Main Area and Open Discussion > General Software Discussion
It's time to do something about these AutoHotkey antivirus false positives
mouser:
I am fed up with these repeated ridiculous false positive antivirus triggers on autohotkey programs.
They help no one, except to the extent that they demonstrate the irresponsibility and laziness of these antivirus programs.
For those who aren't familiar with the problem I will summarize it:
* AutoHotkey is a popular scripting language for MS windows which allows people to write very cool utilities.
* Like any other programming language there is always some idiot that uses the language to write some malware program.
* But unlike other programming languages, the antivirus companies tend to not be familiar enough with autohotkey (or else to lazy to care), and when they find one of these malware programs, they add a new signature to their database which ends up marking EVERY program written in autohotkey as having a virus.
* Eventually after enough people are completely freaked out by the false alarm, and scared to death that they have a virus, and after dozens of complaints from authors, the antivirus company will inevitably remove the bad signature from their database, and things go back to normal (except for the fact that they've scared a number of people off of ever using autohotkey).
* BUT, then a new version of autohotkey comes out, and these damn antivirus companies get amnesia again, and repeat the process all over again right from the start.
* This cycle of false alarms has been going on for a couple of years now and in my opinion it is starting to cause irreparable harm to the autohotkey community.
I keep waiting for these companies to clean up their own mess but they never do.
I'd like to begin a more organized process to petition these antivirus companies to take this issue more seriously and behave more responsibly. I don't know how much effort the official autohotkey developers have spent trying to get this issue addressed -- but this is something that really needs to be solved. Perhaps greater communication with higher up engineers in the antivirus companies can ensure that they have proper ahk signatures of each new version included in their known-safe whitelists which would prevent them from erroneously marking generic ahk scripts as malware.
I'd like to ask ahk users and developers to organize an effort to reach out to the antivirus companies and establish a line of communication and not give up on this until it gets resolved. DC stands ready to help in any way we can.
mouser:
I posted on the ahk forum as well, here: http://www.autohotkey.com/forum/viewtopic.php?p=223437
Deozaan:
My name is Deozaan and I approve of this statement.
jgpaiva:
As an ahk developer, I appreciate your efforts, mouser, but honestly, I don't think there's much to be done...
Your words are very true, more than once I've been put off from updating GridMove because of these false alarms.
Still, it's good to see that more and more people are being critic againts these false alarms and reporting them instead of assuming they're right.
Truth is, while those can distinguish a virus from a stupid warning, many many more just ignore the program.
mouser:
but honestly, I don't think there's much to be done...
--- End quote ---
If i had to guess, i'd say that the problem could be solved by a concerted effort to make the right contacts at the antivirus companies. My guess is that they have whitelisted applications that they test with new virus definitions to avoid false positives. And that the solution is for the AHK main coders to make sure that before releasing a new version of AHK they get it into the hands of the antivirus companies. But this will take some effort on their parts.
Navigation
[0] Message Index
[#] Next page
Go to full version