cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
To help support our community and customers during the outbreak of Coronavirus (COVID-19), LogMeIn is providing free Emergency Remote Work Kits for Health Care Providers, Educational Institutions, Municipalities, Non-Profit organizations, and current LogMeIn customers. For more information please visit https://www.gotomeeting.com/work-remote
Highlighted
LogMeIn Contributor

Re: Published binary file hashes

I am sorry, @DVIT .  We can't change the way GoTo services operate to accomodate this one vendor. 

 

You may reach out to Cyclance as a paying customer, and tell them this URL opened in a browser on Windows would deliver the LMI-signed windows binary “GoTo Opener.exe” that could be audited and whitelisted by Cylance: https://launch.getgo.com/launcher2/helper?token=g2m&downloadTrigger=download

 

Hopefully they can create a GoTo whitelist from their side to address the blockage.

Highlighted
Active Contributor

Re: Published binary file hashes

When I last checked the issue seemed to be that GotoWebinar is completely different than GotoMeeting in its behavior.  LogMeIn employees were unable to grasp this concept and would insist they are the same, even when they are completely different in their work flow.  For example, there is a web page for testing GotoMeeting, but not GotoWebinar...to say nothing of the program changing every time it is downloaded.  Does LogMeIn not relalize this is a hallmark of a bad program? 

 

I am surprised other antivirus vendors are not whacking it too, unless they have LogMeIn software an approved list where they blindly trust your company to not publish malware alongside your program, which is bad given how many companies do evil things while claiming to be good...just look at several of the "free" antivirus programs that were found to be doing bad things in recent weeks.

 

I hope Cylance can figure out something without reducing the security of its platform since it is looking at the .EXE file to see what sketchy things the author of the program has done.  We have only had a couple of other false postiives due to similar bad programming (your .EXE looks like the bad programs of every other ransomware maker).  Every other program out there where this might happen, allows me to calculate the SHA256 hash and mark it as safe.  With a binary that changes every time it is downloaded that is just not possible.

 

 

 

Highlighted
New Contributor

Re: Published binary file hashes

What an utter insult.  This is not about 'accomodating one vendor.'  We are operating on a different platform, CarbonBlack Protection, and we are also enduring a struggle with SHA-256 hashes that change constantly, even on .exe downloads conducted seconds apart from each other.

What LogMeIn apparently fails to realize is that security postures around the world are becoming more aggressive and pro-active.  Organizations are white-listing software rather than waiting for malware to hit and THEN blacklisting it.  If the alternative to getting hit by ransomware is going to another remote support tool, we'll take that option all day.  Get with the times.

Highlighted
New Contributor

Re: Published binary file hashes

Has anything been resolved between G2M and Cylance?  I tried calling the LogMeIn service desk for exclusion paths/files and they had no idea what I was talking about.  "Safe"ing these files in Cylance is overly tedious, considering i will get 20+ unassigned files each time a meeting starts.  There needs to be a better solution.

Highlighted
Active Contributor

Re: Published binary file hashes

I have been told the next release from Cylance will correct the issue.

 

LogMeIn does atleast sign their software.  So the only option I can see would be to setup policies so that Cylance trusts the LogMeIn certificate that is used to sign their software.  I would rather not do this, but their employees don't even seem to know they have GotoMeeting and GotoWebinar with completely different designs.  GotoWebinar behaves just like many viruses...