Page 1 of 1

Sandboxie 5.24 is flagged by one Engine in VirusTotal

Posted: Sat Mar 17, 2018 11:49 am
by Inbox
"Baidu Win32.Trojan.WisdomEyes.16070401.950"

You should probably contact Baidu and get this false positive resolved with them so nothing is flagged.

Re: Sandboxie 5.24 is flagged by one Engine in VirusTotal

Posted: Mon Mar 19, 2018 12:51 pm
by Barb@Invincea
Hello Inbox,

Thanks for the info. We try to reach out to these companies but most of the times, either the captcha doesn't work (like for Baidu), or they close the requests.

To ensure you have downloaded a valid file, please see this:
https://www.sandboxie.com/AllVersions

Regards,
Barb.-

Re: Sandboxie 5.24 is flagged by one Engine in VirusTotal

Posted: Wed Mar 21, 2018 6:55 pm
by Inbox
You should be using SHA256 or SHA512 for file hash authentication, not SHA1 or MD5.

MD5 is extremely weak and can be forged with an investment of about $40K (probably less now as I read that a few years ago).

Google warned several years ago that SHA1 is weak as well, and could probably be compromised by a large corporation (such as Google themselves) or a state actor:
https://konklone.com/post/why-google-is ... kill-sha-1
http://www.zdnet.com/article/google-chr ... s-in-2016/
https://security.googleblog.com/2014/09 ... sha-1.html

Of course any old hash will likely protect you from random errors in the download due to equipment or software problems, but as far as authenticating they're genuine against an adversary - yeah you need to be using SHA256 or SHA512.