dlang
Windows Defender getting even more aggressive
I'm noticing windows defender getting even more aggressive than usual.
I'm finding it deletes pipelink.exe at random when I press compile. I go into the settings and find the quarantined item, restore it and tell it it's not a virus, and then I can compile again for a while, but then some random time later when I press compile it quarantines it again, and it loops like this.
Also just now, the VisualD installer itself was quarantined immediately after download; I had to dig it out to run the installer.
Didn't dlang foundation have a cert we were using?
I have seen that, too, also for files just compiled with dmd. For me, pipelink.exe only seems affected as long as it is not signed (by the expired certificate). Does that happen with version 1.4.1 or later that should have this exe signed?
AFAICT getting a new certificate has become more expensive and more difficult to deal with remotely as it is tied to some hardware device. That information might be dated, though.
I can try building the tool executables with LDC instead, maybe that helps...
Yeah that'll probably change the binaries in such a way that Windows is more familiar with... worth a shot.
I reckon the dlang foundation absolutely have to resolve the certificate issue though, regardless of difficulty. It's a pretty critical issue with the overall ecosystem.
Building pipelink.exe with LDC reduces the number of AV programs complaining on virustotal from 13 to 10. That might help short term, as "Microsoft" was one of those that dropped out. But unlikely to guarantee not being flagged again in the future. Other non-signed programs built with DMD/LDC trigger a lot less scanners, so I doubt the issue is only about the signing.