Composers Desktop Project Forum

Hi, There is not a specific tutorial for Tabula Vigilans apart from the Manual itself.  The example scripts included with the distribution were considered to be the tutorial element.  I have been working sporadically on assembling all the scripts that Richard Orton wrote and placing additional explanatory comments in them.  This query about tutorial material urges me to complete this task and publish the results.  Archer

Hello,  Thank you for your query about PVOC usage.  The references to pre-Release 4 usage flags were put there at the time of Release 4.5 in order to alert existing users at the time to the changes.  These references are now completely redundant and the current usage and descriptions are the ones to be followed.  I will recommend that the yes, confusing, references to pre-Release 4 usage be removed from the Manual.  I myself just use the default settings, so the command lines are very simple, e.g., pvoc anal 1 infile.wav outfile.ana and pvoc synth infile.ana outfile.wav.

As to the query about frequencies and amplitudes v. phase shifts and amplitudes, I will have to check with the experts on this before replying.  To be continued.

Having looked into this question a bit further, it seems clear that the self-extracting installer for CDP (PC version) has triggered false positives in some anti-virus software. In response, we've created zip-file alternatives: the "FULL" zip includes the offline CDP documentation, while the "LITE" zip is the same but without the documentation (which can be accessed online).  In addition, there is a Soundshaper-only version. These files can be downloaded from here: www.soundshaper.net/dloads.html#CDPZIP 

In each zip, there is a folder CDPR8 which contains everything you need and should be copied to a location of your choice (with a few caveats) and can be renamed as you wish. The CDP programs themselves are housed within a subfolder _cdprogs where they must remain for the correct operation of either GUI.

We think the AV software is probably reacting to the self-extracting exe used for setup. I looked at the individual exe files inside the distribution and a random selection of the CDP ones scored completely "clean", as did Soundloom. Soundshaper,exe upset just one of the AV programs, which saw it as a PUP - Potentially Unwanted Program (same as PUA).

We'll probably switch to a disk-image ISO or a plain zip file, but this will mean revising the installation notes, which can't be done until after next week.  I'll post again when completed.

ooooo this is fascinating! I had not even considered that a "deep learning" approach was being used in detection nor how much it departs from the "conventional" approach. It makes sense to want to be able to catch a threat before it is known, but on the other hand you get this which I pulled from that support doc you linked: "However, due to the algorithmic nature of machine learning, it's not possible to identify why a false positive may have occurred."

Which seems important to our discussion here. There is a clear tradeoff between security (or sense of security) and control or even knowing. I am very interested to learn more!

To add a little more to this important investigation:

The reference to "PUA..." in the Sophos instance is explained by them here:

https://support.sophos.com/support/s/article/KBA-000004926?language=en_US

I find it interesting (not least as I used Sophos for all AV checking when I had a free account through Bath University; I now use McAfee) that they refer to their "Deep Learning" system. This is of course the modern AI approach, which is by its nature statistical, rather than the "conventional" AV paradigm of comparing against a database of known threats. On that page "PUA" means "Potentially Unwanted Application" (especially in the context of a "business netowrk") - which looks to me remarkably like the Gatekeeper system on the Mac for checking uncertificated downloads - and for which we document a standard workaround.

We are of course continuing to look at this, and will report here as and when.

Hi! Yes I agree that the Lite shouldn't have even more flags. I scanned it as a comparison and assumed it would have less or nothing. But to your original point, could all be false positives. Truth be told, I am using a work laptop, hoping to mess around on my down time, so I'm playing it safe not to hose up my machine! But I have a Mac laptop and over the weekend I want to get this going on that machine. Again thank you for the time and support!

edit: re-read your reply and yes I see now that places like Kaspersky and McAfee and many others all passed it as safe. So that is significant.

Thanks for this analysis. We'll try to follow these up. Two thoughts though: (1) I've not heard of any of the programs that found fault with the files - all the well-known anti-virus packages seem to pass them. (2) it's hard to believe that the Lite zip would be seen as more malicious than the full one, though, given that it has far fewer files - it's exactly the same as Full less the CDP Documentation, so that doesn't add up somehow.

Hi Robert!

Ok thanks for your continued support on this.

I downloaded the full windows zip again, same threat got flagged, which makes sense, so I decided to run the file itself through VirusTotal. I think these links are static, so here are the reports for the full windows zip, the lite windows zip, and the mac:

Full: https://www.virustotal.com/gui/file/ef2903e12683197ef066b2316965e9e7aa9e51392597a47a46cfd5278ad3edc9/detection

Lite: https://www.virustotal.com/gui/file/3c21d7d39daf4bbea85bd25831af6c7c4c399d8a5ed6c398c2fbbe984d330cd7

Mac Full: https://www.virustotal.com/gui/file/e3326d1354f449ce7069fe616e2d6d552d798a922b246fea9b2e3f424d0af36f

(LMK if those links don't work or if I inserted them incorrectly)

You are the developed, I do trust you. I merely want to share my findings so you can either dispel or investigate if needed. Based on the reports, and maybe they are false positives, but I feel best with the Mac install (which had no flags).

I am committed to using this software! I hope I can help in some way, not hinder, bother, or annoy.

Best

Hi,
It's always better to be safe than sorry. I'll just add that if by any change there IS a virus in my machine, it's certainly not done any damage so far. Not to my files anyway. Also, I develop Soundshaper on a separate PC that is never connected to the internet, to keep it as clean as I can.

Robert