Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Options
Go to last post Go to first unread
Offline bav199  
#1 Posted : 21 July 2022 00:40:08(UTC)
bav199

Rank: Newbie

Groups: Registered
Joined: 21/07/2022(UTC)
Posts: 1
Antarctica

Was thanked: 1 time(s) in 1 post(s)
This will be my only post on this issue. Take it for what it is worth, I cannot validate the information, nor will I respond to questions. I'm only passing it along.

The cybersecurity section of my company blocked the use of SMath because, as they reported:

1. Andrey Ivashov is a software author known for producing other software that makes malicious connections. (This is hosted in Russia, written by a Russian apparently.)

2. Running v1.0.8151 (v1.0 build 8151) in a test environment shows that connections to sites / servers considered malicious do happen. This was observed during install, and presumably after install as well.

Andrey is suspected of writing malware or spyware, and SMath is suspected of being malware or spyware.

I don't know:
- what the connections considered malicious are
- what the connections do (what is installed / downloaded)
- if the behavior happens post-install (presumably it does if no connection is present during install)
- if these connections are flagged correctly or incorrectly

If not intended, perhaps someone can comment on what these connections are for the sake of transparency. In the best case, revise the software to remove these connections. Whatever they are, apparently they are common functions to more software Andrey writes than just SMath.

If it is intended, well I guess this post won't stay up for long.
thanks 1 user thanked bav199 for this useful post.
on 21/07/2022(UTC)
Offline Jean Giraud  
#2 Posted : 21 July 2022 02:55:30(UTC)
Jean Giraud

Rank: Guest

Groups: Registered
Joined: 04/07/2015(UTC)
Posts: 6,138
Canada

Was thanked: 896 time(s) in 724 post(s)
1. Andrey Ivashov is a software author known for producing other software that makes malicious connections. (This is hosted in Russia, written by a Russian apparently.)
Andrey is suspected of writing malware or spyware, and SMath is suspected of being malware or spyware.
Your Company Cybersecurity dines bottom up, like ducks.
Damnely insulting from Russophobia !
thanks 1 user thanked Jean Giraud for this useful post.
on 22/07/2022(UTC)
Offline alyles  
#3 Posted : 21 July 2022 06:06:49(UTC)
alyles


Rank: Advanced Member

Groups: Registered
Joined: 23/03/2016(UTC)
Posts: 240
United States

Was thanked: 77 time(s) in 48 post(s)
I take this with a grain of salt as there isn't any evidence or report provided with this post. That being said, I've been a part of this community for some time and I cannot recall any significant discussion on this topic in the past. I've had some issues, and others have reported issues in the past, with virus scanning software when generating Smath Viewer .exe files (I understand the reasons for this), but never with the Smath executable itself.

Can anyone in this community independently corroborate or refute this claim?

For what it's worth, years ago I did work for a large corporation where I had to have SW like this evaluated by I.T. before I could install it on my machine. At that time, there were not any issues reported and I was given the green light, but I also do not know the level of rigor applied to the security audit they performed and didn't have to re perform audits with software updates.
Feel free to join the SMath Studio Users Discord Channel: https://discord.gg/PayZpJW
thanks 1 user thanked alyles for this useful post.
on 22/07/2022(UTC)
Offline mkraska  
#4 Posted : 21 July 2022 09:47:54(UTC)
mkraska


Rank: Advanced Member

Groups: Registered
Joined: 15/04/2012(UTC)
Posts: 1,736
Germany

Was thanked: 952 time(s) in 604 post(s)
Do you know of any american software or OS to which these doubts don't apply?
Double standards as usual.

Originally Posted by: bav199 Go to Quoted Post


I don't know:
- what the connections considered malicious are
- what the connections do (what is installed / downloaded)
- if the behavior happens post-install (presumably it does if no connection is present during install)
- if these connections are flagged correctly or incorrectly



Martin Kraska

Pre-configured portable distribution of SMath Studio: https://en.smath.info/wi...th%20with%20Plugins.ashx
thanks 1 user thanked mkraska for this useful post.
on 22/07/2022(UTC)
Offline loha  
#5 Posted : 21 July 2022 14:03:04(UTC)
loha


Rank: Advanced Member

Groups: Registered
Joined: 13/09/2011(UTC)
Posts: 52
Location: Kolkata

Was thanked: 7 time(s) in 7 post(s)
The first line says it all...
I am using this wonderful software since a decade and it is one of the most straightforward and transparent softwares I know. All versions are still available for download and it works offline absolutely perfectly. This claim packaged in suitable deniability ("I will not anser any question"Wink is ludicrous.
By the way I also have a good antivirus that does detect suspicious connections from time to time, and it never rang the alarm for smath studio.
Thanks to the brilliant and generous Andrey Ivashov, and to the wonderful, creative and generous community he has initiated around Smath Studio.
Laurent Fournier
Kolkata
thanks 1 user thanked loha for this useful post.
on 22/07/2022(UTC)
Offline Davide Carpi  
#6 Posted : 22 July 2022 15:27:28(UTC)
Davide Carpi


Rank: Advanced Member

Groups: Registered, Advanced Member
Joined: 13/01/2012(UTC)
Posts: 2,503
Man
Italy
Location: Italy

Was thanked: 1257 time(s) in 827 post(s)
"connections to sites / servers considered malicious" would be a silly move and it would tank the project.
Anyone can monitor its own traffic with simple and free tools, it would be noticed quite rapidly and since there are other channels other than the forum, there is no way to hide it.
If you check it, you'll notice that SMath contacts smath.com, because it check for updates (check the "Don't check for updates" and you'll see that no connections are done in this case).

While you search for "Andrey Ivashov malware" on google, the only page that has some content with "malicious activity" is on any.run, and that page say nothing useful other than "msiexec.exe rewritten" and "No threats detected" at the bottom of the page.

I mean, you can't trust anything nowadays, closed-source or open-source, but that cybersecurity department seems either very strict or a little bit shallow.

Edited by user 22 July 2022 15:30:29(UTC)  | Reason: Not specified

If you like my plugins please consider a donation to SMath Studio; for personal contributions to me: paypal.me/dcprojects
thanks 3 users thanked Davide Carpi for this useful post.
on 22/07/2022(UTC),  on 22/07/2022(UTC),  on 27/07/2022(UTC)
Offline Andrey Ivashov  
#7 Posted : 22 July 2022 23:43:10(UTC)
Andrey Ivashov


Rank: Administration

Groups: Developers, Registered, Knovel Developers, Administrators, Advanced Member
Joined: 11/07/2008(UTC)
Posts: 1,598
Man
Russian Federation

Was thanked: 1953 time(s) in 658 post(s)
Quote:
Andrey Ivashov is a software author known for producing other software that makes malicious connections. (This is hosted in Russia, written by a Russian apparently.)

Sure, I'm Russian, so I can create only malware or spyware. It's obvious. Nothing to talk about.

Regarding connections, SMath Studio connects only to smath.com, only via HTTPS and only for two reasons:
1) To check if updates are available (can be disabled in Extensions Manager > Software).
2) To authenticate user (not actual if user is not using his/her account or logged in using offline method).

With love to everyone,
Andrey Ivashov from Russia.
thanks 7 users thanked Andrey Ivashov for this useful post.
on 23/07/2022(UTC),  on 23/07/2022(UTC),  on 23/07/2022(UTC),  on 23/07/2022(UTC),  on 23/07/2022(UTC),  on 25/07/2022(UTC),  on 08/08/2022(UTC)
Offline Hildebrando Pereira  
#8 Posted : 26 July 2022 20:35:18(UTC)
Hildebrando Pereira

Rank: Newbie

Groups: Registered
Joined: 28/02/2022(UTC)
Posts: 9
Man
Brazil

Was thanked: 1 time(s) in 1 post(s)
Hi Andrey, when i try to create some exe with smath viewer, bit defender flagged the archive with Gen:Variant.Tedy.173443

It's only occur with smath viewer

Best regards
Offline Andrey Ivashov  
#9 Posted : 27 July 2022 01:19:41(UTC)
Andrey Ivashov


Rank: Administration

Groups: Developers, Registered, Knovel Developers, Administrators, Advanced Member
Joined: 11/07/2008(UTC)
Posts: 1,598
Man
Russian Federation

Was thanked: 1953 time(s) in 658 post(s)
Originally Posted by: Hildebrando Pereira Go to Quoted Post
Hi Andrey, when i try to create some exe with smath viewer, bit defender flagged the archive with Gen:Variant.Tedy.173443

It's only occur with smath viewer


Hello.

It's false positive.
I would recommend you to try to disable compression of the output file (an appropriate checkbox available in the dialog before output file is generated).
It may help.

Best regards.
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.