Issues downloading WorkFlowy application
I tried to download the Windows application (using Edge browser) and hit some issues.
In the download bar I was warned that this file was not safe. So I had to select to keep the file anyway.
When opening the file another dialog popped up saying that this file was not safe. And the only button was to close. In order to continue I had to click on a text link in the message and choose to continue anyway.
In all this it said the the file was from some company with "fun" in the title (don't remember exactly).
Please fix this. I almost didn't install the application and this in the combination of lack of two-factor authentication makes me doubt the application as a whole.
-
Hi Martin,
This is a relatively new issue we've been trying to figure out – why Windows defender, etc. are picking up on WorkFlowy as being malicious. This is worrisome.
As far as the company... It's registered as "Funtime Routine". Probably a tad more serious than the name "WorkFlowy"...
-
When I click the download link, the following appears at the bottom of Edge window.
I click on Open, and it changes to this:
I click the three dots, and this menu shows:
I select Keep and this dialog shows:
I click Show more:
I click on Keep anyway and another dialog shows:
I click on More info:
Then this will finally run the installer.
When you are downloading and installing WorkFlowy, that is the name you expect to see. Like "WorkFlowy Inc.". And seeing a name such as "funroutine" is not really instilling confidence when all this happens. To me that name sounds like a joke and my first thought was that this is maleware or a trojan horse disguising itself as WorkFlowy.
-
Hmmm, we don't intend for "FUNROUTINE" to be a joke :-(, although the confusion is understandable. It's like Google's "Alphabet Inc."... except they are more recognizable.
The download does come directly from our site, so that does help... but as I mentioned, we are looking into this. What would help, though, is if users like yourself would click on the "report this file as safe" option when downloading.
-
I used Chrome but got identical (or nearly identical) messages. In case it helps, I'm using:
Edition Windows 10 Home
Version 20H2
Installed on 3/20/2021
OS build 19042.867
Serial number *******
Experience Windows Feature Experience Pack 120.2212.551.0
Fwiw, the "FUNROUTINE" name really must be changed. I thought immediately it was malware as well. -
It comes off as unprofessional to use a name for your binaries that doesn't appear on your website.
It comes off as very unprofessional to ask your potential customers to verify that your products are safe. (I mean, really, buy a signing certificate from a Microsoft approved vendor and this will all go away.)
Is comes off as extremely unprofessional to have your users ask for two-factor authentication for YEARS and only implement it AFTER you've been breached.
-
Hi Martin,
All points noted. I had actually asked our CEO previously about changing this (FUNROUTINE) and he explained that it was not possible. We have had WorkFlowy shared lists be used for phishing purposes and when users have written in we have taken down the offending accounts immediately. I am told that this is the reason we're being flagged as malicious software. Our CEO has reached out to to Microsoft and Apple to find out about a solution. It is not something that is on our control at this very minute. We don't expect our users to jump through hoops and we understand it may be frustrating, however, my job is to try and offer workable solutions in the immediate. WorkFlowy itself was not breached. We had a credential stuffing attack and took immediate action. the 2FA point it well taken and on behalf of WorkFlowy I appologise yet again. We are being pragmatic moving forward... and we would love for you to join us!
-
Hi Frank,
Just have the issue on Win11.As you said, I don't feel inconfortable with the FUNROUTINE signature, developer often differs from product name and FUNROUTINE is easily linked with Workflowy using Google.
However people don't like to have that kind of Windows prompt.
May I suggest the "Windows App Certification Kit" to be listed on the Windows store, or maybe just a sha256sum to reassure your users?
Thanks,
Nicolas.
Please sign in to leave a comment.
Comments
12 comments