Main Area and Open Discussion > General Software Discussion
The False Positive and Improperly Rated Site Epidemic
db90h:
There is little software out there that doesn't incorporate other software. They're called libraries or components.
-Renegade (September 24, 2011, 01:41 PM)
--- End quote ---
You are comparing libraries and software components to installer bundles? Come on ... Components/libraries have a FUNCTIONAL PART of the software, installer bundlers are SEPARATE products that are there to get installed into the PC as a separate product (and for commercial purposes, that is why you get paid).
Also, you took my one, non-applicable quote.. thanks for that. That was why I first removed them, but then it became clear how problematic it would be to allow, after long discussions about the issue.
These are the rules. You have the freedom to start your own site. I mean no offense.
Renegade:
It would be far more productive in the long run if 1000 developers of 1000 different products would stick to reporting false positives in their products and not reporting a false positive in some 3rd party bundled product like OC.
Because it is a single false positive and the problem is with OC and not 1000 false positives with the 1000 different products.
It would be far better for those 1000 developers to bang on OC's door and complain about it, then let OC handle the issues with their product.
You, as the developer of one of the 1000 products bundling some 3rd party adware are not in the position to make any changes to that 3rd party software to comply with any requirement that might be needed to resolve the issue (other than removing it from your installer), while OC is in a position to change their product and resolve it. They are the ones that should be complaining if they are upset by what they believe to be a false positive.
And I do not see something containing OC being detected as Adware:Win32/OpenCandy as a false positive. It was identified correctly as OpenCandy. If it were being identified as a Trojan:Win32/Vundo, that would be a FP.
-app103 (September 24, 2011, 01:40 PM)
--- End quote ---
Whether it's OC or whatever is completely irrelevant.
For a bunch of customers to start bugging a component vendor because an AV vendor is incompetent is simply idiotic.
Why further the component vendor's burden when they are already getting screwed by the AV company?
Inform them? Sure. Bitch and cause problems for them? That's counterproductive.
It's much better to have those 1,000 software authors screaming to the AV vendors for their incompetence.
Quite frankly, it's the AV companies that are dropping the ball here. They are the ones that need to be screamed at.
Sure, I'll email a component vendor to let them know that an AV company is incompetent and accusing them of something that they're not guilty of, but I'm sure as hell not going to bitch at them because of something that's not their fault.
The fault lies ENTIRELY with the AV vendors. THEY are the ones that are in error.
Classification is irrelevant to me.
At the end of the day, it's the AV companies that are the guilty parties here.
And I quite frankly don't care about their problems all that much. Yes. I know that it's a hard job. But there's just no excuse for screwing me when I don't want to get screwed.
The more I think about this, the angrier I get.
I've been screwed by the AV companies with false positive across the entire spectrum of *whatever* you want to call a false positive. The end result is the same. I get screwed. I don't like that. Getting screwed is bad.
My sympathy levels for the AV companies is only dropping now... The more I think about it, the more I see that they are simply incompetent, and that they have NO excuse.
It's not that hard to take a detection, quarantine it, and then inform the user that they have a possible infection, and that a more thorough check is being done... Please stand by... We'll return to the regular programming momentarily...
But they don't do that.
If something is detected, sure. Quarantine it. False positive or otherwise. Play safe. But also take into account that you *could* be wrong and do some due diligence.
Renegade:
You are comparing libraries and software components to installer bundles? Come on ... Components/libraries have a FUNCTIONAL PART of the software, installer bundlers are SEPARATE products that are there to get installed into the PC as a separate product (and for commercial purposes, that is why you get paid).
-db90h (September 24, 2011, 01:46 PM)
--- End quote ---
We're not going to see eye-to-eye on this.
Yes. They have a functional part. It's called putting food on the table.
As an independent software vendor (mISV), I have to look at the big picture. I don't have the luxury of looking at one very tiny isolate part.
If my software is labeled malware, for whatever reason, that's a very real problem for me. It's a kind of steak vs. ramyen problem.
For the specific example that I gave that you deleted in your forums, no software is "installed". (We've gone over that issue here in some other thread, and I don't believe that execution is equivalent to installation.)
Also, you took my one, non-applicable quote.. thanks for that. That was why I first removed them, but then it became clear how problematic it would be to allow, after long discussions about the issue.
-db90h (September 24, 2011, 01:46 PM)
--- End quote ---
I'm not sure what you mean there.
These are the rules. You have the freedom to start your own site. I mean no offense.
-db90h (September 24, 2011, 01:46 PM)
--- End quote ---
You can have whatever rules you want at your site. I don't have any problem at all with that. Heck, I think that you can do some very real good.
You've simply limited the discussion to a very narrow band, and I'm just not interested in things that narrow on the topic.
What you're doing is a good thing. But you're simply excluding people in my position. Not that there's anything wrong with that. It's just that I don't really have anything to add to that discussion. I'm more interested in the bigger picture.
And as for starting my own site, that won't happen. I've not found time for it in the last few years, and I doubt that I will any time soon.
Good luck with things. I hope that you can get the AV companies to stop dropping the ball so much.
wraith808:
I disagree- a false positive is a false positive
-wraith808 (September 24, 2011, 12:33 PM)
--- End quote ---
This is FALSE, because they detected OpenCandy as OpenCandy. It is a classification issue, which is different than a false positive. We can NOT get into classification debates, period.
Those who believe bundles are a non-deceitful practice are welcome to start their own site ... However, they will not be part of THIS site because we need only the most EGREGIOUS and CLEAR CUT examples of harm. I said it all above. I will not repeat further. Reference my explanation. We simply can not allow borderline cases, because the system would not work. I discussed and thought about this for a hell of a long time with security vendors, so do not tell me that it is short-sighted. I *KNOW* bundles help you pay you bills, but ... they are deceitful in nature, in my opinion, and considered 'borderline' cases. Even though the user can opt-out, since almost nobody wants the bundled software, the clear intent is to 'get' those few who miss the checkbox.
I understand they pay you $$$... so you bundle supporters will never agree with this, so I invite you to start your own site. Argue no more, because this policy WILL NOT CHANGE. Read my first post, I explain it quite clearly. If we allow borderline cases, the whole system degrades into nothing but debate about what is good and what isn't. Instead, we want a site that demonstrates OBVIOUS mis-ratings and false positives... not debated classifications.
Again, the developer has the option to NOT include that bundle.. so it *is* Open Candy's fight, and they have plenty of power to fight.
-db90h (September 24, 2011, 12:34 PM)
--- End quote ---
I am not a bundle supporter, nor am I paid for anything, so classifying such in an aggressive post against what I said seems a bit out there. I do tend to post in support of Renegade on such things, because he gets so much crap for stuff, i.e. the unaddressed issue of posting that it was his fault that an AV company decided not do business with you, rather than placing the blame with them for their own decision. And if a third party component in your software does something that the AV program detects as malicious activity, then that becomes your problem, also. Libraries *can* do the same thing, and result in the same sort of false reporting, i.e. the use of AutoHotKey. It's not the program itself, its what it was made with in that case. And the developers of the programs that are in AHK can't argue the point of their program? I call BS.
Renegade:
@wraith808 - Thanks for the voice of support. Greatly appreciated.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version