Added detailed explanation for the situation ( #40 )

EchterAlsFake · Jun 8, 2024 · 242e889 · 242e889
1 parent 56fa52a
commit 242e889
Show file tree

Hide file tree

Showing 2 changed files with 63 additions and 30 deletions.
diff --git a/README.md b/README.md
@@ -1,29 +1,3 @@
-> [!WARNING] 
-> I currently investigate an issue where Porn Fetch executables are flagged as a virus on VirusTotal (36+ vendors).
-> I of course have NOT modified the executables and I will be absolutely transparent to ANYONE in the build process. 
-> <br>
-> <br>
-> Please see this issue for updates: [Porn Fetch trojan report](https://github.com/EchterAlsFake/Porn_Fetch/issues/40)
-
-> [!IMPORTANT]
-> DO NOT DOWNLOAD PORN FETCH UNTIL THIS ISSUE HAS BEEN RESOLVED!
-
-
-> [!NOTE] 
-> My account didn't get hacked and I always used code signing (in most of the cases). I am pretty sure there haven't been
-> any modifications by a third party, but I will do anything to find out what did go wrong.
-
-
-
-If you want to use Porn Fetch now, please ONLY use it from the source code but NOT from the releases.
-
-
-Thank you all, I'll let you know when it's fixed. For updates, please refer to the issue mentioned above. Thanks.
-
-
-
-
-
 <div align = center>
 <img src="https://github.com/EchterAlsFake/Porn_Fetch/blob/V3.0/src/frontend/graphics/logo_transparent.png" alt="Porn Fetch Logo" width="350"/>
 <br>
@@ -49,14 +23,11 @@ Thank you all, I'll let you know when it's fixed. For updates, please refer to t
 ---
 </div>
 
-> [!NOTE]
-> I am not active on GitHub for the next weeks. Errors won't be fixed now, but later, when I feel better.
-
 > [!WARNING]
 > Porn Fetch is NOT associated with the websites. Porn Fetch is AGAINST the Terms of Services of EVERY website! Usage is on YOUR risk.
 
 > [!IMPORTANT]
-> I need someone to help me with testing on macOS. I will highly appreciate any help. Please contact me on Discord: echteralsfake
+> Porn Fetch may get flagged by your antivirus software. See [HERE](https://github.com/EchterAlsFake/Porn_Fetch/blob/master/README/ANTIVIRUS_FLAGS.md) for an explanation why this is.
 
 ## 🚀 Quick Links
 - [Features](#-features)

diff --git a/README/ANTIVIRUS_FLAGS.md b/README/ANTIVIRUS_FLAGS.md
@@ -0,0 +1,62 @@
+Porn Fetch unfortunately gets flagged by Antivirus Software and even by your browser.
+Sometimes you won't even be able to download Porn Fetch.
+
+## The Reason
+
+The reason for this is, that Porn Fetch isn't signed. Signing is the process of digitally verifying that a file is from a 
+respective author. For example if you start Porn Fetch the Windows Smart Screen will tell you that it is from an unknown source.
+The problem is, that signing costs money. If I want to go with a respected and established CA I need to pay estimated 300 dollars / euros
+a year. You can probably guess that I don't have the money for this and this is not worth it.
+
+Porn Fetch sends a request at startup to the porn sites, to check your internet connection, and it also checks for updates.
+Some antivirus software think that it may send data from your device, which is why it gets flagged as a trojan.
+
+Porn Fetch also is not known by any AV or by any browser as it only has like 7k downloads, so it's not a known software.
+
+## Proof for not being a virus
+
+(This explanation is also for people who are not in tech, so read carefully)
+
+
+GitHub is a platform where developers can host their code. To say it extremely simple, GitHub manages your code and let people
+interact with it (really simple explained). GitHub has a feature called "GitHub Actions" (CI/CD). This lets you automate things 
+using a script. 
+
+When Porn Fetch is built, the source code is converted into a binary file which is readable by machines, but not by humans. 
+The problem was that I always compiled (the term for converting source to binary) my files on my own system. So nobody could verify
+if I made any changes to the code before publishing it. This is of course not good, so I changed it. Now the GitHub actions are used 
+to automatically convert the source code into the binary file, but here comes the best:
+
+I am technically not able to modify this process. The code compilation in the GitHub actions is defined by the scripts which are
+available under ".github/workflows" in my repository. The workflow will also calculate the SHA 512 sum. The SHA 512 sum is a fingerprint
+of the file. It's technically not possible for anyone in the world to "fake" this sha sum. It's cryptographically safe.
+
+So if you compare the SHA sum from the file from GitHub actions and the SHA sum from the releases and the SHA sum matches, then
+you know that the file is by 100% the same. It's completely identical.
+
+
+Now what if a hacker hacks into my account and publishes his own file? 
+
+My files are also signed using a PGP key. Now I won't explain what this is, but basically you can do:
+
+gpg --verify "filename"
+
+If it says something like signed by "Johannes Habel <EchterAlsFake@proton.me>" with this key ID: 1E04D0A679846BC0
+then you know it was me who published it. 
+
+## How to get around AV
+
+If you can't download the file because it's blocked by your antivirus or Browser you have two options:
+
+1. Turn off any AV (this also includes the Windows defender)
+2. Download the file using the terminal or a separate download manager like FDM 
+
+
+
+
+
+
+
+
+
+