The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

["Visser,Ramon R.D." <r.visser AT fontys.nl>]

Hi Stefan,

Thnx for your answers.

Windows 10 mobile is clear enough.

F-secure:
Yes, as well as the managed and unmanaged devices with F-secure installed are 
up-to-date and both experience this warning/pop-up.
Surf is the collaborative ICT organisation for Dutch education and researches 
and offers students, lecturers and scientists in the Netherlands for a low 
price F-secure. So this can be installed on many devices.

Do you have any suggestion for fixing this?

Best regards,

Ramon

Ramon Visser * Projectmedewerker, Dienst IT * Fontys Hogescholen
Het Eeuwsel 2, 5612 AS * Gebouw S1, kamer 3.12 * Postbus 347, 5600 AH 
Eindhoven
r.visser AT fontys.nl
 +31618390398



-----Original Message-----
From: Stefan Winter 
[mailto:stefan.winter AT restena.lu]
Sent: maandag 30 januari 2017 08:41
To: 
cat-users AT lists.geant.org;
 Visser,Ramon R.D. 
<r.visser AT fontys.nl>
Subject: Re: [[cat-users]] eduroam CAT

Hello,

thanks for the kind words!

> During the POC we only discovered two issues.
>
> *1.       **antivirus related. *
>
> Customers with F-Secure antivirus client experience application block
> popups on their Windows 7, 8.1 and 10 devices:
>
>
>
> Application was blocked. This was determined to be a high-risk
> application by system control heuristics.
>
> Application path:
> \\?\c:\users\877590\appdata\local\microsoft\windows\temporary
> <file:///\\%3f\c:\users\877590\appdata\local\microsoft\windows\tempora
> ry> internet files\content.ie5\n54da4ra\*eduroam-w10-fh-uc.exe *
>
> File hash: 3b6cad0f6a27786e0623047caf28d932438c9431
>
>
>
> When we upload the file to Virustotal we see some other AV apps having
> the same result:
>
> Windows 7:
> https://www.virustotal.com/nl/file/12c312f680ff42fe35949ae2376f460302c
> 02f884e99c85223ab52c5f272bc5d/analysis/1485186199/
>
> Windows 8:
> https://www.virustotal.com/nl/file/aa5407be6509e134b4ed9042e7ad6639bf2
> 0e4de9e7a3d09db60ebf0ed27b962/analysis/1485185921/
>
> Windows 10:
> https://www.virustotal.com/nl/file/ede9c6b1a33490c0d75bede2c88ff9ecdb3
> dfaefc51e0c623287719dae497479/analysis/

All three results show that only exactly one AV engine takes offence, and 
it's a Chinese niche product that is not at all commonly used in other 
countries.

We occasionally also get "real" ;-) AV engine hits but these are all based on 
heuristics. It so happens that our code modifies security parameters and AV 
engines generally do not like that (except of course if they are doing it 
themselves). Many AV vendors react positively when nudging them about their 
heuristics being wrong and we get white-listed.

We never received a reply from Qihoo-360.

Also for F-Secure I'm surprised, because the VirusTotal result for F-Secure 
is actually a checkmark.

Are you sure the Virus scanner in question is up-to-date with its signatures 
etc.?

> 2.       *Windows 10 Mobile support*. Any news concerning this platform
> when it will be supported?

It's not a question of "when" but "if"; and then the answer is "No" :-)

For all practical considerations, Windows 10 Mobile is a dead platform.
It's market share is so negligible - and declining further - that development 
work on our side for it is not justified.

If you prefer a more diplomatic answer, I can also write "As soon as someone 
cares to write the code. Patches welcome!".

> User receive now the android 6 installer instead of a platform not
> supported link

That is of course a different story - that's a bug in the OS detection then! 
Thanks for notifying us; we'll work on fixing that.

Greetings,

Stefan Winter

--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la 
Recherche 2, avenue de l'Université
L-4365 Esch-sur-Alzette

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the recipient's 
key is known to me

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66


==========================================================
Op deze e-mail zijn de volgende voorwaarden van toepassing:
http://www.fontys.nl/disclaimer
The above disclaimer applies to this e-mail message.