* Re: git-scm.com GUI client links
[not found] <784B3DBC-BE5B-4E7A-A94F-80E5E135195B@alum.mit.edu>
@ 2018-11-13 22:24 ` Jonathan Nieder
[not found] ` <CAGZ79kZgO=71Ue1f+d2ZagL=9G-ZZ63y7jA-PFULaJCbK+15ow@mail.gmail.com>
1 sibling, 0 replies; 2+ messages in thread
From: Jonathan Nieder @ 2018-11-13 22:24 UTC (permalink / raw)
To: Paul J Sanchez; +Cc: git
+cc: git@vger.kernel.org, git-security@googlegroups.com -> bcc
Hi!
Paul J Sanchez wrote:
> Over the weekend I saw a link to a Mac git client I had not seen
> before: Aurees. When I went to the linked site to download a copy,
> my antivirus software (Sophos) warned me that it contains malware.
> I immediately threw it away without installing, but figured that
> git-scm.com <http://git-scm.com/> should be aware of this.
See https://groups.google.com/d/msg/msysgit/br212yYOZ70/bp5t4QpZk10J
for a similar symptom in the past.
See that thread for some advice on how to track this down. Sadly,
my experience with antivirus software is that it is just not very
reliable.
That said, it's possible that this Mac Git client is indeed infected.
Can you point me to the page where you found it? The git-scm.com web
site is maintained at https://github.com/git/git-scm.com; that page
has instructions for contributing to it.
Thanks and hope that helps,
Jonathan
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: git-scm.com GUI client links
[not found] ` <8D300E52-77C8-462C-BCF2-E1E3BBE261D9@alum.mit.edu>
@ 2018-11-13 23:43 ` Jonathan Nieder
0 siblings, 0 replies; 2+ messages in thread
From: Jonathan Nieder @ 2018-11-13 23:43 UTC (permalink / raw)
To: Paul J Sanchez; +Cc: Stefan Beller, git
+git@vger.kernel.org, git-security@googlegroups.com -> bcc
Paul J Sanchez wrote:
> On Nov 13, 2018, at 2:25 PM, Stefan Beller <sbeller@google.com> wrote:
>> The link seems to be https://aurees.com/ ?
>>
>> They seem to have
>> https://aurees.com/legal/license-agreement
>> which is a hilarious read:
>>
>> You agree that each and every e-mail address, which You use during
>> registration or to commit changes into a Git repository, is
>> automatically sent to and stored by Nezaboodka for verification
>> purposes;
>> You agree with Nezaboodka's and their partners' advertising to be
>> shown by the Software and to be sent to Your registration e-mail;
>> You may neither disable nor block automatic updates of the Software;
>> You may neither disable nor block sending of anonymous usage
>> statistics to Nezaboodka;
>> You may download, install and any number of copies of the Software
>> registered under Free License;
>>
>> Further:
>> The Agreement is a public agreement (offer) as defined by the law
>> of Republic of Belarus (article 396 of Civil Code of Republic of
>> Belarus). This Agreement is governed by the laws of Republic of
>> Belarus
>>
>> ... I did not know English is an official language in Belarus.
>
> I saw the link on git-scm.com.com. You’re correct, the site is
> https://aurees.com.com/>.
>
> And no, I hadn’t yet gotten as far as the license-agreement. Egad!
> Total show-stopper.
>
> After seeing the licensing terms, I’d agree with Sophos. Software
> which harvests my e-mail addresses and usage data and has
> autoupdates which cannot be disabled or blocked qualifies as malware
> in my opinion.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2018-11-13 23:44 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <784B3DBC-BE5B-4E7A-A94F-80E5E135195B@alum.mit.edu>
2018-11-13 22:24 ` git-scm.com GUI client links Jonathan Nieder
[not found] ` <CAGZ79kZgO=71Ue1f+d2ZagL=9G-ZZ63y7jA-PFULaJCbK+15ow@mail.gmail.com>
[not found] ` <8D300E52-77C8-462C-BCF2-E1E3BBE261D9@alum.mit.edu>
2018-11-13 23:43 ` Jonathan Nieder
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).