Facebook Plugin flagged for a virus

Nico Donato (nidonato) nidonato at cisco.com
Thu Jun 16 10:38:22 EDT 2011 

Also to clarify your FAQ stipulated that for Security issues to notify
your team first not the owner so I was just following what the FAQ said
to do... but I just successfully got the XMPP login to work I wish I
could swap out the icon for the protocol with the facebook icon.. J 

 

 

 

From: Casey Ho [mailto:me at caseyho.com] 
Sent: Thursday, June 16, 2011 4:55 AM
To: Nico Donato (nidonato)
Cc: Mark Doliner; security at pidgin.im
Subject: Re: Facebook Plugin flagged for a virus

 

Hi Nico,

 

A plugin is no longer needed to use Facebook chat in Pidgin, so you can
safely uninstall the plugin.

 

See https://www.facebook.com/sitetour/chat.php for instructions on how
to connect Pidgin to Facebook.

 

-Casey

 

On Thu, Jun 16, 2011 at 1:43 AM, Mark Doliner <mark at kingant.net> wrote:

Hi Nico.  Sorry for not responding earlier--your message got put into a
holding queue because it was over the max file size for emails to this
mailing list, and we didn't notice it until just now.

 

I strongly suspect that this problem is a false positive (as in it's not
really a virus).  This tends to happen from time to time because:

1. The checks done by anti-virus software are typically dumb

2. Pidgin and Pidgin plugins tend to use the same installer program used
by some viruses (because the installer program is free)

 

In any case, we're not responsible for the Facebook plugin.  You would
need to contact the author about this.

 

--Mark

On Wed, Feb 23, 2011 at 6:49 AM, Nico Donato (nidonato) <
nidonato at cisco.com> wrote:

	My apologies I didn't read (yes I know) thoroughly the
requirements

	 

	Platform: Win 7 64 bit

	Pidgin 2.7.10 

	Libpurp 2.7.10

	 

	I was adding the facebook plugin from googlecode. (its the very
first plugin listed in the plugin download) I was not sure if I should
contact the author or you until I saw how to report security
vulnerability post.

	I simply clicked on and downloaded the exe plugin

	I sent an attached screen shot if you did not get it please let
me know

	 

	OO you probably would want to know the A/v info too

	 

	McAfee version 8.7.0i 

	Scan engine 5400.1158

	DAT 6265.0000 created feb 22 2011 

	 

	 

	 

	 

	Thank you.

	 

	 

	 

	 

	 

	 

	From: Nico Donato (nidonato) 
	Sent: Wednesday, February 23, 2011 9:30 AM
	To: 'security at pidgin.im'
	Subject: Facebook Plugin flagged for a virus

	 

	Et Al,

	 

	 

	I love pidgin, I will be making a donation at some point to you
guys.  In addition to being a TME for cloud computing and Dist
networking, I also work with the various security consulting firms.
Below I captured trying to get the facebook plugin.

	 

	 

	Heres the response I got:

	 

	 

	 

	 

 

Nico Donato
Technical Marketing Engineer
Corporate Development
nidonato at cisco.com <mailto:nidonato at cisco.com> 
Phone: +1 919 392 2626 <tel:%2B1%20919%20392%202626> 
Mobile: +1 919 961 1280 <tel:%2B1%20919%20961%201280> 

Cisco Systems, Inc.
7100-9 Kit Creek Road
Research Triangle Park, NC 27709
United States
Cisco DataCenter 3.0 CVD
<http://www.cisco.com/en/US/netsol/ns743/networking_solutions_program_ho
me.html> 

 

 

 Think before you print.

This email may contain confidential and privileged material for the sole
use of the intended recipient. Any review, use, distribution or
disclosure by others is strictly prohibited. If you are not the intended
recipient (or authorized to receive for the recipient), please contact
the sender by reply email and delete all copies of this message.

Cisco Systems, Inc. 
Registration Address: 170 West Tasman Drive, 
San Jose, CA 95134 
Place of Registration: California, USA

For corporate legal information go to:
http://www.cisco.com/web/about/doing_business/legal/cri/index.html
<http://www.cisco.com/web/about/doing_business/legal/cri/index.html> 

	
	

	 

	 

	_______________________________________________
	security mailing list
	security at pidgin.im
	http://pidgin.im/cgi-bin/mailman/listinfo/security

 


_______________________________________________
security mailing list
security at pidgin.im
http://pidgin.im/cgi-bin/mailman/listinfo/security

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pidgin.im/cgi-bin/mailman/private/security/attachments/20110616/bd4719f3/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 48454 bytes
Desc: image001.png
URL: <http://pidgin.im/cgi-bin/mailman/private/security/attachments/20110616/bd4719f3/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.gif
Type: image/gif
Size: 837 bytes
Desc: image002.gif
URL: <http://pidgin.im/cgi-bin/mailman/private/security/attachments/20110616/bd4719f3/attachment-0002.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.gif
Type: image/gif
Size: 87 bytes
Desc: image003.gif
URL: <http://pidgin.im/cgi-bin/mailman/private/security/attachments/20110616/bd4719f3/attachment-0003.gif>

More information about the security mailing list