1.3 FS no go + ransomware alert ? #236

New Issue

Closed

opened 2021-11-06 12:34:46 +00:00 by icwtch · 3 comments

icwtch commented 2021-11-06 12:34:46 +00:00

Copy Link

Hi, follow-up to my other post. Tested out another file sharing session. Sender on MacOS Big Sur. Receiver on Windows 11. Both on cwtch 1.3.File was 67 Mb file.
Starting speeds were hovering around 20 kbps.
At about 80% of transmission, uploading speeds progressively deteriorated, to get to 5 kbps after more than 2 hours of uploading.
Next morning, file still didn't finished uploading and speeds were 1 kbps...
Secundo, looking for some sort of log on MacOS console, only thing i could find was this :

XXXXXXXXXX RansomWhere[109]: OBJECTIVE-SEE RANSOMWHERE?: /Applications/Cwtch.app/Contents/MacOS/Cwtch is quickly creating encrypted files

So basically an alert from the OS thinking cwtch is ransomware !
So, for me, file-sharing on cwtch just isn't ready for prime time yet, which basically means reverting to onionshare till it's fixed...

Hi, follow-up to my other post. Tested out another file sharing session. Sender on MacOS Big Sur. Receiver on Windows 11. Both on cwtch 1.3.File was 67 Mb file. Starting speeds were hovering around 20 kbps. At about 80% of transmission, uploading speeds progressively deteriorated, to get to 5 kbps after more than 2 hours of uploading. Next morning, file still didn't finished uploading and speeds were 1 kbps... Secundo, looking for some sort of log on MacOS console, only thing i could find was this : > XXXXXXXXXX RansomWhere[109]: OBJECTIVE-SEE RANSOMWHERE?: /Applications/Cwtch.app/Contents/MacOS/Cwtch is quickly creating encrypted files So basically an alert from the OS thinking cwtch is ransomware ! So, for me, file-sharing on cwtch just isn't ready for prime time yet, which basically means reverting to onionshare till it's fixed...

kalos commented 2021-11-06 17:20:51 +00:00

Copy Link

On secundo - that's Patrick Wardle's utility RansomeWhere doing its job and reporting that files are being encrypted. All it means is that Cwtch is doing it's job. It's not a value judgement.

On secundo - that's Patrick Wardle's utility RansomeWhere doing its job and reporting that files are being encrypted. All it means is that Cwtch is doing it's job. It's not a value judgement.

sarah commented 2021-11-06 17:40:13 +00:00

Owner

Copy Link

File-sharing on cwtch just isn't ready for prime time yet, which basically means reverting to onionshare till it's fixed...

There are definitely performance improvements that we can make (and will make afer a few more fundemental issues have been addressed).

It's an experiment for a reason, though on the speed front Tor itself has been suffering from a period of performance issues over the last couple of weeks - https://metrics.torproject.org/torperf-failures.html?start=2021-08-08&end=2021-11-06&server=onion

/Cwtch is quickly creating encrypted files

This is hilarious. Things might improve with the new storage engine I'm in the middle of implementing which should reduce the number encrypted files that Cwtch creates.

But, Cwtch will create encrypted files - to have that as any kind of IoC strikes me missing the forest for the trees.

> File-sharing on cwtch just isn't ready for prime time yet, which basically means reverting to onionshare till it's fixed... There are definitely performance improvements that we can make (and will make afer a few more fundemental issues have been addressed). It's an experiment for a reason, though on the speed front Tor itself has been suffering from a period of performance issues over the last couple of weeks - https://metrics.torproject.org/torperf-failures.html?start=2021-08-08&end=2021-11-06&server=onion > /Cwtch is quickly creating encrypted files This is hilarious. Things might improve with the new storage engine I'm in the middle of implementing which should reduce the number encrypted files that Cwtch creates. But, Cwtch will create encrypted files - to have that as any kind of IoC strikes me missing the forest for the trees.

icwtch commented 2021-11-06 18:05:17 +00:00

Author

Copy Link

thx for the feedback. The thing that bothers me is that the share never finishes,it kinda goes into a braindead state and just keeps going at 1 kbps, so a share of >70 Mb after 10 hours still didn't manage to get completed.
@kalos yea that's right, i have that utility running and actually allowed cwtch for doing its thing.
@sarah no problem having cwtch encrypting files, but for the moment file-sharing just isn't usable enough for me to opt in...

thx for the feedback. The thing that bothers me is that the share never finishes,it kinda goes into a braindead state and just keeps going at 1 kbps, so a share of >70 Mb after 10 hours still didn't manage to get completed. @kalos yea that's right, i have that utility running and actually allowed cwtch for doing its thing. @sarah no problem having cwtch encrypting files, but for the moment file-sharing just isn't usable enough for me to opt in...

dan closed this issue 2022-04-11 15:56:16 +00:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

trunk

arm64pt1

flutter-3.19.3-fixes

themeFixes2

lastFixes

drone-3.19.3

flutter-3.19.3

sonoma

splashFix

deb

android_foreground_fix

android_notif_fix

fixThemes

theme-loading-fix

themeFixes

themeName

0.0.12

dart-analyzer

fix-images

streams

hideblud

fixchat

themeBits

fixGoMobile

themeImport

theme

fixdate

themeImage

post-stable-fixes

settingsPanesFiles

assetsPath

i10nupdate

settingsPanes

themeImgDir

pubspecVer

updateTor

undoFetchTor

tor-expert

mactest

fixmacdrone

yamlthemes

1.13.1

winemoji

fixSyncTime

stable-blockers

addAutoloadDef

andro33

scalingLabel

search

repbuilds-additional

repbuilds

1.12-rc

f10lin

deploy-fixes

dep-upgrades-3.10.0

ui-many-fixes

win-fixes

macos-3.10

ui-many

sw-and-sv

font-scaling

detectNetwork

ui-updates

tails-fix

performance

fixinstsys

pkg

status

tails

blodeuwedd

android_export_fix

savequotes

autobindings

testtest

profile_mgmt

unicode

integtest2

slovak

flutter3.7.1

fix-release

release-builds

uitests

fixurls

scrollbars

failonfetch

fixmacbuilds

fixDeactivate

noDisable

glic231

newjson

saveAutostart

serverOfflineIcon

notiFocus

formatfixes

lcgBump

69nicefixes

fixes

fix_linux_install

lcg1.10

android_export

replying_to

juniper_theme

smodepriv

unlockflow

pt_BR

cwtchicons

fix-mac

update-cwtch

update-translations

fixAntispam

torBump

qrcode

antispam

savedrafts

load_messages_sync

noAddContactDup

debug_access

locale_tr

fixquote

pinned

winInstructions

viewreplies

filesharing-persist

invite-fix

android-modal

ru-update

androidExported

1.8.0

newwincert

fuzzbot-fixes

default_message_formatting

macarm

intl_fix

fixFirstSync

fix_308

flutter3_notify

snackbars

formatting_toolbar_tooltip

formatting_toolbar

intl

marcia_fixes

show_down

reply_links

pl_intl

fix457

pubspecBump

cache3.0

fix-settings

replyFix

file-fixes

perf

winUninstall

cachefixes

kotlinResult

linuxNotif

debuginfo

androidFlags

power

theme-updates

add_contact_hook

message-formatting

mainActivityPort

unreadSync

androMessage

ns

small_edits

import_export

splashExit

file_bubble_pop_fix

state

message_row_fixes

da

es

cy

messagedate

i18n

no

de

lb

ro

macNotifications

fix297

cwtch1.6.1-fixes

ps160

lcg160

droneGherkin

cwtch_prefix

maclcg

notificationSettings

custom_profile_fixes

custom_profile_images

profile_images

gherkin

profileNotify

wintoasts

fastercwtch

serverProgress

winFocus

winNotify

androTor

sender_size

cache

torcache

models

getinfo

android-fix

fix_debug_error_add_contact

custom_tor_config

fix_295

v152

fixSaveHist

fixLeave

fixAndroidAttrInv

fixAcceptBlock

appbarColor

1.5-upgrades

messageCache

1.4.0-release

l10nup

ios_build_port

quote

v1.14.7

v1.14.6-nightly

v1.14.5-nightly

v1.14.4-nightly

v1.14.3-nightly

v1.14.2-nightly

v1.14.1-nightly

1.14.1-nightly

v1.14.0

v0.1.14-rc

v1.13.2

v1.13.1

v1.13.0

v1.12.0

v1.11.0

v1.10.0

v1.9.0

v1.8.0

v1.7.1

v.1.7.0

v1.6.2

v1.6.1

v1.6.0

v1.5.2

v1.5.1

v1.5.0

v1.4.2

v1.4.1

v1.4.0

v1.3.0

v1.2.1

v1.2.0

v1.1.1

v1.1.0

v1.0.0

Labels

Clear labels   

android

  

arch

  

backlog

  

blocked-on-external

This issue requires effort from an external organization to move forward

  

bug

Something is not working

  

bugbash

  

component/bindings

  

component/bine

  

component/connectivity

  

component/cwtch

  

component/tapir

  

component/ui

  

cwtch-1.14

  

cwtch-1.15

  

cwtch-beta-1.1

  

cwtch-beta-1.10

Changes Planned for Cwtch Beta 1.10

  

cwtch-beta-1.11

  

cwtch-beta-1.12

  

cwtch-beta-1.13

  

cwtch-beta-1.2

  

cwtch-beta-1.3

  

cwtch-beta-1.4

  

cwtch-beta-1.5

  

cwtch-beta-1.5.x

point release vug fixes for 1.5

  

cwtch-beta-1.6

  

cwtch-beta-1.7

  

cwtch-beta-1.8

  

cwtch-beta-1.9

  

design

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

flutter

  

funding-needed

  

help wanted

Need some help

  

hybrid-groups

  

in-nightly

  

in-progress

  

invalid

Something is wrong

  

ios

  

linux

  

mac

  

need-replication-or-investigation

  

ops

  

packaging

  

post-stable

These issues won't be considered until after Cwtch Stable ships.

  

question

More information is needed

  

questionable

there is an open question as to whether this is an issue at all / if we can even fix this

  

requires-more-effort-than-we-can-spare

The amount of work involved to solve this issue would occupy our entire development team for a significant period of time and/or provide little benefit to the rest of the project

  

rust

  

scheduled

  

stable-blocker

  

tails

  

testing-needed

  

tests

  

tor

  

waiting-on-fix-confirmation

  

waiting-on-new-flutter-feature

The cause of this issue is a bug in the underlying flutter framework.

  

whonix

  

windows

  

wontfix

This won't be fixed

No Label

android

arch

backlog

blocked-on-external

bug

bugbash

component/bindings

component/bine

component/connectivity

component/cwtch

component/tapir

component/ui

cwtch-1.14

cwtch-1.15

cwtch-beta-1.1

cwtch-beta-1.10

cwtch-beta-1.11

cwtch-beta-1.12

cwtch-beta-1.13

cwtch-beta-1.2

cwtch-beta-1.3

cwtch-beta-1.4

cwtch-beta-1.5

cwtch-beta-1.5.x

cwtch-beta-1.6

cwtch-beta-1.7

cwtch-beta-1.8

cwtch-beta-1.9

design

duplicate

enhancement

flutter

funding-needed

help wanted

hybrid-groups

in-nightly

in-progress

invalid

ios

linux

mac

need-replication-or-investigation

ops

packaging

post-stable

question

questionable

requires-more-effort-than-we-can-spare

rust

scheduled

stable-blocker

tails

testing-needed

tests

tor

waiting-on-fix-confirmation

waiting-on-new-flutter-feature

whonix

windows

wontfix

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

3 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: cwtch.im/cwtch-ui#236

No description provided.