diff --git a/Security.md b/Security.md index 2ee98bd..b9a43ff 100644 --- a/Security.md +++ b/Security.md @@ -1,20 +1,20 @@ ## Administrator Privileges -Administrator privileges are required in order to build PhoenixPE. This is due to the fact that PhoenixPE uses the [PEBakery](https://github.com/pebakery/pebakery) engine, and many PE building tasks require elevated privileges for image handling, and file/registry access. +Administrator privileges are required in order to build PhoenixPE. This is due to the fact that PhoenixPE uses the [PEBakery](https://github.com/pebakery/pebakery) engine, and many PE building tasks require elevated privileges for image handling and file/registry access. -Keep in mind that any scripts or applications you run with PEBakery/PhoenixPE will also be executed as administrator and have full access to your computer. Use common sense and good judgement and **do not download or run scripts from sources you do not trust**. Security is your responsibility. +Keep in mind that any scripts or applications you run with PEBakery/PhoenixPE will also be executed as administrator and have full access to your computer. Use common sense and good judgment and **do not download or run scripts from sources you do not trust**. Security is your responsibility. ## Anti-Virus False Positives -PhoenixePE uses a variety of 3rd party software and includes support for including many 3rd party applications, including system/security applications and password recovery tools in your build. +PhoenixePE uses a variety of 3rd party software and includes scripts for including many 3rd party applications, including system/security applications and password recovery tools in your build. -Some Antivirus/Antimalware software may detect legitimate software as a virus/Trojan/potentially unwanted program (PUP). These detection's are false positives. Do not bother reporting them to PhoenixPE developers unless you have a detailed analysis written and signed by a real-life person working for the antivirus software company or reputable security research organization. **Violations of this rule will result in your issue/post being closed/locked/ignored** and you will be pointed to this entry without further explanation. +Some Antivirus/Anti-malware software may detect legitimate software as a virus/Trojan/potentially unwanted program (PUP). These detection's are false positives. Do not bother reporting them to PhoenixPE developers unless you have a detailed technical analysis written and signed by a human employee working for the antivirus software company or reputable security research organization. **Violations of this rule will result in your issue/post being closed/locked/ignored** and you will be pointed to this entry without further explanation. ### What can I do? -If you encounter a False Positive you must choose either to not to use the application, or if necessary, add an exception for the program in your Anti-virus software. As with anything on the Internet, you should exercise good judgement. Don't use software/programs you are not familiar with or download software from sources you don't trust. +If you encounter a False Positive you must choose either to not to use the application, or if necessary, add an exception for the program in your Anti-virus software. As with anything on the Internet, you should exercise good judgment. Don't use programs you are not familiar with or download software from sources you don't trust. -Wherever possible PhoenixPE will attempt to download software that is known to cause false positives directly from the author's website in order to ensure the authenticity of the software. You are encouraged to verify file hashes of the downloaded files with those published on the author's website. +Wherever possible PhoenixPE will attempt to download software that is known to fall victim to poorly written or trigger happy anti-virus software directly from the author's website in order to ensure the authenticity of the software. You are encouraged to verify file hashes and/or digital signatures of the downloaded files with those published on the author's website. Please report false positives directly to your Anti-Virus company, it's the only way we can stop this behavior.