Anti-malware False Positives, Code Signing, and Safety of Inedo Products
Malware protection is meant to ensure that our systems and sensitive information aren’t compromised. Occasionally, this protection doesn’t quite work as intended and flags a secure download; this is known as a false positive.
If it’s Signed by Inedo, It’s Guaranteed Safe
Rest assured that if the package is signed by Inedo, you can be certain that no “viruses,” malware, Trojans, or other malicious code were injected into our installers.
All certificates are issued to Inedo by Comodo and may be viewed from the installer:
Why Code Signing Guarantees Safety
Digital signatures ensure authenticity and integrity, just as a manufacturer’s brand name does on packaged software. However, unlike a brand name alone, these cannot be counterfeited.
Code Signing uses a digital signature to assure users of the origin and reliability of software. In a digital signature, the private key generates the signature, and the corresponding public key validates it. To save time, digital signature protocols use a cryptographic digest, which is a one-way hash of the document.
How Can I Really be sure?
Many enterprises trust code signing certificates including our existing users. There is also a manual install process that can be configured to run with low security. If you want, you can even request our source code for inspection.
Please Report the False Positive!
Please let your malware protection provider know about the false positive; the more people who do, the greater the chance they won’t flag these in the future.