Dear Mark,
On Fri, 14 Sep 2012, Mark Krebs wrote:
> I just updated Fiji (fiji-win32) and Symantec Endpoint Protection
> detected a risk (Bloodhound.Sonar.9). Is this a true risk (that is, is
> Fiji infected or simply a false positive)? A brief scan of the web
> suggests it's simply a false positive, but IT here wants to know for
> sure before they unquarantine the *.exe file.
I am happy to report that there is no risk.
The sadder news are that I was unable to sort out the issues with
Symantec. I spent substantial time on trying to get to some technical
support, wanting to explain that the Fiji launcher is built by a cross
compiler that we compiled ourselves on Linux. It is therefore extremely
unlikely that there is a virus or backdoor in the launcher.
In the meantime, the launcher has moved to ImageJ2 (but is of course still
used by Fiji) and it is no longer built by a cross compiler. However, it
is built by a GNU C compiler running in a virtual machine that serves as a
"Jenkins node", i.e. it is dedicated to building & testing ImageJ, Fiji
and ImageJ2 components. So again, it is *extremely* unlikely that a virus
could have found its way into the launcher.
Maybe you, as a paying customer of Symantec, are able to get them
interested in addressing the issue? My willingness to assist has not
changed one bit. I am eager to resolve this issue.
Ciao,
Johannes
--
ImageJ mailing list:
http://imagej.nih.gov/ij/list.html
Locked
