ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

The False Positive and Improperly Rated Site Epidemic

<< < (9/16) > >>

Jibz:
You are comparing libraries and software components to installer bundles? Come on ... Components/libraries have a FUNCTIONAL PART of the software, installer bundlers are SEPARATE products that are there to get installed into the PC as a separate product (and for commercial purposes, that is why you get paid).  
-db90h (September 24, 2011, 01:46 PM)
--- End quote ---

We're not going to see eye-to-eye on this.

Yes. They have a functional part. It's called putting food on the table.
-Renegade (September 24, 2011, 02:23 PM)
--- End quote ---

That is not a functional part of the software though, it is a functional part of your business. The software would run just the same if there was no adware in the installer.

I have no experience with OC, so I can in no way comment on whether it is fair to detect it as .. well .. OC. But to me there is a difference between components used in software, and adware bundled with it.

Also, just for the record, writing good signatures for malware is not as easy as it may seem :).

app103:
I have been talking quite a bit with db90h and it is very likely that I will be assuming the role of community relations for this project.

The purpose of this project is to identify and address the issues of false positives. It is not to identify and address issues with misclassifications. We are going to stay focused on false positives. We are not going to address misclassifications unless a website is misclassified as containing something it does not.

For example, if Wikipedia were misclassified as a phishing site and it resulted in it being blocked, that would be acceptable to file a report of a false positive, since there is nothing on the site that could be considered phishing. But if they were hacked and code injected that popped up a form asking for someone's banking info, then that wouldn't be a false positive until they cleaned up the site.

Feel free to start your own similar project to address misclassifications, if you wish, if you can not accept the idea that we will not be addressing them.

A detection of OC is not a false positive unless your software or installer does not contain OC. If it contains OC you may not file a report of a false positive. If it does not contain OC then you may file a report. It is as simple as that. That will be the rule going forward and there will be no compromising on this.

You can argue about it all you want in a million ways, but the fact remains that OC is being detected as OC and if it is malware or not isn't the issue here. So whether you feel OC is malware or not is irrelevant.

Now, Renegade, does your installer that is being detected as containing OC actually have OC in it, or not? If it doesn't, you may make a report about a false positive. If it does, then you may not.

tomos:
^ re the last line there:
it's good to be clear, but jeez app, give the man a break :)
he's already made his point and wished the site good luck:

[...]
Good luck with things. I hope that you can get the AV companies to stop dropping the ball so much.
-Renegade (September 24, 2011, 02:23 PM)
--- End quote ---

wraith808:
^ re the last line there:
it's good to be clear, but jeez app, give the man a break :)
he's already made his point and wished the site good luck:

[...]
Good luck with things. I hope that you can get the AV companies to stop dropping the ball so much.
-Renegade (September 24, 2011, 02:23 PM)
--- End quote ---
-tomos (September 24, 2011, 04:30 PM)
--- End quote ---

That's sort of my point.  Renegade is a pretty respected member of the site, and is pretty level headed and logical in his arguments.  He's also done quite a bit of research into the OC thing, even before using it.  However, whenever this comes up, he gets piled on, either in a passive aggressive manner or just an aggressive aggressive manner.  I know this is a hot point, but it seems like we can agree to disagree without the strife that seems to come up on these threads- I mean, its obvious that its in his software; he's even said as much, openly.  He's not trying to hide anything.  But the negative feelings towards the malware seems to spread out onto him, as if he's part of the problem.  That's my big problem with the whole thing.

app103:
This has nothing to do with anyone's feelings about OC. It's about focus and what is best for this project at this time. There may come a time in the future where that focus may change, but right now is not it.

Even if I shared Renegade's views on OC I would still hold the same position about not focusing on misclassifications at this time.

And Renegade knows I do not hold anything personal against him. I consider him my friend, both here and outside of DC, and not just merely a fellow DC member. If we lived near each other and I was the type that liked to drink, we'd be drinking buddies.  :)

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version