Discussion

Microsoft Security Essentials reporting false positives in the Bitcoin blockchain, constantly notifying users.

Earlier today, a virus signature from the virus "DOS/STONED" was uploaded into the Bitcoin blockchain, which allows small snippets of text to accompany user transactions with bitcoin.  Since this is only the virus signature and not the virus itself, there apparently is no danger to users in any way.  However, MSE recognizes the signature for the virus and continuously reports it as a threat, and every time it deletes the file, the bitcoin client will simply re-download the missing blockchain.

It appears to be a joke or prank, simply because this particular virus does nothing more than periodically show "YOUR COMPUTER HAS BEEN STONED" on one out of every eight computer boot-ups, and is over 25 years old.

I'd like to get a verification here that a) what MSE is actually detecting is the signature for a virus and not actually the virus itself, b) that there is truly no danger to users of bitcoin simply because of the limitations of the blockchain to carry all the code needed for a virus, and c) MSE can and should be updated as soon as possible to bypass signatures found in the blockchain, as its constant alerts of finding threats in the blockchain is not only worrisome, but can create panic and negative perception of bitcoin as a whole, damaging its reputation and annoying users.  It's important that MSE be updated with a more selective virus detection algorithm for blockchain files.



* Please try a lower page number.

* Please enter only numbers.

* Please try a lower page number.

* Please enter only numbers.

Please go to https://www.microsoft.com/security/portal/submit.aspx and submit a sample of the
suspected file(s).
Please choose "
Microsoft Security Essentials" in the product field.

Technically, you are not the "developer" for the blockchain, but an alternate path to report this:

http://www.microsoft.com/security/portal/mmpc/developer/resources.aspx

Note that this is a community forum and a response in here from Microsoft is unlikely.

-steve

^_^
Windows Insider MVP (Security), Moderator Microsoft Community

Sadly the first option you gave won't work: "Samples must be less than 10MB", the blockchain is at 16.6GiB right now.

Let's hope Microsoft gives this the attention it deserves.  This could put off a lot of people from running a full Bitcoin node.
Kind Regards
Mark Crosby MCP CompTIA A+
http://speedygeek.net/

The file is over 15gb.

Reply In reply to deleted message

Please go to http://distrowatch.com/, pick an open-source system of your choice, and stop using the corporatocracy operating systems used to gouge you, and keep you under maximum surveillance.

Find me a feature-comparable app to Visio that runs on any such system (at any price) and I'll gladly do so.


Please go to http://distrowatch.com/, pick an open-source system of your choice, and stop using the corporatocracy operating systems used to gouge you, and keep you under maximum surveillance.

Find me a feature-comparable app to Visio that runs on any such system (at any price) and I'll gladly do so.

http://www.maketecheasier.com/5-best-free-alternatives-to-microsoft-visio/

https://www.lucidchart.com/

http://www.gliffy.com/

I'm a new user, but I'm learning to use Ubuntu so I can stop using Windows, which has a backdoor in for the NSA. 


None of those are even close to Visio in terms of features. Most of them are pretty much jokes.

You have a couple of alternatives:

1. Run linux inside a VM on your PC, for example on vmware or virtualbox, and then run bitcoin on top of that.

2. Alternatively, run visio on top of Wine on linux. I'm not sure how well this works, the licensing aspects etc., but the purpose of Wine is to run native Wind*ws apps on linux.

By the way, if you have a serious amount of coins in your on-line wallet, it's better to put them on cold storage, or if you need them to be online, they should be on a clean, dedicated machine not running anything else.


I'm not even sure the Stoned virus would run on machines that MSAV does. Appropriate action would be quarantine if it cannot run. Appropriate action would be quarantine just due to it's known impact. Adware these days has more of an impact than Stoned. 

Let's hope Microsoft gives this the attention it deserves.  This could put off a lot of people from running a full Bitcoin node.

Ok. And the downside?


* Please try a lower page number.

* Please enter only numbers.

* Please try a lower page number.

* Please enter only numbers.

 
Discussion Info

Views: 51,930 Last updated: May 16, 2018 Applies to: