Jump to content

Cura 2.3.1 flagged by Virustotal


Fast6er

Recommended Posts

Posted · Cura 2.3.1 flagged by Virustotal

Hi team-

My new workplace has very stringent software security policies, including thorough inspection of software that hasn't previously been vetted.

One of the steps is a Virustotal scan, and Cura 2.3.1 threw 4 flags. FWIW, 2.3.0 threw 2 flags.

As such, I have no recourse to install the software on my corporate computer, which is a real downer.

Is there anything that can be done to address these (assuming) false positives, or, (worst case) malicious code?

Thanks in advance for any help or insight.

  • Link to post
    Share on other sites

    Posted · Cura 2.3.1 flagged by Virustotal

    If you knew who my employer was, you may revise your opinion :)

    Here's the report:

    linky

    As I mentioned, this is one metric of several they use, and these results make them wary. The responsibility lies on either me or Ultimaker to prove that Cura is safe to install and run. My experience is purely anecdotal across several machines and versions, and that's not worth much to them. Their suggestion was that I ask for Ultimaker's input.

  • Link to post
    Share on other sites

    Posted · Cura 2.3.1 flagged by Virustotal

    I find it a little odd that the file being analyzed is a win64 program, yet the Virustotal scan categorizes it as a win32 / 386 processor executible.

    Are they sure they analyzed the right file or are their catagories that far out of date?

  • Link to post
    Share on other sites

    Posted · Cura 2.3.1 flagged by Virustotal

    "Generic Trojan" -> there is fairly little we can do about this. We tried getting Cura listed on the whitelist of some of the virus scanner companies, but it's a lot of work getting it done with every single one of them.

    We suspect that it's the combination of Cura being able to send statistics (if you agree) and it using a local (socket) connection with the backend.

    What would it take to prove that it's safe? Show them the source code? That we can do! ;)

    • Like 2
    Link to post
    Share on other sites

    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now
    • Our picks

      • Introducing Universal Cura Projects in the UltiMaker Cura 5.7 beta
        Strap in for the first Cura release of 2024! This 5.7 beta release brings new material profiles as well as cloud printing for Method series printers, and introduces a powerful new way of sharing print settings using printer-agnostic project files! Also, if you want to download the cute dinosaur card holder featured below, it was specially designed for this release and can be found on Thingiverse! 
          • Like
        • 10 replies
      • S-Line Firmware 8.3.0 was released Nov. 20th on the "Latest" firmware branch.
        (Sorry, was out of office when this released)

        This update is for...
        All UltiMaker S series  
        New features
         
        Temperature status. During print preparation, the temperatures of the print cores and build plate will be shown on the display. This gives a better indication of the progress and remaining wait time. Save log files in paused state. It is now possible to save the printer's log files to USB if the currently active print job is paused. Previously, the Dump logs to USB option was only enabled if the printer was in idle state. Confirm print removal via Digital Factory. If the printer is connected to the Digital Factory, it is now possible to confirm the removal of a previous print job via the Digital Factory interface. This is useful in situations where the build plate is clear, but the operator forgot to select Confirm removal on the printer’s display. Visit this page for more information about this feature.
          • Like
        • 0 replies
    ×
    ×
    • Create New...