Virustotal check issue

Question

Virustotal check issue

vatterspun opened this issue 6 years ago · 6 comments

vatterspun commented 6 years ago

Setup: Win7x86

Steps:

Change hash to CRC32
Right click on an item and submit to virustotal

Defect: Error message: "VirusTotal recognizes files only by their MD5, SHA1 or SHA256 hash!"

Expected behavior:

Error message above but also prompt the user "Do you wish to switch to SHA256 for this operation?" Once the user says yes, a browser window will be launched with the VirusTotal URL and the SHA256 value will appear in the Hashing program window.
Just run SHA256 hash and open in the browser Window.

--

Also, for security reasons I'd also suggest not using the MD5/SHA1 capability and exclusively submit SHA256 values even if it slows down the program. Both MD5 and SHA1 hashes are considered insecure.

Answer 1 · 2018-05-17T15:57:00.000Z

Version 2.1 will include this functionality. Additionally, only SHA256 hashes will be passed through to VirusTotal for security reasons, as stated above!

Answer 2 · 2018-05-17T21:10:19.000Z

Anyone should be aware that VirusTotal is a major privacy threat.

Answer 3 · 2018-05-19T17:31:39.000Z

Anyone should be aware that VirusTotal is a major privacy threat.

It is owned by Google so I have no doubt any data they can grab, they will. Were you talking about this? https://en.wikipedia.org/wiki/VirusTotal#Privacy

Answer 4 · 2018-05-19T22:14:56.000Z

@vatterspun
If you have time and patience for legal junk you may read Privacy Policy and Terms of Service . I stopped using this service.

Answer 5 · 2018-05-19T22:49:45.000Z

@smaragdus
What's your opinion on NoDistribute? Better alternative or not?

Answer 6 · 2018-05-19T23:52:28.000Z

@hellzerg
I have never used NoDistribute so I don't have opinion. However it doesn't seem to be fully free (Plans). In the past I used Jotti. Usually false positives are galore.