Changelog (1.25.9) | Defender Mitigation
This release is dedicated to Windows Defender. I'll try to keep it short.
In the past week alone, I've seen over 300 reports of false positive virus detections
affecting users. At peak, around 4 issue reports an hour.
This is because Defender suddenly started flagging a small part of Reloaded related to DLL Injection
that I wrote (and haven't changed at all) in almost 4 years.
This was not easy for anyone. I respond to all issues, usually within 10 minutes if awake.
Likewise, volunteers in game specific modding servers also take their time out of their day to help
troubleshoot users' issues. It was a heavy burden on everyone.
This was Rough
As this coincided with 2 game releases, where people starting Reloaded, the timing could not have been
any more unfortunate. Many new users had to experience an absolute trainwreck of a first impression;
whether it be due to defender, some longstanding rare bugs, or silent antivirus treatment.
Worseover, I could not even fix these bugs. Because the virus detections were made by the 'machine learning'
side of Defender, releasing ANY UPDATE AT ALL means that 1000s of users would get new false positives.
Dolphin Emulator was in the same predicament a few years ago.
This was a result of the releases not being 'deterministic', the files in each Reloaded build/version
would change, even if the code didn't, and Defender would flag it. Reporting a false positive therefore
would be ineffective; defender would see it as a 'different file'. I COULD NOT RELEASE ANY UPDATES AT ALL.
Needless to say, the situation was so dire, I booked a day off work and spent around 50 hours this week
so far towards fixing the issue (10+ hours per day). I've spent almost every hour of every day out
of my bed getting this resolved.
So what's been done so far to mitigate this issue?
Replaced DLL Injection logic
R2 now uses my fork of dll-syringe, a Rust library based
on my old Reloaded.Injector.
Extra care has been taken to ensure this hopefully works as expected.
For the people running on Linux, I've even found, reported and worked around two new WINE bugs
#56357, #56362.
Hopefully, by replacing the entire DLL Injection logic, we can avoid any false positives for the time being.
I pray the next build does not give people false positives.
Note: The work there is not 'Reloaded3 Quality' yet, notably, performance wise.
The library is 300kB, when it could be ~40kB (unacceptable!!), and error handling could be better.
But it's good enough for a hotfix release. In the coming weeks, hopefully, I'll polish the rest up.
Deterministic Builds
I've made as many components of Reloaded-II as deterministic as possible. If the code doesn't change,
the actual files in the releases won't change.
This hopefully means that if a file gets a false positive virus detection, releasing an update won't
cause it to be flagged again.
Download Loops
Note
Historically this has been a very rare occurrence, but has been sighted more commonly recently.
Some people get stuck downloading dependencies. This usually manifests itself as a download window
appearing and disappearing endlessly on loop.
For the time being, I've added 'bare minimum' workaround. If Reloaded gets stuck, in a loop, it'll
inform you what it's failing to download, and ask you to install manually.
It's a very awful hack, but it's the best I can do for now. I could never reproduce this issue myself,
so fixing it is a shot in the dark. I'll eventually need to borrow someone inflicted by this bug.
That's All
In the future, say, with Reloaded3, I may invest in code signing certificate (i.e. legal form of
extortion to avoid false positives), but for now, I'm doing what I can.
I'm sorry for the inconvenience caused, and I want to thank all the volunteers who helped out with troubleshooting.
I'm aware some other issues are still present, I hope to get to them soon. However, I'm just a single
person, and there's only so much I can do...
Note
Most big modding frameworks/loaders/managers are maintained by teams of people. Unfortunately, I'm not that fortunate, it's all done solo here.
Complete Changes
1.25.9 - 2024-02-25
Merged
Commits
- Changed: Builds are now reproducible (except for Launcher)
0a7dd9b - Changed: DLL Injector to use in-progress version of https://github.com/Sewer56/dll-syringe
26d0f2d - Updated: Changelog with Release Info
c82c550 - Added: Temporary hack (error) for download loops.
fd0a495
====