Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Brigand

Pages: 1 2 [3] 4 5 ... 7
Firefox is not blocking your download; it's likely Sophos has a plugin for Firefox, so it's the same thing doing the blocking. I use Firefox exclusively and have never gotten a report of malware.

Firefox itself has no malware reporting/blocking capabilities as opposed to Chrome. However, there are multiple malware blocking plugins for FF.

And on the topic of false positives, I keep getting a false positive on FreeOrion (a freeware 4X game I've been testing for a year) with Norton 360 all the time. After some investigation, it turned out that the report amounted to 'it's suspicious because we think it's suspicious', so I had nothing to point out to the devs, and no reason to :)

Yeah, URR tells me theres some kind of "Pak" malware associated with it, but I never found where anyone else got that error so I ignored it. I'm finding the 'it's suspicious because we think it's suspicious' thing to be very annoying. I realize it's err on the side of caution, but they really need some better algorithm for identifying the malware pattern than 'it's an exe', or 'it writes a file to disk'. Seem like those are pretty common properties of 'software'.

About the error 13 that was talked on the first page, I can recreate that at will. It happens when player walks into the yellow tiles.

Awesome, thank you for finding this - can you elaborate what you mean by yellow tiles? The village tiles, or the coast line - and when you say walks into them, do you mean simply walking around in the overworld, or zooming into the submap by pressing > ?? If the first case, are you exiting the ship or something like that?

Again, thank you so much - I would love to know how to produce this error.

I went ahead and created a thread over on Bay12 to see about getting some further visibility and players---perhaps the biggest place out there were ASCII sensibilities are fine and well.

Thanks getter, appreciate the support. But, I may still just call it a day on this project, something I am going to consider over the weekend. I have another half finished action roguelike sitting on my harddrive that is probably too ambitious as well. 

I've been screwing around a bit with libtcod, and am a little tempted to start a new roguelike in a less archaic language, but the idea of beginning anew with a project this size is pretty daunting - it would take a looong time to get back to this point, and there would be a learning curve substantially increasing that time.

It wasn't meant to be a definite declaration of malware, it was meant to be a caution to those who might not have my industrial-strength antivirus (I'll edit the post to sound less alarmist).

For me, Chrome and Firefox both completely block it now, and Sophos won't allow me to touch it either, so I basically physically can't download it even if I was willing to take the risk.

Firefox is not blocking your download; it's likely Sophos has a plugin for Firefox, so it's the same thing doing the blocking. I use Firefox exclusively and have never gotten a report of malware.

Just want to add, I work for a big, very well known software developer (enterprise software, not video games), and their enterprise level malware/antivirus protection is not picking anything up. Other than the apparently very well known Google "protection racket" thing about downloading from sites that Google hasn't blessed (via Google Webmaster Tools),  no one else has ever reported an instance of present malware/antivirus.


I'm using the business version of Sophos provided by my employer. I don't want to be suspicious and I certainly don't bear you any ill will but it's not inconceivable that someone might take advantage of roguelike players' willingness to trustingly download all kinds of files. I don't have the tech knowledge to identify whether or not there's a keylogger in there, so I have to err on the side of caution, particularly since it's not saying "this looks a bit dodgy" but actually "this contains a specific named item of malware". My brother has recently been hit by something similar and it's cost him thousands of pounds. I like Solstice but I'm not willing to take that risk.

I understand and completely respect your position - I certainly wouldn't ask anyone to download a program they are suspicious of, especially in light of having been hit by malware before.

My concern is not that you suspect malware and don't want to download it, it's that you've gone ahead and declared that it definitely is to everyone on the forums based on a single uncorroborated antivirus report. And certainly no malware detector has ever flagged a file as malware incorrectly.

I've been putting versions of the game for years, as Xan said, and there's never been a detection before. It's years of work - I'm not going to throw that away on an easily detectable piece of malware.

Well, I wouldn't stop just yet.  It's been a long time, but if I remember correctly, what triggered the alert on one of my programs was checking the state of every key on the keyboard and writing it to a buffer.  The issue with this I think would be that the program would still detect keys being down even if the window wasn't in focus (e.g. if you were running the program and also typing in a web browser, it would pickup those keypresses).  From what you said, if you are using a low level form of input like this, and then writing the results to a file, it's quite possible that that is the reason for the identification as a keylogger.  If so, I'd just look for some way to get around it.  If you want, I could take a look at your input handling code and see if there's anything that stands out (although it's been ages since I've done anything with VB).

Your comments have got me thinking about anything I do codewise that could be construed as key logging by anti virus software. The only thing in the latest release I could think of would be the addition of an auto target toggle. Pressing control + a toggles it on and off, and immediately updates a config file with true or false. Maybe I should only update on exit. I will put it up as version 0.0.37b - could you possibly try downloading it and see if it still flags it?

I haven't inspected the .exe, but even so I'm 99% confident that there is no key logger (malware) in Solstice.

Several programs I wrote myself in C were flagged by my antivirus as being/having a keylogger (note that what the antivirus is pointing out is not a specific segment of code identified as malware; it's a generic behavioral pattern); the reason for this is almost certainly that I was using inappropriately low level input methods (which at least has the capability of picking up on keystrokes that are sent with another window in focus). I don't know what kind of access VB has to the WinAPI, but this is likely the issue here as well.

Now, I do have an old copy of Solstice from near the end of 2012 which is not detected as a keylogger by Sophos.  So you probably simply changed how you handle or get input from Windows such that Sophos thinks it is possibly a keylogger. (Virustotal shows only Sophos as reporting this: all other antivirus scans are clear.)

Thanks a ton for looking for me, Xan. Behaviorally, I do read individual keystrokes (and log them, if you define writing the players name to a file as key logging.)

Honestly, I'm not entirely sure what to do except give up. I've put a lot in so far and have a long way to go, but it seems pointless if no one will play because they think I'm recording what porn sites they are visiting :)  the code is wayyyyy too far along to migrate to something else without completely starting over. Any suggestions? If it were you would you continue on?

Redacted for now until I decide what to do.

This is more worrying. According to my antivirus, the Solstice download contains a specific item of known, identified malware. A keylogging thing, no less. No longer willing to have this on my PC.
You're thinking it out wrong.  That's why you have to install it.  It and the NSA keylogger we all have installed will conflict and give partial data to each.  This way you can discuss poppy cultivation tips with your Al Quaida contacts, and neither will get the full picture.

Sigh, there's no installer.... Any funny how when I look up the malware your software identifed my program as, the first 2 hits are for pages on your antivirus software sellers website, prompting you to use (buy) Sophos to diagnose the problem.

This is more worrying. According to my antivirus, the Solstice download contains a specific item of known, identified malware. A keylogging thing, no less. No longer willing to have this on my PC.

Wow....theres no key logger and there never has been. Theres no malware of any kind. Do you want to see the uncompiled source code? Please don't post stuff like this. Your anti-virus is overzealous and probably doesn't like the fact its from a 10 year old compiler that doesn't have some signature that it expects.

What anti-virus are you using that is reporting this? Neither AVG nor Symantec on both my computers are reporting any virus.

Also, I just checked the downloaded version against the compiled version on my computer. They are 100% identical, byte for byte - the website provider is not inserting anything malicious into the code.

Again, I invite anyone who wants to to examine the code, compile it, and see that its malware free.

Specific Files or Folders Scan
No infection was found during this scan
Scanned folders:;"C:\Solstice\"
Started:;"7/31/2014, 12:14:05 AM"
Finished:;"7/31/2014, 12:14:07 AM"
Scanned items:;"56"
Launched by:;"Mark"

Small suggestion for a future update: maybe display money in the main HUD. I just found someone who offered to train me for 80 GP. I had no idea how much money I was carrying. It's not a big deal - I just said no and then looked in my inventory - but it would be nice to make that a bit smoother.

Suggestions are good, ty :) Gold is now displayed on the main panel. I will put up a new version sometime today with several other changes.

Early Dev / Re: Roguelike distribution question
« on: July 24, 2014, 08:30:45 PM »
I don't know anything about weebly sites in particular, so maybe I'm missing something; but I briefly looked at a couple pages online claiming that you can edit the html pages themselves on weebly.

And there was this video too.. if you skip to the 2min mark, this guy is doing it..

Sadly, a paid feature. You can alter the html for the "themes", but not the header, which is where Google requires the tag. Weebly has been nice and free, but it may be time to move on :)

Me too.
Brigand, if you're concerned about Chrome users, you could upload a zip file instead of an .exe? My Veins of the Earth are uploaded as zip and I've never gotten any complains about them being flagged as suspicious/malware even though the standalone version does contain an exe, obviously.

Unfortunately, it is a zip file - Chrome looks into compressed files to see what's in them. But I think I am gonna try 7-zip, assuming people use it pretty often. Or at least offer different versions.

Or, switch to a "Google approved" free website provider.

I'm growing to really appreciate the visual style. This screenshot is quite minimalist because it was taken at night but it has a wealth of ground textures and landscape/environmental features combined with the shifting light from the torches. Very nice.

Thank you very much :) For all it's infuriating oldness, I still like the visual control VB6 gives you. There's a more square font version in the game (ctrl + numpad minus) that gets the aspect a little closer to 1 that I have started playing in, although the lines and text are a little heavier.

The "not commonly downloaded" thing isn't too huge an issue. I find that a lot of roguelikes trigger that, and you can just click "keep" to overrule the warning. The malware one is more of a problem because you can't just overrule it, you have to change Chrome's settings to ignore all malware (or do what I did and use a different browser just for that one download).

Yeah, its just infuriating. I can understand people not wanting to risk their computer with a suspect download - I have downloaded a bad file before, myself, and it made me more cautious after having to wipe the hard-drive. I just wish Google had a more selective way of flagging a file beyond "it's an .exe - flag it".

Pages: 1 2 [3] 4 5 ... 7