Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sign Windows binary with digital signature #817

Open
IzStriker opened this issue Jan 23, 2023 · 10 comments
Open

Sign Windows binary with digital signature #817

IzStriker opened this issue Jan 23, 2023 · 10 comments
Assignees

Comments

@IzStriker
Copy link

I used to use WakaTime at work to track my programming time, however, the CLI tool kept getting flagged by security because it isn't signed. I would like to keep using the WakaTime service is it possible to sign the your CLI tool?

@gandarez
Copy link
Member

What OS are you using? Would you share the report you got?

@gandarez gandarez removed the triage label Jan 23, 2023
@gandarez gandarez self-assigned this Jan 23, 2023
@alanhamlett
Copy link
Member

alanhamlett commented Jan 23, 2023

@IzStriker
Copy link
Author

Hi, yes it's Windows 11. I'll get you the full details when I'm at work tomorrow.

@IzStriker
Copy link
Author

Hi,
the exact reports I got from security were

hope you're well. We received an alert this morning that an unsigned software communicating externally to an api for a program called Wakatime. Is this regular behaviour for your device?

I'd expect that there may be other tools that could track this type of performance with the dev team, might be worth finding out if there is such a tool being used as our stance on unsigned Github software may change in the future.

Hi we have had an alert from your machine that "wakatime-cli-windows-amd64.exe" has been making connections to api.wakatime.com any idea what this is.  Many Thanks

@IzStriker
Copy link
Author

Hi, is there a verdict on this request, are you willing you support this feature?

@alanhamlett
Copy link
Member

Yes, we're working on getting a cert for signing Windows builds.

@smladenoff
Copy link

smladenoff commented Feb 8, 2024

Hi all,
I'd like to contribute to this issue as well.
I'm on Win10 and AVG blocks wakatime-cli-windows-amd64.exe from running (stating "IDP.ARES.Generic") though does not detect when scanned, but here's the report from VT: https://www.virustotal.com/gui/file/f2d3bd662aaaa79abd5939cd5b20f0bfe982a6c97582762bc8e9de3d6d867bac
(For the record, my other scanners: Immunet does not detect, nor does SpybotS&D, nor does Malwarebytes. EDIT: clarification)

I'm curious as to why some providers consider the file malicious. Any comments from the devs?

@alanhamlett alanhamlett changed the title Sign cli with digital signature Sign Windows cli binary with digital signature Feb 8, 2024
@alanhamlett alanhamlett changed the title Sign Windows cli binary with digital signature Sign Windows binary with digital signature Feb 8, 2024
@AlfredSimpson
Copy link

Adding update here - Previous comment states MalwareBytes does not detect this, however one machine I manage uses MalwareBytes and saw this flagged for the first time beginning 5 hours ago and again in the last 15 minutes.

I can confirm that it was wakatime-cli-windows-amd64.exe and the backup which were flagged. The device running it was operating W11 Pro. The timing coincides with this change by @alanhamlett .

@alanhamlett
Copy link
Member

Probably not related to that change, but the fact that 1 hr ago we did a release so the binary signature changed. Usually once the AV programs all see the new binary signature and start trusting it the false positives go away, but the first day of a release it's more likely to get flagged.

@AlfredSimpson
Copy link

That tracks - thanks for the update and great product! I cited that change as the timing matched with the first alert. Likely the second matched as well for the same reason.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

5 participants