[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] Panda antivirus now thinks Tor.exe is a virus



On Tue, Jun 16, 2015 at 01:21:56PM -0400, Roger Dingledine wrote:
> The behavior detection aspect is especially vexing here -- many antivirus
> tools have a "Not enough of our users have told us about this exe yet,
> therefore it is scary by default" feature.

There's also the simple fact that "an executable with a Tor client built
in" is more likely than not malicious: a lot of modern malware uses Tor
for C&C.

Things could be worse - though I'm not sure if this happens - if malware
downloaded the legitimate tor.exe on the side.

Have you reached out to AV vendors and see if this issue could be
solved? They might be willing to whitelist the executable.

(FYI, I pinged someone at Panda about this particular issue and they'd
look into it.)

Martijn.

Attachment: signature.asc
Description: Digital signature

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk