Recently we have seen a lot of codes used to unlock our products being offered for discounted prices. Almost all of them are bought using stolen credit cards. These codes will all be blocked by our systems and you will have to try to get your money back from the seller, we are unable to assist in these matters. Do be very careful when you see a deal that is almost too good to be true, it probably is too good to be true.

Jump to content
Sign in to follow this  
Mathijs Kok

Anti Virus disabling when installing

Recommended Posts

There is no need to retell the sordid story that went viral yesterday but we (and all other FS add-on developeRS AND PUBLISHERS) are affected in one aspect. As we also suggest disabling Anti Virus software it could be seen that we do this for the same reason FSL did (to be able to install code on the users system that the AV software would block). Of course this is not the case, In fact our FS add-ons do not contain any DRM, but seeing what happened we understand some users are worried. 

 

So we will NO LONGER advise people to disable AV software while installing. This will lead to more false positives unfortunate, but that's a price we'll have to pay from now on. 

 

 

  • Like 1
  • Upvote 8

Share this post


Link to post

To me a even bigger security flaw is requiring administrator rights to run simple applications that do not require actual administrator rights for anything but _potential_ file access if the files are located in a protected folder. Many popular addons require this like ChasePlane or Active Sky, but the same goes to Aerosoft addons like PANC and CRJ config managers.

 

I know it takes more effort to do things right, but the correct way is to only ask for elevation when you actually need it. I'm sure Microsoft has plenty of documentation for how things should be done and running everything as administrator for sure isn't one of them.

  • Upvote 2

Share this post


Link to post

If the sim is installed in the Programs Folder there is no option. That folder is protected by the OS and you can only write there with a higher level of rights. The new install system of P3d V3+ solves that of course.

 

If you know how to solve that without asking the user to heighten his permissions you have invented a very very dangerous new bug in Windows.

 

 

  • Upvote 3

Share this post


Link to post
1 minute ago, Mathijs Kok said:

If the sim is installed in the Programs Folder there is no option. That folder is protected by the OS and you can only write there with a higher level of rights. The new install system of P3d V3+ solves that of course.

 

 

 

I know this. This is why addons need to check if they actually have write access to files before blindly asking for elevation like they do now (or better yet, don't put files where they don't belong). Also they shouldn't really be writing anything into the P3D installation folder.

 

Lazy developers and legacy code / ways of doing need to go away. My P3D v4 is installed into a directory where I have full read/write access and still many addons require me to run them as administrator, granting them access to files, processes, settings and many other things that they do not need access to.

 

I also know that this is partially a Microsoft / LM problem with the way that FSX/P3D used to work, but the blame isn't only on Microsoft / LM for the lazy and insecure way that developers are doing things.

  • Upvote 2

Share this post


Link to post

Seeing the latest events that is indeed something we'll look into. I will discuss this today.

 

In our defence, who would have predicted that a company would knowingly include a password cracker into a FS add-on? 

  • Upvote 2

Share this post


Link to post

For an eternity I haven't disabled firewalls, AV softwares and user account control when installing and/or running flightsims and their addons. In about 98% of all cases things worked as advertised. Only a few installations required disabling some protections, but when running my stuff all the protections were back in place and things worked flawlessly.

 

What's still interesting to note is:

Neither Microsoft nor Avast!, Avira or Malwarebytes, for example, flagged the test.exe dropped by "the other Airbus addon developer": https://www.virustotal.com/#/file/60641eef00a7498a62ac7686e656dad6e8f700cb4803a8a149707b2c4a3a09c9/detection

 

  • Upvote 2

Share this post


Link to post

To avoid us getting involved, allow me to close this topic. Thanks for your posts.

Share this post


Link to post
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...