Add comprehensive security documentation and false positive mitigation

Author: PixelCode01

.github/workflows/build-release.yml

@@ -163,6 +163,41 @@ jobs:
         echo "Release files prepared:"
         ls -la release/
 
+    - name: Generate file hashes
+      run: |
+        cd release
+        echo "# File Verification Hashes" > HASHES.md
+        echo "" >> HASHES.md
+        echo "Use these SHA256 hashes to verify file integrity:" >> HASHES.md
+        echo "" >> HASHES.md
+        
+        for file in *; do
+          if [ -f "$file" ] && [ "$file" != "HASHES.md" ]; then
+            hash=$(sha256sum "$file" | cut -d' ' -f1)
+            size=$(stat -c%s "$file")
+            echo "**$file**" >> HASHES.md
+            echo "- SHA256: \`$hash\`" >> HASHES.md
+            echo "- Size: $(printf "%'d" $size) bytes" >> HASHES.md
+            echo "" >> HASHES.md
+          fi
+        done
+        
+        echo "## How to verify:" >> HASHES.md
+        echo "" >> HASHES.md
+        echo "**Windows (PowerShell):**" >> HASHES.md
+        echo "\`\`\`powershell" >> HASHES.md
+        echo "Get-FileHash -Algorithm SHA256 android-bloatware-remover-windows.exe" >> HASHES.md
+        echo "\`\`\`" >> HASHES.md
+        echo "" >> HASHES.md
+        echo "**Linux/Mac:**" >> HASHES.md
+        echo "\`\`\`bash" >> HASHES.md
+        echo "sha256sum android-bloatware-remover-linux" >> HASHES.md
+        echo "shasum -a 256 android-bloatware-remover-macos" >> HASHES.md
+        echo "\`\`\`" >> HASHES.md
+        
+        echo "Generated hashes:"
+        cat HASHES.md
+
     - name: Create Release
       uses: softprops/action-gh-release@v2
       env:
@@ -175,10 +210,14 @@ jobs:
           
           Standalone executables for Windows, Linux, and macOS.
           
+          ### ⚠️ Windows Defender False Positive
+          Windows Defender may flag the executable as a virus. This is a **false positive** common with PyInstaller executables. The tool is completely safe - all source code is open and auditable. See [SECURITY.md](https://github.com/PixelCode01/UIBloatwareRegistry/blob/main/SECURITY.md) for details and solutions.
+          
           ### Download Instructions:
           - **Windows**: Download `android-bloatware-remover-windows.exe`
           - **Linux**: Download `android-bloatware-remover-linux`
           - **macOS**: Download `android-bloatware-remover-macos`
+          - **Verification**: Download `HASHES.md` to verify file integrity
           
           ### Usage:
           1. Download the appropriate executable for your operating system
@@ -201,6 +240,14 @@ jobs:
           
           ### Test Mode:
           Run with `--test` flag to try without a connected device.
+          
+          ### Alternative Installation:
+          If you prefer to avoid the executable, run from Python source:
+          ```bash
+          git clone https://github.com/PixelCode01/UIBloatwareRegistry.git
+          cd UIBloatwareRegistry
+          python main.py
+          ```
         draft: false
         prerelease: false
         files: release/*

README.md

@@ -20,7 +20,7 @@ Your phone comes with tons of apps you never asked for. This tool helps you get
 - Motorola (My UX)
 - Nothing (Nothing OS)
 
-## Quick Download (Recommended)
+## Quick Download
 
 **Download standalone executable** - No Python installation required!
 
@@ -31,6 +31,8 @@ Your phone comes with tons of apps you never asked for. This tool helps you get
    - **Mac**: `android-bloatware-remover-macos`
 3. Run the executable directly!
 
+**Note**: Windows Defender may show a false positive. See [SECURITY.md](SECURITY.md) for details.
+
 ## Manual Setup (Advanced)
 
 1. **Install ADB**
@@ -111,8 +113,12 @@ Proceed? (yes): yes
 
 Found a bug? Want to add support for your phone brand? Check out [CONTRIBUTING.md](CONTRIBUTING.md).
 
-## Warning
+## Important Notes
+
+### Windows Defender False Positive
+Windows Defender may flag the executable as a virus. This is a **false positive** common with PyInstaller executables. The tool is completely safe - all source code is open and auditable. See [SECURITY.md](SECURITY.md) for details and solutions.
 
+### Safety Warning
 This tool modifies your phone's software. We're not responsible if something breaks. Use common sense and make backups.
 
 ## License

SECURITY.md

@@ -0,0 +1,104 @@
+# Security Information
+
+## Windows Defender False Positives
+
+### Why does Windows Defender flag this as a virus?
+
+This is a **false positive** that commonly occurs with PyInstaller executables. Here's why:
+
+1. **PyInstaller behavior**: PyInstaller bundles Python and all dependencies into a single executable, which can trigger heuristic detection
+2. **Unsigned executable**: The executable isn't code-signed with a certificate, making Windows more suspicious
+3. **ADB interaction**: The tool interacts with ADB (Android Debug Bridge), which antivirus software may flag as suspicious
+4. **New executable**: Windows Defender is more likely to flag new, uncommon executables
+
+### Is it actually safe?
+
+**Yes, it's completely safe.** Here's how you can verify:
+
+1. **Source code is open**: All source code is available in this repository for inspection
+2. **Build process is transparent**: GitHub Actions builds are public and auditable
+3. **No network activity**: The tool only communicates with your connected Android device via ADB
+4. **No system modifications**: Only removes apps you explicitly select
+
+### How to use safely
+
+#### Option 1: Add Windows Defender Exception
+1. Open Windows Security
+2. Go to "Virus & threat protection"
+3. Click "Manage settings" under "Virus & threat protection settings"
+4. Click "Add or remove exclusions"
+5. Add the downloaded executable file
+
+#### Option 2: Use Python Source (Recommended for paranoid users)
+Instead of the executable, run from source:
+```bash
+git clone https://github.com/PixelCode01/UIBloatwareRegistry.git
+cd UIBloatwareRegistry
+python main.py
+```
+
+#### Option 3: Build Your Own Executable
+```bash
+git clone https://github.com/PixelCode01/UIBloatwareRegistry.git
+cd UIBloatwareRegistry
+pip install pyinstaller
+python build_spec.py
+pyinstaller android-bloatware-remover.spec
+```
+
+### Verification Steps
+
+1. **Check file hash**: Compare with hashes provided in releases
+2. **Scan with multiple engines**: Use VirusTotal.com to scan with 60+ antivirus engines
+3. **Review source code**: Inspect the code before running
+4. **Test in VM**: Run in a virtual machine first if concerned
+
+## Reporting Security Issues
+
+If you find a legitimate security issue, please:
+
+1. **Do NOT** open a public issue
+2. Email security concerns to the repository owner
+3. Provide detailed information about the vulnerability
+4. Allow time for the issue to be addressed before public disclosure
+
+## Code Signing
+
+We are working on implementing code signing to reduce false positives. This requires:
+- Purchasing a code signing certificate
+- Setting up automated signing in the build process
+- Establishing trust with certificate authorities
+
+## Best Practices for Users
+
+1. **Always download from official releases**: Only download from GitHub releases page
+2. **Verify checksums**: Compare file hashes when provided
+3. **Use test mode first**: Run with `--test` flag to verify functionality
+4. **Keep backups**: Always backup your device before removing apps
+5. **Review what you're removing**: Understand each package before removal
+
+## Technical Details
+
+### What the tool does:
+- Connects to Android devices via ADB
+- Lists installed packages
+- Removes selected packages using `adb shell pm uninstall`
+- Creates backup files locally
+- Logs operations for troubleshooting
+
+### What the tool does NOT do:
+- Access the internet (except for ADB communication)
+- Modify system files on your computer
+- Install anything on your computer
+- Send data to external servers
+- Access personal files or data
+
+### ADB Commands Used:
+```bash
+adb devices                           # List connected devices
+adb shell getprop ro.product.brand    # Get device brand
+adb shell pm list packages            # List installed packages
+adb shell pm uninstall --user 0 <pkg> # Remove package
+```
+
+All commands are standard ADB operations used by Android developers worldwide.

generate_hashes.py

@@ -0,0 +1,59 @@
+#!/usr/bin/env python3
+"""
+Generate SHA256 hashes for release files
+"""
+
+import hashlib
+import os
+import sys
+
+def calculate_sha256(file_path):
+    """Calculate SHA256 hash of a file"""
+    sha256_hash = hashlib.sha256()
+    try:
+        with open(file_path, "rb") as f:
+            for chunk in iter(lambda: f.read(4096), b""):
+                sha256_hash.update(chunk)
+        return sha256_hash.hexdigest()
+    except FileNotFoundError:
+        return None
+
+def main():
+    """Generate hashes for release files"""
+    files_to_hash = [
+        "dist/android-bloatware-remover.exe",
+        "dist/android-bloatware-remover"
+    ]
+    
+    print("# File Verification Hashes")
+    print()
+    print("Use these SHA256 hashes to verify file integrity:")
+    print()
+    
+    for file_path in files_to_hash:
+        if os.path.exists(file_path):
+            hash_value = calculate_sha256(file_path)
+            file_size = os.path.getsize(file_path)
+            print(f"**{os.path.basename(file_path)}**")
+            print(f"- SHA256: `{hash_value}`")
+            print(f"- Size: {file_size:,} bytes")
+            print()
+        else:
+            print(f"File not found: {file_path}")
+    
+    print("## How to verify:")
+    print()
+    print("**Windows (PowerShell):**")
+    print("```powershell")
+    print("Get-FileHash -Algorithm SHA256 android-bloatware-remover-windows.exe")
+    print("```")
+    print()
+    print("**Linux/Mac:**")
+    print("```bash")
+    print("sha256sum android-bloatware-remover-linux")
+    print("# or")
+    print("shasum -a 256 android-bloatware-remover-macos")
+    print("```")
+
+if __name__ == "__main__":
+    main()