I wonder if anyone recognizes the icons in this screenshot I’ve boxed in red that look like a recycling symbol?
They suddenly attached themselves to the left of multiple sliders in my Grasshopper Definition, after I pasted in a 25 kb definition ThickenMesh that I (unwisely) downloaded at 18:37 from elsewhere.
I now suspect it contained malware. My Rhino 7 was damaged and I reinstalled it (I suspect it’s currently damaged again). Large chunks of Grasshopper are currently missing. I don’t remember installing “Fologram” that appeared on Grasshopper Menu Bar.
Has anyone edited the contents of the Rhino Library folder?
The top four files stamped 18:39 are when the trouble started. The cloudzoo files were my reinstall and the last four files may be suspect.
I’m inclined to delete at least some of the files shown in the above screenshot but before doing so, would prefer comment please from someone more knowledgable.
Certainly it provided Instant mixed reality experiences !
I cleared up the wreckage in the Library and User Objects and was up and running again quickly.
I’ve never encountered a problem with downloading a Definition from this forum.
I thought I’d be okay in downloading from a Next Lab Maker Space webpage and part of the University of Melbourne. But I was wrong.
My impression now, is that the Definition (to thicken an edge with Grasshopper) linked at the foot of a particular webpage has at some point been unwittingly or deliberately doctored in some way.
Once downloaded and attempting to use, then it must have generated a further, bigger download and an unexpected and unwanted install of Fologram. Which caused me a lot of mayhem. If it’s any kind of attempt at viral marketing, it’s not going to win friends. It also puts a question alongside Fologram in any event.
I can provide the link if anyone wants to try to analyze it, but they would do so at their own risk!
Reminds me of a GH file someone posted on the forum that included C# and Python bits to “permanently” modify GH settings to conform to their company’s standard practices So rude!
One of the Fologram developers here hoping to clear up any confusion. I think this is the first time someone has thought our plugin is malware so it’s a new and exciting kind of user issue to deal with. Also, thanks for showing us centrapay - they have had the same idea to make a very simple logo but we are in no way affiliated with them.
We certainly don’t maliciously install our plugin. However, if the definition you are referring to is this one: Thicken a Mesh with Grasshopper | NExT Lab then it contains a component from the Fologram for Grasshopper Utilities Plugin and you would have been prompted to install these components when you first opened the definition.
Usually if someone is installing our plugin they want those little buttons that look like recycling symbols next to all of their sliders, as this is how you can specify which parameters in your definition you want to control in mixed reality. If you don’t want to see those buttons because you’re not using Fologram you can disable them with the Sync XR Parameters option in the Fologram menu.
Generally speaking. You shall not download code from somewhere else and execute it blindly. Always lock the solver. You can automatically scan definitions for custom code:
This is not bulletproof, but its better than nothing.
Other than that, always question the value of a dependency. Developers can also break your system unwillingly or introduce malware through introducing compromised dependencies. Most plugin developers are not professional software engineers, and might not even notice that they break a system.
Yes, that is the web-page from which I downloaded the Definition. Initially, I thought that the effects of attempting to use that Definition reflected a full-blown virus.
It was @Joseph_Oster who helpfully noted CentraPay and who provided the lead that identified Fologram. I then understood that this Definition might not be as malignant as I first feared.
That Definition is billed as just 24 Kb. The problem is, that what can be triggered is a 16 Mb download and is wholely unexpected and probably unwanted. And in my experience, damaging.
Given that that particular file is linked to Folgram, or a component of Fologram or fragments of Fologram, can I invite you to consider contacting that web-site with a view to removing such linkage?
I think you did not understand the problem. This is a feature of Rhino/GH. When you open a definition which uses a 3rd party plugin, you can choose to download the missing components using the package manager. Anyone can post definitions on the internet using 3rd party plugins. You can’t do anything against it as a plugin developer.
That your system got damaged is a different problem. Therefore for the developers it might be interesting to know on which OS and Rhino version you were doing this.
Btw, I would never download a plugin in this case. I mean McNeel scans any plugin before putting it into the package manager. But I personally would not trust it.
But is it reasonable to expect a Definition to thicken a mesh, to be laced with something unrelated?
A lesson learned.
It was Grasshopper that was damaged rather than the OS as a whole, which was my initial fear. MalwareBytes and VirusBarrier Scanner detected nothing awry.
I’m running Rhino 7.37 (etc) (2024-04-16) on MacOS 10.14.6 (AKA Mojave). On top of a Mac Pro 2012.
So rude!
but we are in no way affiliated with them.
