Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://twitter.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

Failing Internet Explorer 9 security checks

Simple, Free, Open Source UltraVNC Wrapper Supporting Windows and Mac OSX
Post Reply
User avatar
dlboy
Posts: 4
Joined: 2011-03-29 21:11

Failing Internet Explorer 9 security checks

Post by dlboy »

Hi,

I am having a problem where instandsupport.exe is failing IE9 security checks, making it very hard for users to run. when choosing run the file from our website IE9 will download it but then advise the user to delete it as "This program is not commonly downloaded and could harm your computer" After clicking advance options to run it, i notice in the top "SmartScreen Filter has little or no information about this unsigned program. Running this program might harm your computer"

Has anyone else come accross this and is there a fix for it, I am using the latest version of Chunk 3.2.

Regards

Richard
User avatar
supercoe
400
400
Posts: 1732
Joined: 2009-07-20 21:27
Location: Walker, MN
Contact:

Re: Failing Internet Explorer 9 security checks

Post by supercoe »

I was having the same problems since IE9 came out and yesterday the "smart"screen filter must have allowed InstantSupport.exe from my website.

It seems to have taken a good 50+ people having to go through telling IE9 to run the file anyways.

Luckly in my case I host the exe on my website so it's always in the same place as I can see how smartscreen causes problems.
http://www.chunkvnc.com - ChunkVNC - Free PC Remote control with the Open Source UltraVNC wrapper InstantSupport!
User avatar
dlboy
Posts: 4
Joined: 2011-03-29 21:11

Re: Failing Internet Explorer 9 security checks

Post by dlboy »

So as more people download the program the less of a problem it will be?
B
800
800
Posts: 2338
Joined: 2009-09-09 14:05

Re: Failing Internet Explorer 9 security checks

Post by B »

I would think NOT. Because each compilation of InstantSupport.exe is by definition different (IP addresses, encryption keys). So I would guess it's going to be an ongoing issue...
User avatar
supercoe
400
400
Posts: 1732
Joined: 2009-07-20 21:27
Location: Walker, MN
Contact:

Re: Failing Internet Explorer 9 security checks

Post by supercoe »

As more people download your compiled InstantSupport.exe the problem will go away. If you recompile then essentially it is a new file and will probably fail the smartscreen filter check again.
http://www.chunkvnc.com - ChunkVNC - Free PC Remote control with the Open Source UltraVNC wrapper InstantSupport!
B
800
800
Posts: 2338
Joined: 2009-09-09 14:05

Re: Failing Internet Explorer 9 security checks

Post by B »

Is there a reasonable way to have it signed? I think that's why Rudi does the normal UltraVNC SC compilation on his server.

I know it doesn't actually mean much from a security perspective, but if it would help people get through these security hoops...

I would think the typical ChunkVNC user is going to have far fewer than 50 downloads!

(In the end I'd just be inclined to warn users to ignore the warnings... which is why people ignore EVERY freakin' security warning their OS and AV software throws up. It's a vicious cycle.)
redge
1000
1000
Posts: 6797
Joined: 2004-07-03 17:05
Location: Switzerland - Geneva

Re: Failing Internet Explorer 9 security checks

Post by redge »

supercoe
the cause of low download, no banner = no top of suggestion download links ....
i mean, search engine make the software won't have their banner go to medium list (almost ignored part)
the dark effect of business banners

seach vnc is a top of search engine
realvnc at top (business), followed by tightvnc, etc..
imagine chunkvnc position... without banner

so if you need authenticate chunkvnc open source, i would donate the money for the certificate bypass security issue of web browsers :-)
let me know, so customer won't worry about virus or spyware or anything. bad hacker make "b......t" cost for secure software.
UltraVNC 1.0.9.6.1 (built 20110518)
OS Win: xp home + vista business + 7 home
only experienced user, not developer
User avatar
supercoe
400
400
Posts: 1732
Joined: 2009-07-20 21:27
Location: Walker, MN
Contact:

Re: Failing Internet Explorer 9 security checks

Post by supercoe »

redge,

Thank you for your generous offer but I'm not sure how InstantSupport executables could be signed the way it is currently compiled.

I don't know much about how code signing works. I thought you had to have a secret key from the certificate authority at the time of compiling.
I'll be doing some research but If anyone is willing to share a good newbie guide to code signing I'd appreciate it. :)

Maybe the answer is to compile everyone's InstantSupport.exe on a central server, isn't this how SC is signed?


imagine chunkvnc position... without banner

Could you explain more what you mean here? What would be the benefit of ranking ChunkVNC other than for ad revenue?
http://www.chunkvnc.com - ChunkVNC - Free PC Remote control with the Open Source UltraVNC wrapper InstantSupport!
redge
1000
1000
Posts: 6797
Joined: 2004-07-03 17:05
Location: Switzerland - Geneva

Re: Failing Internet Explorer 9 security checks

Post by redge »

increase ranking by register your website to search engine for better accuracy


http://www.google.com/addurl/?continue=/addurl
http://www.bing.com/webmaster/Webmaster ... sPage.aspx
http://search.yahoo.com/info/submit.html

i mean register only certificate to InstantSupport ready to RUN (public version)
certificate custom Instantsupport need to be done from the customer, not from chunkvnc
UltraVNC 1.0.9.6.1 (built 20110518)
OS Win: xp home + vista business + 7 home
only experienced user, not developer
User avatar
supercoe
400
400
Posts: 1732
Joined: 2009-07-20 21:27
Location: Walker, MN
Contact:

Re: Failing Internet Explorer 9 security checks

Post by supercoe »

Now I see what you were saying about the search engines, thanks for the info.

When the RTR version gets good enough I'll look into signing it. :)
http://www.chunkvnc.com - ChunkVNC - Free PC Remote control with the Open Source UltraVNC wrapper InstantSupport!
redge
1000
1000
Posts: 6797
Joined: 2004-07-03 17:05
Location: Switzerland - Geneva

Re: Failing Internet Explorer 9 security checks

Post by redge »

sign certificate for chunkvnc RTR with nat2nat feature would be awesome and cream of the cream.
I'm waiting for repeater with nat2nat and vnc would blast a lot of remote software and dramatically decrease relay traffic to minimal authentication and connection :-)
UltraVNC 1.0.9.6.1 (built 20110518)
OS Win: xp home + vista business + 7 home
only experienced user, not developer
User avatar
supercoe
400
400
Posts: 1732
Joined: 2009-07-20 21:27
Location: Walker, MN
Contact:

Re: Failing Internet Explorer 9 security checks

Post by supercoe »

I'm dreaming of this as well. :)

Rudi has no idea how happy a working nat2nat will make many of us!
http://www.chunkvnc.com - ChunkVNC - Free PC Remote control with the Open Source UltraVNC wrapper InstantSupport!
B
800
800
Posts: 2338
Joined: 2009-09-09 14:05

Re: Failing Internet Explorer 9 security checks

Post by B »

supercoe wrote: Maybe the answer is to compile everyone's InstantSupport.exe on a central server, isn't this how SC is signed?
Yes, that's what I said above, "I think that's why Rudi does the normal UltraVNC SC compilation on his server."

The obvious drawbacks are (a) you have to pay for a cert, (b) you become a single point of failure for all new users and you have to keep your server available in perpetuity, (c) suspicious people like me are wary of having their remote control settings funneled through you, and (d) signing other's work has the potential to get you in a limited amount of trouble if the signed code is used for nefarious purposes. But it <b>would</b> be nice to have as an option (perhaps a paid option?) for those who don't want the hassle of the warnings.
Post Reply