Bitcoin Forum>Bitcoin>Development & Technical Discussion>Wallet software>Electrum
Author

Topic: Windows Defender prevent running Electrum 3.0.4 (Read 188 times)

pooya87
legendary
Activity: 3472
Merit: 10611
Windows Defender prevent running Electrum 3.0.4
January 10, 2018, 01:16:44 AM
#14
Quote from: kostepanych2 on January 07, 2018, 11:01:58 AM
Windows Defender SmartScreen prevented an unrecognized app from starting. Running this app might put your PC at risk.

translation:
Microsoft: "the publisher of the program you are trying to install has not paid us, so we don't recognize them".

it is a Code Signing Certificate that the publishers can purchase and use that to digitally sign their released applications. it costs something as low as $80 if i am not mistaken and doesn't really do anything if you ask me when we have PGP signatures which are more secure.
hatshepsut93
legendary
Activity: 3038
Merit: 2162
Re: Windows Defender prevent running Electrum 3.0.4
January 09, 2018, 12:02:45 PM
#13
Quote from: kostepanych2 on January 09, 2018, 07:42:17 AM
Trying to do according this tutorial and in the end get this:

Code:
>"c:\Program Files (x86)\GnuPG\bin\gpg.exe" --verify electrum-3.0.5-setup.exe.asc electrum-3.0.5-setup.exe
gpg: Signature made 01/08/18 03:14:37 Belarus Standard Time
gpg:                using RSA key 2BD5824B7F9470E6
gpg: Good signature from "Thomas Voegtlin (https://electrum.org) " [unknown]
gpg:                 aka "ThomasV " [unknown]
gpg:                 aka "Thomas Voegtlin " [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Is this file ok? What does this warning mean?

It means you haven't certified developer's public key so your program doesn't trust it yet. Follow the instructions under "Import the Developer Public Key" in the article that I've posted here earlier.

The developer's public key for signing Electrum releases is 2BD5824B7F9470E6, the same that is mentioned in the article and the same that you've already verified the signature for, but you shouldn't immediately trust it - before certifying it, search it on public key servers and maybe some other mentions on the Internet to make sure that you are really adding the key of ThomasV.
kostepanych2
full member
Activity: 1274
Merit: 105
Re: Windows Defender prevent running Electrum 3.0.4
January 09, 2018, 07:42:17 AM
#12
Quote from: TryNinja on January 07, 2018, 02:09:17 PM
Quote from: kostepanych2 on January 07, 2018, 01:08:56 PM
Is there any tutorial how to check signature in Windows 10?
Here it is: https://steemit.com/bitcoin/@jklepatch/how-to-verify-the-integrity-of-electrum-wallet-executable-on-windows
Trying to do according this tutorial and in the end get this:

Code:
>"c:\Program Files (x86)\GnuPG\bin\gpg.exe" --verify electrum-3.0.5-setup.exe.asc electrum-3.0.5-setup.exe
gpg: Signature made 01/08/18 03:14:37 Belarus Standard Time
gpg:                using RSA key 2BD5824B7F9470E6
gpg: Good signature from "Thomas Voegtlin (https://electrum.org) " [unknown]
gpg:                 aka "ThomasV " [unknown]
gpg:                 aka "Thomas Voegtlin " [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Is this file ok? What does this warning mean?
TryNinja
legendary
Activity: 2758
Merit: 6830
Re: Windows Defender prevent running Electrum 3.0.4
January 08, 2018, 02:49:10 PM
#11
Quote from: Darooghe on January 08, 2018, 11:25:23 AM
How to verify the signature?
Read the previous posts next time. https://steemit.com/bitcoin/@jklepatch/how-to-verify-the-integrity-of-electrum-wallet-executable-on-windows

Quote from: kostepanych2 on January 08, 2018, 10:41:43 AM
-snip-

I searched for gpg.exe in C:\Program Files (x86)\Gpg4win dir, but there is no such file there...
Mine can be found inside the C:\Program Files (x86)\GnuPG folder.
hatshepsut93
legendary
Activity: 3038
Merit: 2162
Re: Windows Defender prevent running Electrum 3.0.4
January 08, 2018, 12:14:11 PM
#10
Quote from: jerry0 on January 08, 2018, 10:44:43 AM

Can you explain what you mean by verify the signature?  You mean to tell if its legit?


Because if you download electrum from the real electrum website, would that be enough?  That is how i updated electrum back then when it was version 2.x etc.  So if you download from official site, just click on windows installer and download and thats all right?

Just downloading from the real website is not enough, the site could have been hacked to distribute hacker's malicious client, you might have a malware on your PC that redirects you to a fake site while it visually looks just like the real one.
To prevent this, developer is creating digital signatures and posts them next to his files. Users have to download both the installation file and corresponding signature, then run a special command (if on Linux) or use a special software if on Windows to verify that installation files were indeed signed with developer's private key. His public key is well known and have been posted on forums and distributed keyservers.

Quote from: kostepanych2 on January 07, 2018, 01:08:56 PM
Quote from: hatshepsut93 on January 07, 2018, 11:34:00 AM
Just make sure to verify the signature first.
Is there any tutorial how to check signature in Windows 10?

I'm using Kleopatra, which came with gpg4win and is very easy to use
https://bitzuma.com/posts/how-to-verify-an-electrum-download-on-windows/
Darooghe
sr. member
Activity: 1120
Merit: 255
Re: Windows Defender prevent running Electrum 3.0.4
January 08, 2018, 11:25:23 AM
#9
How to verify the signature?
kostepanych2
full member
Activity: 1274
Merit: 105
Re: Windows Defender prevent running Electrum 3.0.4
January 08, 2018, 11:18:54 AM
#8
Quote from: jerry0 on January 08, 2018, 10:44:43 AM
Quote from: hatshepsut93 on January 07, 2018, 11:34:00 AM
Did you verify the signature? There are some threads here where people too thought that they've downloaded from official site, only to turn out later that it was from malicious fake sites from google ads.

I've checked it with Windows Defender and Malwarebytes, and it's clean.

Also dropped it on Virustotal - https://www.virustotal.com/#/file/0489e1df2d71da170f83aefdbf31f69378cff03648b776a588fd504046c5b2ee/detection

It might be a false positive in your case (if this is really an original version), windows defender was previously triggering on Electrum and other verified cryptocurrency programs like Geth. Just make sure to verify the signature first.


Can you explain what you mean by verify the signature?  You mean to tell if its legit?


Because if you download electrum from the real electrum website, would that be enough?  That is how i updated electrum back then when it was version 2.x etc.  So if you download from official site, just click on windows installer and download and thats all right?
I think there may be some very rare cases when official site hacked and files (or link) changed by hacker... Or if you have virus it can change javascript in your browser and download from other site... Or something else...
jerry0
full member
Activity: 1792
Merit: 186
Re: Windows Defender prevent running Electrum 3.0.4
January 08, 2018, 10:44:43 AM
#7
Quote from: hatshepsut93 on January 07, 2018, 11:34:00 AM
Did you verify the signature? There are some threads here where people too thought that they've downloaded from official site, only to turn out later that it was from malicious fake sites from google ads.

I've checked it with Windows Defender and Malwarebytes, and it's clean.

Also dropped it on Virustotal - https://www.virustotal.com/#/file/0489e1df2d71da170f83aefdbf31f69378cff03648b776a588fd504046c5b2ee/detection

It might be a false positive in your case (if this is really an original version), windows defender was previously triggering on Electrum and other verified cryptocurrency programs like Geth. Just make sure to verify the signature first.


Can you explain what you mean by verify the signature?  You mean to tell if its legit?


Because if you download electrum from the real electrum website, would that be enough?  That is how i updated electrum back then when it was version 2.x etc.  So if you download from official site, just click on windows installer and download and thats all right?
kostepanych2
full member
Activity: 1274
Merit: 105
Re: Windows Defender prevent running Electrum 3.0.4
January 08, 2018, 10:41:43 AM
#6
Quote from: TryNinja on January 07, 2018, 02:09:17 PM
Quote from: kostepanych2 on January 07, 2018, 01:08:56 PM
Is there any tutorial how to check signature in Windows 10?
Here it is: https://steemit.com/bitcoin/@jklepatch/how-to-verify-the-integrity-of-electrum-wallet-executable-on-windows
Trying to do according this tutorial...

When doing this

Code:
gpg --keyserver pool.sks-keyservers.net --recv-keys 0x2bd5824b7f9470e6

I get an error:

Quote
'gpg' is not recognized as an internal or external command,
operable program or batch file.

I searched for gpg.exe in C:\Program Files (x86)\Gpg4win dir, but there is no such file there...
crairezx20
legendary
Activity: 1638
Merit: 1046
Re: Windows Defender prevent running Electrum 3.0.4
January 07, 2018, 02:56:22 PM
#5
I'm also confuse of using the latest one since they are always detected by AV and i feel not safe of using it since the electrum 3.0 not work in windows 7 because of python never update my electrum wallet from electrum 2.9.3 but password protect.. still didn't experience yet any problem using it just found the news from theymos i read from github that the only affected is those who are using 3.0.3 because of enabled CORS in electrum 3.0.3

Well since the electrum 3.0 to 3.0.2 is fine when using before maybe only the affected wallet is 3.0.3
TryNinja
legendary
Activity: 2758
Merit: 6830
Re: Windows Defender prevent running Electrum 3.0.4
January 07, 2018, 02:09:17 PM
#4
Quote from: kostepanych2 on January 07, 2018, 01:08:56 PM
Is there any tutorial how to check signature in Windows 10?
Here it is: https://steemit.com/bitcoin/@jklepatch/how-to-verify-the-integrity-of-electrum-wallet-executable-on-windows
kostepanych2
full member
Activity: 1274
Merit: 105
Re: Windows Defender prevent running Electrum 3.0.4
January 07, 2018, 01:08:56 PM
#3
Quote from: hatshepsut93 on January 07, 2018, 11:34:00 AM
Just make sure to verify the signature first.
Is there any tutorial how to check signature in Windows 10?
hatshepsut93
legendary
Activity: 3038
Merit: 2162
Re: Windows Defender prevent running Electrum 3.0.4
January 07, 2018, 11:34:00 AM
#2
Did you verify the signature? There are some threads here where people too thought that they've downloaded from official site, only to turn out later that it was from malicious fake sites from google ads.

I've checked it with Windows Defender and Malwarebytes, and it's clean.

Also dropped it on Virustotal - https://www.virustotal.com/#/file/0489e1df2d71da170f83aefdbf31f69378cff03648b776a588fd504046c5b2ee/detection

It might be a false positive in your case (if this is really an original version), windows defender was previously triggering on Electrum and other verified cryptocurrency programs like Geth. Just make sure to verify the signature first.
kostepanych2
full member
Activity: 1274
Merit: 105
Re: Windows Defender prevent running Electrum 3.0.4
January 07, 2018, 11:01:58 AM
#1
I downloaded Electrum 3.0.4 from official site (https://electrum.org/#download) and Windows Defender prevent running it:
Code:
Windows protected your PC
Windows Defender SmartScreen prevented an unrecognized app from starting. Running this app might put your PC at risk.

App:
electrum-3.0.4-setup.exe
Publisher:  
Unknown publisher

There is no such thing with version 3.0.3.

So why Windows Defender don't like 3.0.4 (and without any question accept 3.0.3)?
Is 3.0.4 safe to use?
Bitcoin Forum>Bitcoin>Development & Technical Discussion>Wallet software>Electrum
Jump to: