Virus scan reports now visible on file pages, more security incoming

[Dark0ne]

The backlog is now sorted and files should be downloadable. We'll obviously look at solutions to the issue over the coming days.

[Taiolu]

In response to post #16885134.

Might I suggest using an internal source for virus scans rather than external? No files being uploaded more times than they need to be just uploads to the first upload server, scanned on that particular server and then uploaded to the download servers. You would be able to pick and choose which services you want as well.

Assuming the server can take it that is.

[Rovlad84]

In response to post #16882779.

You can't rely on file extensions, you have to check file headers anyway. Most antiviruses do exactly that, and if the file is not "infectable", it's marked as safe. It's supposed to be a very fast process, it just isn't the case with virustotal for other reasons. Edited July 26, 2014 by Rovlad84

[testingone]

The backlog is now sorted and files should be downloadable. We'll obviously look at solutions to the issue over the coming days.

 

 

OK, I know that you also have a private life, must look after other things than only around the Nexus. All other would be also extremely strange...

... but this problem here, makes me simply slowly sour:

All the same what tries to load I high, the Upload breaks off with an error message, however, my files still become a highly loaded - only the virus status is always a question mark. What is wrong there?*

http://s14.directupload.net/images/140726/temp/onxmqy35.png

*translated with PROMPT <-- no english native speaker.

[Deleted3619564User]

In response to post #16885134. #16888824 is also a reply to the same post.

- You could perform a scan only if a zip has inside exe or dll files.
- You could implement a "timed-out" method. If a file remains in pending state too much, reset the status to not scanned (so the file can be downloaded anyway). Edited July 26, 2014 by Guest

[bben46]

What alternatives to VirusTotal do you recommend - please remember that it must be able to set to automatically scan all uploaded files as they come in, Be capable of scanning a HUGE backlog of already uploaded files, be able to handle large files, have a better false positive rejection ratio than VirusTotal, not slow anything down, AND - do it as a service to the members of the Nexus at no charge.

 

The use of VirusTotal is still new on the Nexus, and may have some initial bugs until we figure out all of the quirks of this service. Once the big backlog is scanned, and all it is checking is the new files as they come in - scanning the new files should speed up.

 

Instead of blaming Nexus and VirusTotal, please lay the blame on the idiots that are trying to pass off their malware as mods and game utilities. For those who really don't know, an exe file CAN be easily hidden inside of a zip file. It's just not as simple as a non zipped autorun exe. Basic instructions in a read me - Unzip into some unprotected location. Click on badfile.exe to install your new mod malware. Then a note in the readme saying that "Some antivirus programs flag this as a virus - please ignore that if it happens." :devil: There are other ways to do this also. Most involve just a modicum of social engineering to get you to actually do the work of installing the malware. By using VirusTotal we can catch these before they even show up on the downloads page - and protect those members who do not have a decent antivirus. :thumbsup:

 

This is NOT a reason to not have or to disable an antivirus - ALWAYS have an up to date antivirus running AND a firewall for your own safety.

[Deleted3619564User]

In response to post #16900954.

I already gave some tips to Dark0ne.
To answer your question: the best antivirus is the Kaspersky. You need the Kaspersky security for file server. It's the fastest one in the world with the hierarchical storage management and a full centralized management. Anti malware, anti virus etc.....for windows you need to pay it. I don't know how the cost is for linux systems. You can try to check it on the site. Edited July 26, 2014 by Guest

[SjoertJansen]

In response to post #16900954. #16901714 is also a reply to the same post.

I agree that VirusTotal is perhaps the best virus solution you can possibly find. There are rather few false positives when at least 4 need to flag it as a virus, whilst having a very high true positive rate as well. I applaud the effort the nexus puts into users safety and truly do hope this one full day of no file upload was a one off thing and long delays will not be happening again.

However, if problems with VirusTotal are not a one off thing, but turn out to be recurrent, I would oppose against the use of it for several reasons.

For one, it now sounds as if the nexus can only accept the very best and does not consider other options. This to me sounds a bit strange, considering a virus scan has not been implemented since the beginning of the nexus. And not because general users are malicious and upload viruses, nope, a staff members account was compromised, and only this way did the virus spread.
Never before with millions of users did such a thing happen.

There are always the in-between options, for example the suggestion posted by Alenet. Where you have rapid screening of files under your own control. This would not be the very best solution available, no, but the solution now in place is pretty much the best of any independent file sharing website you can get. It feels like going over the top. There are also other options suggested where not scanned files are flagged as such but still remain available for download.

Another issue is listed at the very end

This is NOT a reason to not have or to disable an antivirus - ALWAYS have an up to date antivirus running AND a firewall for your own safety.

It has never been the responsibility of the nexus to protect users of the internet in general. The ones that did get infected where naive at best, or perhaps even downright stupid.

If these issues are recurrent, my main concern would be that authors would get annoyed and use other file sharing websites. Or users start downloading via mirrors available on the Nexus, even I uploaded one after multiple requests yesterday. These mirrors are not virus scanned.

Due to a possibly over the top virus scan implementation, users may start downloading from unsafe links found on nexus pages.This kind of negates the whole idea of the virus scan in the first place.

In short, if problems keep occurring, an in-between option sounds like a better trade of in my view.

For now I stand behind any decision made by the nexus which has always handled in its users best interests, I thank you for that!

End of rather long rant Edited July 26, 2014 by SjoertJansen

[TheVampireDante]

It has never been the responsibility of the nexus to protect users of the internet in general. The ones that did get infected where naive at best, or perhaps even downright stupid.

Yes, but despite that - who would get the blame?

Just us.

Nevermind that if quizzed on previous occasions, some of those complaining have indeed been found to have removed, disabled or indeed have never installed a decent anti-virus -which as anyone with sense knows, is damn stupid. Same people that do this though, are completely unable to accept that they are partly at fault for their own systems being infected by not having the appropriate security in place.

Yes, the file may have came from here (due to malicious uploads) - but lacking a defense setup on your system that could have prevented the problem from propagating is on the system operator. There's only so much we can do on our end, and I believe that the recent efforts have been a massive step in the right direction.

Before the implementation of the scanner - we wouldn't know of an infected file until it was reported to us, and by that point it may have been too late for some whose systems may have been infected. Which led to people yelling at us for not checking the files first - well, now we do, and with any luck the issues plagueing (for lack or a better term) the system will not be present for much longer, or ever reoccur. If they do, then of course some alternate measures will be looked into. Would only be fair.

So while it is not our direct responsibility to "protect users of the internet in general" - we'd rather our users be safe, and will remind people to take the appropriate protective/proventative measures when able.

It's better for both parties - the users stay safe, and we have less yelling to deal with.

[SjoertJansen]

In response to post #16914629.

Thanks for the response.

I never opposed the use of any security measure, I actually applauded the implementation of the virus scanning. I understand that you take the blame for the naivety or stupidity of others.

My concern lies with the problems that were caused by the implementation. I got multiple requests to upload my file on a mirror and a considerable amount of people got annoyed due to the problem. Again yelling at the nexus and laying the blame on you guys or VirusTotal, this time for the scanning rather than the virus.

If the problems occurred on VirusTotals side of things, it is going to be hard to assure these sort of issues will not happen again, as they are outside your control. If these things continue to happen you get yelling from another source. Also, usage of mirrors will increase, these mirrors are not virus scanned. I agree that for the safety of the user and as a measure to remove any blame or responsibility, the implementation is a good thing.

I stand behind your decision to implement it, it is great if it works! If it doesn't however, I hope it won't backfire. I am glad to hear that in such a case alternatives will be looked into.

Thanks again.

Edited July 26, 2014 by SjoertJansen