This will be my only post on this issue. Take it for what it is worth, I cannot validate the information, nor will I respond to questions. I'm only passing it along.

The cybersecurity section of my company blocked the use of SMath because, as they reported:

1. Andrey Ivashov is a software author known for producing other software that makes malicious connections. (This is hosted in Russia, written by a Russian apparently.)

2. Running v1.0.8151 (v1.0 build 8151) in a test environment shows that connections to sites / servers considered malicious do happen. This was observed during install, and presumably after install as well.

Andrey is suspected of writing malware or spyware, and SMath is suspected of being malware or spyware.

I don't know:
- what the connections considered malicious are
- what the connections do (what is installed / downloaded)
- if the behavior happens post-install (presumably it does if no connection is present during install)
- if these connections are flagged correctly or incorrectly

If not intended, perhaps someone can comment on what these connections are for the sake of transparency. In the best case, revise the software to remove these connections. Whatever they are, apparently they are common functions to more software Andrey writes than just SMath.

If it is intended, well I guess this post won't stay up for long.

1. Andrey Ivashov is a software author known for producing other software that makes malicious connections. (This is hosted in Russia, written by a Russian apparently.)
Andrey is suspected of writing malware or spyware, and SMath is suspected of being malware or spyware.
Your Company Cybersecurity dines bottom up, like ducks.
Damnely insulting from Russophobia !

I take this with a grain of salt as there isn't any evidence or report provided with this post. That being said, I've been a part of this community for some time and I cannot recall any significant discussion on this topic in the past. I've had some issues, and others have reported issues in the past, with virus scanning software when generating Smath Viewer .exe files (I understand the reasons for this), but never with the Smath executable itself.

Can anyone in this community independently corroborate or refute this claim?

For what it's worth, years ago I did work for a large corporation where I had to have SW like this evaluated by I.T. before I could install it on my machine. At that time, there were not any issues reported and I was given the green light, but I also do not know the level of rigor applied to the security audit they performed and didn't have to re perform audits with software updates.

Do you know of any american software or OS to which these doubts don't apply?
Double standards as usual.

Wrote

I don't know:
- what the connections considered malicious are
- what the connections do (what is installed / downloaded)
- if the behavior happens post-install (presumably it does if no connection is present during install)
- if these connections are flagged correctly or incorrectly

The first line says it all...
I am using this wonderful software since a decade and it is one of the most straightforward and transparent softwares I know. All versions are still available for download and it works offline absolutely perfectly. This claim packaged in suitable deniability ("I will not anser any question") is ludicrous.
By the way I also have a good antivirus that does detect suspicious connections from time to time, and it never rang the alarm for smath studio.
Thanks to the brilliant and generous Andrey Ivashov, and to the wonderful, creative and generous community he has initiated around Smath Studio.
Laurent Fournier
Kolkata

"connections to sites / servers considered malicious" would be a silly move and it would tank the project.
Anyone can monitor its own traffic with simple and free tools, it would be noticed quite rapidly and since there are other channels other than the forum, there is no way to hide it.
If you check it, you'll notice that SMath contacts smath.com, because it check for updates (check the "Don't check for updates" and you'll see that no connections are done in this case).

While you search for "Andrey Ivashov malware" on google, the only page that has some content with "malicious activity" is on any.run, and that page say nothing useful other than "msiexec.exe rewritten" and "No threats detected" at the bottom of the page.

I mean, you can't trust anything nowadays, closed-source or open-source, but that cybersecurity department seems either very strict or a little bit shallow.

Quote

Andrey Ivashov is a software author known for producing other software that makes malicious connections. (This is hosted in Russia, written by a Russian apparently.)

Sure, I'm Russian, so I can create only malware or spyware. It's obvious. Nothing to talk about.

Regarding connections, SMath Studio connects only to smath.com, only via HTTPS and only for two reasons:
1) To check if updates are available (can be disabled in Extensions Manager > Software).
2) To authenticate user (not actual if user is not using his/her account or logged in using offline method).

With love to everyone,
Andrey Ivashov from Russia.

Hi Andrey, when i try to create some exe with smath viewer, bit defender flagged the archive with Gen:Variant.Tedy.173443

It's only occur with smath viewer

Best regards

Wrote

Hi Andrey, when i try to create some exe with smath viewer, bit defender flagged the archive with Gen:Variant.Tedy.173443

It's only occur with smath viewer

Hello.

It's false positive.
I would recommend you to try to disable compression of the output file (an appropriate checkbox available in the dialog before output file is generated).
It may help.

Best regards.