Re: [GNC] [Spam] Re: Possible malware in GnuCash 3.14 for Windows

Sun, 18 Jan 2026 15:33:45 -0800 

Second the Linux Transition. I moved 20+ years ago!

 If you want to try Linux, you could download & load a distribution 
such as PCLinuxOS: it can boot & run from a usb stick without 
modifying your system (except for enabling the boot).
 In my opinion (without starting a flame war), Windoze is now too 
restrictive, & perhaps is more interested in gaining value from 
the customers than supplying a service that is really in the customers 
interest. Linux is totally different to this model although some 
distributions can be a little bit this way.

 With Linux, there are usually equivalent o/s programs that replace the 
windoze alternatives: a quick google will tell the options & issues one 
may face. When I moved 20 years ago, I dual booted Linux & Windows but 
after 6 months I found I never booted Windoze, so eventually deleted it. 
Now, I feel Windoze safe boot is there to restrict access to non-commercial 
programs, more than the perceived additional security.

 One thing: it is easy to use a modern Linux distro: My wife used M$ at work, 
& Linux at home & did not notice the difference (I had to show her how to save 
LibreOffice files in M$ format for compatibility, but otherwise no problems!)

regards, Doug




On Sun, 18 Jan 2026 16:04:23 -0500 (EST)
Robert Heller <[email protected]> wrote:

> You might be supprised as to how easy the transition might be to a modern 
> (recent) Linux distribution.
> 
> At Sun, 18 Jan 2026 20:10:58 +0000 Deb Boyce <[email protected]> wrote:
> 
> > 
> > I've considered going over to Linux for many reasons, but I haven't touched 
> > that O/S in thirty years and about the only command I remember is "kill" 
> > and the fact that slashes go the other way in the file paths. After fifty 
> > years working in a DOS/Wintel environment, I'm afraid my brain may be too 
> > old to make the switch at this point. 😄
> > 
> > Deb
> > 
> > Sent from Outlook for Android<https://aka.ms/AAb9ysg>
> > ________________________________
> > From: Stephen Wiley <[email protected]>
> > Sent: Sunday, January 18, 2026 12:05:22 PM
> > To: Deb B <[email protected]>
> > Cc: Stan Brown (using GC 4.14) <[email protected]>; 
> > [email protected] <[email protected]>; Deb Boyce 
> > <[email protected]>
> > Subject: Re: [Spam] Re: [GNC] Possible malware in GnuCash 3.14 for Windows
> > 
> > You are, at the end of the day, trusting these antivirus vendors to come
> > up with *patterns* to identify binary artifacts as clean or malicious.
> > 
> > If your system is so important that you need this the appropriate thing
> > to do is to have people read *the source* and build the binaries from
> > that. This is how Linux distributions work. If your standards are low
> > enough that you're unwilling to demand that level of scrutiny then the
> > practical path forward is to disable your antivirus software which is
> > almost certainly going to get hung up on particulars output from
> > compilers and not intent.
> > 
> > --Stephen
> > 
> > On Sun, Jan 18, 2026 at 06:59:23PM +0000, Deb B wrote:  
> > > So it does make sense to depend on Windows Defender, but I'm still left 
> > > with Android and iOs devices to protect.
> > >
> > > Deb
> > >
> > > Sent from Outlook for 
> > > Android<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Faka.ms%2FAAb9ysg&data%7C02%7C%7Cc14ced37c9564d7eaaf808de56cceb34%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C639043635270304890%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=LG%2B16Bnwitlp0Dir9S32wyR318Nz%2FSMajI%2FPxPc01j0%3D&reserved=0<https://aka.ms/AAb9ysg>>
> > > ________________________________
> > > From: gnucash-user <[email protected]> 
> > > on behalf of Stan Brown (using GC 4.14) <[email protected]>
> > > Sent: Sunday, January 18, 2026 10:50:26 AM
> > > To: [email protected] <[email protected]>
> > > Cc: Deb Boyce <[email protected]>
> > > Subject: Re: [GNC] Possible malware in GnuCash 3.14 for Windows
> > >
> > >
> > > Stan Brown
> > > Tehachapi, CA, USA
> > > https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbrownmath.com%2F&data%7C02%7C%7Cc14ced37c9564d7eaaf808de56cceb34%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C639043635270322806%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=R%2BTtX%2Bw%2FQb7scWzuilrgkNYzuuwu2Dkcvj%2FY1O6d5bI%3D&reserved=0<https://brownmath.com/>
> > >
> > > On 2026-01-18 09:47, Robert Heller wrote:  
> > > > I don't (and never have) used MS-Windows, but videos I've seen on 
> > > > YouTube
> > > > suggest that most add-on antivirus software for *recent* versions of
> > > > MS-Windows are a waste of money.  "Windows Defender" (which is build in 
> > > > to
> > > > revent versions of MS-Windows) does everything any MS-Windows user 
> > > > needs.
> > > > Almost all malware these days are phishing E-Mail and depend on 
> > > > esentially
> > > > socially engineering to get the user to visit some website to trick the 
> > > > user
> > > > into revealing login credintials.  Malware writers generally don't 
> > > > bother much
> > > > with the clasic forms of malware these days.  And yes, Windows Defender 
> > > > will
> > > > probably flag legit versions of GnuCash, since GnuCash is not "signed" 
> > > > by a
> > > > Microsoft supplied certificate.  You will have to "whitelist" (whatever 
> > > > that
> > > > entails) GnuCash.  
> > >
> > > Both in Windows 10 and Windows 11 on my machines, the popup complaint
> > > about "unknown publisher" or similar has a "More info" link which is,
> > > let's say, quite poorly named. Actually, "More info" is what you must
> > > select to get to the "run anyway" or "install anyway" option.
> > >
> > > Here's how I know. The email program Betterbird, a fork of Mozilla
> > > Thunderbird, has much more frequent updates than GnuCash. As with
> > > GnuCash, it has no signing certificate. Every time, I get the prompt,
> > > click "More info" and then "install anyway," and I have no issues.
> > >
> > > I second what Robert Heller says about third-party antimalware being a
> > > waste of money on Windows 10 and 11 systems.(*) (Malwarebytes is an
> > > exception, but the free version is sufficient; you just have to remember
> > > to run it manually.) Windows Defender seems to do a fine job. We have
> > > had extensions about malware protection on the Windows 10 and Windows 11
> > > Usenet newsgroups, and the consensus matches what Robert said. At this
> > > point, I agree, social engineering is a bigger threat than traditional
> > > malware, at least for people who stay away from sketchy websites and use
> > > common sense with email. Never open an  attachment you weren't
> > > expecting, even if it purports to come from someone you know.
> > >
> > > (*) Avast is arguably malware, in a small way, since it inserts an
> > > advertisement for itself in the emails you send. This happens without
> > > your permission, and to stop it you must follow a procedure that is far
> > > from obvious.
> > >
> > > Stan Brown
> > > Tehachapi, CA, USA
> > > https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbrownmath.com%2F&data%7C02%7C%7Cc14ced37c9564d7eaaf808de56cceb34%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C639043635270332805%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=t6qv6B4D%2F38b4suBcQ1uYnTWrBBWaq23PCAooosOTrI%3D&reserved=0<https://brownmath.com/>
> > > _______________________________________________
> > > gnucash-user mailing list
> > > [email protected]
> > > To update your subscription preferences or to unsubscribe:
> > > https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.gnucash.org%2Fmailman%2Flistinfo%2Fgnucash-user&data%7C02%7C%7Cc14ced37c9564d7eaaf808de56cceb34%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C639043635270342345%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=6X9aSU5Ha1%2BlbOZ7sWRuT6LUmtCF7hUTw3IrucIUylo%3D&reserved=0<https://lists.gnucash.org/mailman/listinfo/gnucash-user>
> > > -----
> > > Please remember to CC this list on all your replies.
> > > You can do this by using Reply-To-List or Reply-All.
> > > _______________________________________________
> > > gnucash-user mailing list
> > > [email protected]
> > > To update your subscription preferences or to unsubscribe:
> > > https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.gnucash.org%2Fmailman%2Flistinfo%2Fgnucash-user&data%7C02%7C%7Cc14ced37c9564d7eaaf808de56cceb34%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C639043635270352101%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=X9zLD8gO1CC0yidrWWNYMGFceZ69HDtd%2F5AIBvGwBMQ%3D&reserved=0<https://lists.gnucash.org/mailman/listinfo/gnucash-user>
> > > -----
> > > Please remember to CC this list on all your replies.
> > > You can do this by using Reply-To-List or Reply-All.  
> > 
> > _______________________________________________
> > gnucash-user mailing list
> > [email protected]
> > To update your subscription preferences or to unsubscribe:
> > https://lists.gnucash.org/mailman/listinfo/gnucash-user
> > -----
> > Please remember to CC this list on all your replies.
> > You can do this by using Reply-To-List or Reply-All.
> > 
> >   
> 
> -- 
> Robert Heller             -- Cell: 413-658-7953 GV: 978-633-5364
> Deepwoods Software        -- Custom Software Services
> http://www.deepsoft.com/  -- Linux Administration Services
> [email protected]       -- Webhosting Services
>                 
_______________________________________________
gnucash-user mailing list
[email protected]
To update your subscription preferences or to unsubscribe:
https://lists.gnucash.org/mailman/listinfo/gnucash-user
-----
Please remember to CC this list on all your replies.
You can do this by using Reply-To-List or Reply-All.

Reply via email to