Unauthorized Vivaldi installers – help us find them
-
On slunecnice.cz, when downloading Vivaldi, there is defaultly ticked button that you accept installation of other software. When unticked original installer downloads, but… (download link)
-
Please encourage the use of Virus Total browser extension. This will allow users to scan files before downloading. Hashes for bad files can then be shared safely https://www.virustotal.com/en/documentation/browser-extensions/
-
Do You have any analysis of what mechanisms are being used inside these unauthorized installers?
Are they just simple containers with original installer inside?
Or do they work in a bit more sophisticated way?How does Vivaldi installer is being generated?
Wouldn't it be possibe to embed some const to check installer size?
Or maybe just add an option to check installer hash with some online public hash database?
And then just show warning message about possible fake file? -
I've never downloaded a browser from a source other than the browser's official website. I didn't really know people did this or that you could. Shows what I know. Yikes.
-
Yeah, yours is better and has clearer output.
-
Definitely!
-
Mine verifies that the app bundle (still) passes the Gatekeeper checks and displays who signed the bundle. Yours displays more details about how the bundle was signed. The two checks go hand in hand and both should be done… along with a few more if you're ultra-paranoid.
-
There's a whole heap of downloads for Vivaldi on non-Vivaldi websites. Some obviously legit, but how do we know without downloading and trying them?
Do Vivaldi let third parties offer downloads for their browser?
https://www.google.co.nz/search?&q=download+vivaldi+-site%3Avivaldi.com+-site%3Avivaldi.net&oq=download+vivaldi+-site%3Avivaldi.com+-site%3Avivaldi.net -
I don't even see a reason to dl a browser from ANY other site than the browser's site itself.
-
Welcome and congrats Julien!
-
Try commandline keys described here http://pastebin.com/Z0wkdeue (first 200 lines)
-
www.vivaldi.ru is a digital library network with their own client
-
Belgium is arguably the number one beer country in the world, and I happily concur with that sentiment.
-
Windows is aiming to get rid of the malware issue with UWP technology (only for Windows 10 I'm afraid). Win32 apps should be very slowly phased out (7-10+ years) for the new container.
Here's why: http://www.infoworld.com/article/3049955/security/microsoft-uwp-boosts-security-for-windows-apps.html
In short:
- UWP apps do NOT use the registry in any way
- UWP apps are sandboxed
- UWP apps have their own package (.appx)
- Addendum: You don't need to use the Windows Store to distribute .appx apps.
I strongly suggest doing some research about it, it's very beneficial for Windows 10+ users.
-
Thank you
-
That is correct. And I generally think that pretty much anything that anything that you would not want installed on your system can be considered malicious. Antiviruses and other tools do flag those PUP's after all.
-
Thanks for telling us. We'll have a look at it for sure.
-
Well, actually, I don't drink alcohol at all for a few different reasons, so that excludes more than just beer.
And if that portable installer is just a regular tool that's forthcoming with what it does and doesn't install anything unexpected, then I don't think we're too worried about it.
-
Thank you!
And indeed. I've been using FreeBSD for close to 15 years. Mostly for running servers but the last 6 months, I switched over my home desktop computer from Windows 7 to FreeBSD 10.3. I have started contributing on the FreeBSD forum as well, but I haven't had a lot of time for that.
-
Thank you!