Comments (14)
I believe the issue has been resolved, so I will be closing this issue. Feel free to reopen it if you have any further questions.
from graphengine.
@Diaaz I found the code that represents what looks to be a Trojan, and I can almost guarantee you that it is not. I just need to verify what I found with the Microsoft Graph Engine team lead; what you see in the DLL is the SHA-512 encoding of the word, TRINITY. :-)
from graphengine.
@Diaaz I think you have answered this question already; have you tried to build the trinity.dll yourself? As you know the trinity.dll is written in C++; I will review the compile process as well as the libraries use in the build process. I will get vack to you shortly. What time zone are you in?
from graphengine.
Hi. I am running local security scans now on two of my dev and build machines. I, like you, have applications deployed to users for a few years now and we have never seen this problem. I perform local builds and do update the lib folder contents. We perform a scan before we ship all of our apps we have never run into this problem. I'll get back to you shortly.
from graphengine.
Okay, I have scanned two machines now and these files in particular the machines are clean. I use the built-in Windows 11 Defender (complete scan) and Malwarebytes (most rigorous) for Teams 4.5.32; I will now run an offline scan as well.
from graphengine.
Thanks for checking. Only Trendmicro detects it as a trojan, but that is exactly the scanner some of our customers are using. This is the output of jotty.org on trinity.dll (from your lib folder).
from graphengine.
I am also testing using TotalAV and it does not report the file to contain a Trojan. I will check with one other party; my guess is that this maybe a false positive. I will check with another objective party that tracks Trojan signatures.
from graphengine.
Thanks! If it is a false positive, do you know how to work around that? TrendMicro says it is a trojan, but can recompiling trinity in some other way work around that? The problem is we cannot deploy to some customers now, because they use trendmicro.
from graphengine.
Yes, we have built it ourselves and that does not solve the problem. Still a 'trojan'. I am in Central European Time
from graphengine.
I will run this past the Microsoft C++ Security runtime group. I don't see the problem on my build machines. I am building with the Specter Intel fix. I will also see if the Microsoft Research team has any time ideas. I have never encountered a problem like this.
from graphengine.
Do you know why the previous version is found 'clean'? Is this sha-512 encoding added in the last version?
from graphengine.
Following this topic for interests.
from graphengine.
@Diaaz There is absolutely no Trojan in the prebuilt binary. Since all the source code can be found in this public repository, everyone can inspect it. It is possible that a certain binary sequence triggered the false alarm. I have recently updated the dependencies and rebuilt the binary files in the "lib" folder using the latest source code in the repo. I believe this issue has been resolved with the updated files. Here are the scanning results using the URL mentioned in your post:
from graphengine.
@shaobin Thanks! Problem solved.
from graphengine.
Related Issues (20)
- .Net 5? HOT 30
- build.ps1 on Windows 10: CMake Error: Unknown argument --host=x64 HOT 2
- [How to] Run 2 Trinity servers on the same Windows 10 laptop at the same time? HOT 6
- How is the "include" statement supposed to work across multiple VS projects in the same solution? HOT 1
- [Bug Report] There is a little bug in Network lib HOT 3
- [Bug Report] Wrong Unlock HOT 15
- [Bug Report] Little Bug in TrinityCluster HOT 6
- Using generated C# "struct" classes in a Xamarin Android app? HOT 4
- [Feature Request] Ability to return a TSL service API definition as a Swagger.json file HOT 2
- dataset for freebase-likq sample does not exist HOT 2
- Dataset for freebase-likq sample does not exist HOT 2
- Website certificate is not valid HOT 4
- Bug in FanoutSearch with net6 HOT 11
- Public website certificate is not valid HOT 10
- Windows
- Windows
- Unable to load shared library 'Trinity' or one of its dependencies. when compiling on Ubuntu 22.04 or Wsl HOT 4
- Have an issue running 2 instances of a Trinity console app? HOT 4
- Attempted to read or write protected memory - Very Serious Error :-( HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from graphengine.