machine with SSD, and/or work on Mac/Linux.
Please let me know if you know some good points about ember also the bad points.
Many people love Ember. Many people hate it. Many people have a love-hate relationship with it. It appears that the current Ember adoption rate is in the low-to-mid single digits. Draw your own conclusions.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I've finished a little application in c++ that parses a table of ~15k records into a .csv file.
The problem I'm having is that a third-party application that's supposed to use this file as source (Magmi) won't recognize the fields from my generated csv. However, if I simply open the same file with Open Office Calc and export it again as a .csv, it works perfectly fine with no other changes whatsoever.
I initially thought this might be a windows CR/LF issue, so I recompiled the application on linux and checked with notepad++ to make sure there's no surplus CR in there, and there isn't. All the line endings are LF.
Can someone please give me a hint as to what am I missing?
Thanks
It turns out it was a permissions issue that was causing the problem. Since my dev. environment is set on a VM, I was copying the output file into the import folder (never really though to see if the permissions were the cause). The ownership remained with the original user the file originated from, causing it to work when it was exported from Open Office, but failing when I tried to use the original one.
Thanks all.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I store my school programming work on google drive. From home I just access the google drive file on my computer, but I can't do that from school.
Can anybody recommend an app for editing cpp files in google drive? Preferably free, poor college student and all that.
I found drivecode, but it doesn't seem to work with cpp files and on header files it's not doing any markup.
Neutron Drive seems like exactly what I need, but it's not free.
Alternatively, any suggestions on another cloud-based development platform that I could use would work too.
screw Google driver, for single files use
https://gist.github.com/
http://collabedit.com/
for large project as said above, start learning mercurial. later you will need it professionally.
In light of the comments under the question, I think the best option is actually to use a service like gitHub, mercurial, bazaar, or svn, because of the availability of version control in those platforms.
You might also want to try out Google Code, it's not quite as advanced as GIT and hopefully it's not blocked either. Also, you already have a Google account, so you won't have to make a new account for anything.
Google Code allows full editing capabilities online, but you can also create a repository using it and download your code when you're ready to compile. You may need to learn a little bit about it before you can start, but once you upload your code you can edit it all right there, and it also formats automatically, making it better than Drive.
If Google Code is in fact blocked, I would also suggest trying GIT or some other service, but they're a little more advanced. Google Code has served me well for simple projects in the past.
Go to http://code.google.com
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I have created an app (some kind of "client" app) that will have a "bug report" feature. The feature consists with pure text area from which the text should be sent and saved to a text file on the free host. Is it possible? If so, which c++ library could give me such ability?
EDIT:
In my intentions it had to be a simple application that a user has on his own computer. After finding some bug in my app there should be the "bug report" feature that will allow him to send the data (pure text) to some place that only I could reach. I was just thinking about free hosting (because it's... free), and save the data into a text file there. I'm sorry if my question wasn't appropriate.
If your free hosting permits it (and you should check that) you might code a CGI program, or a fastCGI application. There are several C++ libraries which might help, like libcgicc etc.
If you can afford a web server, there exist C++ libraries providing HTTP service, in particular Wt or (in C) Onion etc.
You could also consider other technologies, like OpaLang or Ocsigen (but I would not recommend PHP, even if it is a lot used).
MAybe your hosting enable ssh so you could use scp ....
And if your application is free software (e.g. GPL licensed), several free software hosting (freecode, sourceforge, github, gitorious ...) may offer also a bug database facility.