Why has the latest version of the StarMade Starter been listed as a Virus of some kind in this report by some antivirus companies? Report: https://www.virustotal.com/en/file/...d5d399f0040571b7b0d64994/analysis/1410450053/
- Joined
- Jan 22, 2014
- Messages
- 1,047
- Reaction score
- 299
I'm guessing because the current version is very new and those two companies didn't yet update their heuristics.
- Joined
- Aug 15, 2013
- Messages
- 436
- Reaction score
- 39
What now worries me more is that I have scanned http://star-made.org/ with a trigger active scan recommended by Virus Total which has generated a report saying that http://star-made.org/ is likely to compromise due to an outdated server (which can be easily patched): http://sitecheck.sucuri.net/results/star-made.org
NeonSturm
StormMaker
- Joined
- Dec 31, 2013
- Messages
- 5,110
- Reaction score
- 617
1 / 2 maybe, dunno.
Neither extreme is good neither greeding enough power to rule a democratic country by a service everybody depends on as a single person.
I think peoples which work hard should get more money. But they should not get as much money as a person earns in 10 years in 1 year.
Marking StarMade as Virus ... imagine what else they are capable of!!!
Neither extreme is good neither greeding enough power to rule a democratic country by a service everybody depends on as a single person.
I think peoples which work hard should get more money. But they should not get as much money as a person earns in 10 years in 1 year.
Sure, if somebody did something greater than most others, this could grant him some "insurance" which makes him able to manage greater things of more value.
I am not for a government ruled economy. But to make laws which force companies of minimum possible size to work together and avoid 1 person ruling all either by force, law or owning.
But I think a manager earning 10* as much as a worker is essentially stealing.
You could argue big company, big money, big gain and this is only a small percentage, but what did this company do to grow that big? It ruined chances for others to even get there!
Everything that gives >200% win / 10 years should be taxed heavily. The problem is that this must apply world-wide or all rich go away and such a country is drained of money.
The problem is that peoples are used to have rich and poor. Why should some human inherit millions of dollar or Euro?
No human should stand (far) above others, unless he proofs he can manage that amount of money for the greater good or helped with an invention, etc so much that you can't deny him to act in a bigger scale.
The problem with that is that evil exists where good don't act against it or are blinded by complex law created by the evil. We have to change and statistical thinking+software and education might give us the chance for it. We live longer than peoples 500 years ago, hopefully we can also learn more - at least thinking in a bigger scale.
Public resources should go where they do most good, but the peoples which produced them should have a voice and compensation.
I am not for a government ruled economy. But to make laws which force companies of minimum possible size to work together and avoid 1 person ruling all either by force, law or owning.
But I think a manager earning 10* as much as a worker is essentially stealing.
You could argue big company, big money, big gain and this is only a small percentage, but what did this company do to grow that big? It ruined chances for others to even get there!
Everything that gives >200% win / 10 years should be taxed heavily. The problem is that this must apply world-wide or all rich go away and such a country is drained of money.
The problem is that peoples are used to have rich and poor. Why should some human inherit millions of dollar or Euro?
No human should stand (far) above others, unless he proofs he can manage that amount of money for the greater good or helped with an invention, etc so much that you can't deny him to act in a bigger scale.
The problem with that is that evil exists where good don't act against it or are blinded by complex law created by the evil. We have to change and statistical thinking+software and education might give us the chance for it. We live longer than peoples 500 years ago, hopefully we can also learn more - at least thinking in a bigger scale.
Public resources should go where they do most good, but the peoples which produced them should have a voice and compensation.
Marking StarMade as Virus ... imagine what else they are capable of!!!
Last edited:
- Joined
- Jan 22, 2014
- Messages
- 1,047
- Reaction score
- 299
Not if you don't have direct control over the web server. Star-made.org is in fact running with nginx 1.1.19, which is rather old—however, I could find only one known vulnerability which is of no concern to us, because, as I was told, star-made.org is not using the respective module.
MossyStone48
Cmdr Deathmark
- Joined
- May 29, 2013
- Messages
- 1,255
- Reaction score
- 432
guys. jokes aside. please stay on topic.
there might be a slight issue with signing on the new launcher. The old launcher still works just fine. Use it if you have any doubts. Just don't let it update itself.
there might be a slight issue with signing on the new launcher. The old launcher still works just fine. Use it if you have any doubts. Just don't let it update itself.
What about this though (this is the McAfee definition of what the Qihoo-360 antivirus was saying)?: http://home.mcafee.com/virusinfo/virusprofile.aspx?key=1317304#none
- Joined
- Jan 22, 2014
- Messages
- 1,047
- Reaction score
- 299
Uhm. That is an old CVE about a vulnerability in the browser plugin. I don't see what this has to do with Java desktop applications.
What about the other one (I have attached the McAfee PDF report that defines what the other antivirus said)?
For those of you who do not want to download the PDF version, I have found the online version: https://kc.mcafee.com/resources/sit..._Labs_Threat_Advisory_ExploitCVE2011-3544.pdf
For those of you who do not want to download the PDF version, I have found the online version: https://kc.mcafee.com/resources/sit..._Labs_Threat_Advisory_ExploitCVE2011-3544.pdf
Last edited by a moderator:
I read the report, and I caught onto this point:
“Unspecified vulnerability in the Java Runtime Environment component
in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start
applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors
related to Scripting"
Two things from this which I'd like to point out.
1. This is a weakness in Java from January 2012, with a very old version of Java. So unless you have a version that's over two years old, even if this was a malicious code, it won't work since it relies on that very old version.
2. The reason it's probably ringing up as bad is due to it having a similar code to whatever that virus did. I won't say it's common but false positives do happen from time to time by unintentionally writing code which part of it looks close enough for a virus scanner to ring up as suspect.
I'm really willing to wager it's a false positive, since this was patched a long time ago. You can always bring it up in the scanner company's support forums, but it's really unlikely someone's going to use such an outdated weakness which I would be horribly stunned if it wasn't patched by now to attack someone's machine with.
I'm also willing to wager since only two of those scanners out of 54 saw something (and two different things), it's very likely it's a false positive.
“Unspecified vulnerability in the Java Runtime Environment component
in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start
applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors
related to Scripting"
Two things from this which I'd like to point out.
1. This is a weakness in Java from January 2012, with a very old version of Java. So unless you have a version that's over two years old, even if this was a malicious code, it won't work since it relies on that very old version.
2. The reason it's probably ringing up as bad is due to it having a similar code to whatever that virus did. I won't say it's common but false positives do happen from time to time by unintentionally writing code which part of it looks close enough for a virus scanner to ring up as suspect.
I'm really willing to wager it's a false positive, since this was patched a long time ago. You can always bring it up in the scanner company's support forums, but it's really unlikely someone's going to use such an outdated weakness which I would be horribly stunned if it wasn't patched by now to attack someone's machine with.
I'm also willing to wager since only two of those scanners out of 54 saw something (and two different things), it's very likely it's a false positive.