Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us
topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • September 25, 2016, 12:30:29 AM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: False Positives OpEd from WinPatrol  (Read 1929 times)

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 8,266
  • "In my dreams, I always do it right."
    • View Profile
    • Donate to Member
False Positives OpEd from WinPatrol
« on: February 26, 2015, 05:55:48 PM »
At DonationCoder we've discussed False Positives and how they affect freeware/OSS developers.  It's good to see an OpEd from someone in the security side of the industry and how it affects them as a company.

Antivirus industry deluding itself

The one thing this doesn't address is the costs with submitting software for the "Trusted Source" initiative, both in man hours and money, and the fact that to people that don't make a living off of selling software, it can seem like this is aimed at squeezing out Freeware and OSS contributors.

In fact, if you look at the bottom of the announcement from Google, you'll see that this isn't just an idle fear.

Quote
So what are the next steps? We are looking to grow our collection of trusted software, if you happen to be a very large software development company you might want to contact us in order to share this data and help us mitigate the issue of false positives. Please note that this initiative is not open to potentially unwanted applications and adware developers.

And the bad thing?  The emphasis isn't mine.

So where does this leave you with google automagically blocking and deleting files that the user downloads if you're not large enough to be one of the trusted vendors?

Out in the cold.

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 36,245
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: False Positives OpEd from WinPatrol
« Reply #1 on: February 26, 2015, 06:12:28 PM »
That quote is absolutely outrageous.. Shame on google.

Jibz

  • Developer
  • Joined in 2005
  • ***
  • Posts: 1,119
    • View Profile
    • Donate to Member
Re: False Positives OpEd from WinPatrol
« Reply #2 on: February 27, 2015, 02:08:02 AM »
His post is pretty spot on. It is ridiculously hard to get through to all the AV vendors to report false positives. It is a shame that the google/microsoft project is only aimed at large companies, who already have the attention of AV companies. A common gateway for reporting false positives would be great, but the odds of all the AV vendors agreeing on that are probably slim.

I don't know what could be done to help small companies and individual developers, perhaps the taggant project could help, or access to more affordable code signing certificates.