Causing collateral damage to innocent businesses/families is simply unacceptable. It will sometimes accidentally occur, but clearly not enough is being done to prevent this problem, as it has only gotten worse.
I did not make it clear.. if you want your comments to be seen by people who MATTER, then please post them at the thread I linked above. They will be waking soon, and visiting that thread. If it is just me, I look like a crazy person. If there is some user support, they realize users are fed up.
I have a real fear now that users, in general, don't care (not you guys, but others.. the average user).-db90h (September 23, 2011, 06:38 AM)
I did not make it clear.. if you want your comments to be seen by people who MATTER, then please post them at the thread I linked above. They will be waking soon, and visiting that thread. If it is just me, I look like a crazy person. If there is some user support, they realize users are fed up.
I have a real fear now that users, in general, don't care (not you guys, but others.. the average user).-db90h (September 23, 2011, 06:38 AM)
I did not make it clear.. if you want your comments to be seen by people who MATTER, then please post them at the thread I linked above. They will be waking soon, and visiting that thread. If it is just me, I look like a crazy person. If there is some user support, they realize users are fed up.
I have a real fear now that users, in general, don't care (not you guys, but others.. the average user).-db90h (September 23, 2011, 06:38 AM)
Side note: If you could turn the CAPTCHA level down a bit, it would be much easier to post. I had to try 3 times. :(-Renegade (September 23, 2011, 08:10 AM)
| Symantec | https://submit.symantec.com/false_positive/ |
| Microsoft Anti-Malware | http://www.microsoft.com/security/portal/isv/fpform.aspx |
| Bit Defender | http://forum.bitdefender.com/index.php?showforum=138 |
| AVG | http://forums.avg.com/ww-en/avg-forums?sec=thread&act=show&id=395 |
| Kaspersky | http://forum.kaspersky.com/index.php?showtopic=13881 |
| McAfee | https://community.mcafee.com/thread/2016 |
| Comodo | http://www.comodo.com/home/internet-security/submit.php |
| Symantec | https://submit.symantec.com/false_positive/ |
| Microsoft Anti-Malware | http://www.microsoft.com/security/portal/isv/fpform.aspx |
| Bit Defender | http://forum.bitdefender.com/index.php?showforum=138 |
| AVG | http://forums.avg.com/ww-en/avg-forums?sec=thread&act=show&id=395 |
| Kaspersky | http://forum.kaspersky.com/index.php?showtopic=13881 |
| McAfee | https://community.mcafee.com/thread/2016 |
| Comodo | http://www.comodo.com/home/internet-security/submit.php |
| NOD32 | http://kb.eset.com/esetkb/index?page=content&id=SOLN141 |
I also wanted to mention that I still think mouser's idea of a test and badge system rewarding good (low false positive) software/software publishers has a lot of potential. I think a combination of shaming the bad and rewarding the good could be most effective. Hopefully this effort can develop toward that long-term. But you have a good place to start.-JavaJones (September 23, 2011, 04:03 PM)
I sure hope this anti-FP action will go well. :up:
However, already been told that the thread will move to another domain, I am not inclined to register at Bitsum's, in order to upload a post or two. I think more people than me may have had a similar thought.-Curt (September 24, 2011, 05:00 AM)
I sure hope this anti-FP action will go well. :up:
However, already been told that the thread will move to another domain, I am not inclined to register at Bitsum's, in order to upload a post or two. I think more people than me may have had a similar thought.-Curt (September 24, 2011, 05:00 AM)
Thanks, and do not worry, all accounts and posts will be moved... we use SMF, so will the new forum.. easy migration. I indicated this, but it may have been missed (or not believed ;p).-db90h (September 24, 2011, 10:29 AM)
Was that what was happening? I saw 2 of my 3 posts were removed, so I got pissed at being censored, deleted my remaining post and deleted my account.
Was that what was happening? I saw 2 of my 3 posts were removed, so I got pissed at being censored, deleted my remaining post and deleted my account.
I was informed the company we were discussing (Open Candy) likes to sue people. I got freaked out, removed the posts. Sorry... The new policy is: NO DISCUSSION OF BUNDLED PRODUCTS.
If you don't want the false positive, don't bundle with that software. You CHOSE to bundle with that software.
I do not mean to be harsh, I just have to set some limits. There are more egregious and clear examples of harm. Mentioning FPs with bundled software just confuses the issue and defeats our purpose.
Anyway, the site is under new management now and being moved as we speak, so maybe you can talk them into allowing it.. I no longer am in control.
OTHERS: Would you agree this is a reasonable policy? If we allow BORDERLINE cases, or cases of debate.. then we confuse the whole issue and defeat the purpose. I personally consider all bundles deceptive as they rely on those users who accidentally miss the checkbox. I, personally, don't want the bundled crap, and imagine others feel the same. Can someone back me up?
I mean NO OFFENSE.. but to get things done, we can NOT allow borderline cases like this.-db90h (September 24, 2011, 11:39 AM)
I disagree- a false positive is a false positive-wraith808 (September 24, 2011, 12:33 PM)
I was informed the company we were discussing (Open Candy) likes to sue people. I got freaked out, removed the posts. Sorry... The new policy is: NO DISCUSSION OF BUNDLED PRODUCTS.-db90h (September 24, 2011, 11:39 AM)
BTW, this is FALSE, because they detected OpenCandy as OpenCandy. It is a classification issue, which is different than a false positive. We can NOT get into classification debates, period.-db90h (September 24, 2011, 01:10 PM)
There is little software out there that doesn't incorporate other software. They're called libraries or components.-Renegade (September 24, 2011, 01:41 PM)
It would be far more productive in the long run if 1000 developers of 1000 different products would stick to reporting false positives in their products and not reporting a false positive in some 3rd party bundled product like OC.
Because it is a single false positive and the problem is with OC and not 1000 false positives with the 1000 different products.
It would be far better for those 1000 developers to bang on OC's door and complain about it, then let OC handle the issues with their product.
You, as the developer of one of the 1000 products bundling some 3rd party adware are not in the position to make any changes to that 3rd party software to comply with any requirement that might be needed to resolve the issue (other than removing it from your installer), while OC is in a position to change their product and resolve it. They are the ones that should be complaining if they are upset by what they believe to be a false positive.
And I do not see something containing OC being detected as Adware:Win32/OpenCandy as a false positive. It was identified correctly as OpenCandy. If it were being identified as a Trojan:Win32/Vundo, that would be a FP.-app103 (September 24, 2011, 01:40 PM)
You are comparing libraries and software components to installer bundles? Come on ... Components/libraries have a FUNCTIONAL PART of the software, installer bundlers are SEPARATE products that are there to get installed into the PC as a separate product (and for commercial purposes, that is why you get paid).-db90h (September 24, 2011, 01:46 PM)
Also, you took my one, non-applicable quote.. thanks for that. That was why I first removed them, but then it became clear how problematic it would be to allow, after long discussions about the issue.-db90h (September 24, 2011, 01:46 PM)
These are the rules. You have the freedom to start your own site. I mean no offense.-db90h (September 24, 2011, 01:46 PM)
I disagree- a false positive is a false positive-wraith808 (September 24, 2011, 12:33 PM)
This is FALSE, because they detected OpenCandy as OpenCandy. It is a classification issue, which is different than a false positive. We can NOT get into classification debates, period.
Those who believe bundles are a non-deceitful practice are welcome to start their own site ... However, they will not be part of THIS site because we need only the most EGREGIOUS and CLEAR CUT examples of harm. I said it all above. I will not repeat further. Reference my explanation. We simply can not allow borderline cases, because the system would not work. I discussed and thought about this for a hell of a long time with security vendors, so do not tell me that it is short-sighted. I *KNOW* bundles help you pay you bills, but ... they are deceitful in nature, in my opinion, and considered 'borderline' cases. Even though the user can opt-out, since almost nobody wants the bundled software, the clear intent is to 'get' those few who miss the checkbox.
I understand they pay you $$$... so you bundle supporters will never agree with this, so I invite you to start your own site. Argue no more, because this policy WILL NOT CHANGE. Read my first post, I explain it quite clearly. If we allow borderline cases, the whole system degrades into nothing but debate about what is good and what isn't. Instead, we want a site that demonstrates OBVIOUS mis-ratings and false positives... not debated classifications.
Again, the developer has the option to NOT include that bundle.. so it *is* Open Candy's fight, and they have plenty of power to fight.-db90h (September 24, 2011, 12:34 PM)
You are comparing libraries and software components to installer bundles? Come on ... Components/libraries have a FUNCTIONAL PART of the software, installer bundlers are SEPARATE products that are there to get installed into the PC as a separate product (and for commercial purposes, that is why you get paid).-db90h (September 24, 2011, 01:46 PM)
We're not going to see eye-to-eye on this.
Yes. They have a functional part. It's called putting food on the table.-Renegade (September 24, 2011, 02:23 PM)
[...]
Good luck with things. I hope that you can get the AV companies to stop dropping the ball so much.-Renegade (September 24, 2011, 02:23 PM)
^ re the last line there:
it's good to be clear, but jeez app, give the man a break :)
he's already made his point and wished the site good luck:[...]
Good luck with things. I hope that you can get the AV companies to stop dropping the ball so much.-Renegade (September 24, 2011, 02:23 PM)-tomos (September 24, 2011, 04:30 PM)
That is not a functional part of the software though, it is a functional part of your business. The software would run just the same if there was no adware in the installer.-Jibz (September 24, 2011, 02:53 PM)
...there is a difference between components used in software, and adware bundled with it.-Jibz (September 24, 2011, 02:53 PM)
Also, just for the record, writing good signatures for malware is not as easy as it may seem :).-Jibz (September 24, 2011, 02:53 PM)
Defamation—also called calumny, vilification, traducement, slander (for transitory statements), and libel (for written, broadcast, or otherwise published words)—is the communication of a statement that makes a claim, expressly stated or implied to be factual, that may give an individual, business, product, group, government, or nation a negative image. It is usually a requirement that this claim be false and that the publication is communicated to someone other than the person defamed (the claimant).
The person first must prove that the statement was false.
Second, that person must prove that the statement caused harm.
Third, they must prove that the statement was made without adequate research into the truthfulness of the statement.
The purpose of this project is to identify and address the issues of false positives. It is not to identify and address issues with misclassifications. We are going to stay focused on false positives. We are not going to address misclassifications unless a website is misclassified as containing something it does not.-app103 (September 24, 2011, 03:48 PM)
* A GUI is not a functional part of the software because anything that you can do through a GUI can be done through a command line. (Oh god... can you imagine how difficult some software would be with no GUI? Nightmarish...)-Renegade (September 25, 2011, 12:46 AM)
This is just a case of two different understandings of what "false positive" means.-Renegade (September 25, 2011, 12:46 AM)
Whether it's OC or DevExpress or Infragistics or whatever, they all just seem like components to me. They all have a purpose. Saying that it's not a functional part of the software is only expressing an opinion on what level of utility one perceives in it.-Renegade (September 25, 2011, 12:46 AM)
To help drive this point along, in many installers there is the bit about disabling your AV software. I used to work at a company where we had a pretty tight licensing system, that used an implementation of a third-party licensing component. I had to write a lot of code to get it to work and integrate with the product. But apparently some AV programs looked at the licensing as virus-like activity. In that case, would it not have been the company that was affected and so the company that should have a right to pursue remedies, instead of waiting for the developers of the licensing component?-wraith808 (September 25, 2011, 08:58 AM)
Good point about installers recommending that people turn off AV software. (I don't think it should be necessary, but that's just what I think.)
In the past, most of the problems I've had with false positives have been rooted in either compression or encryption. Was the licensing issue you had due to network traffic or encryption/compression?-Renegade (September 25, 2011, 09:46 AM)
I sure hope this anti-FP action will go well. :up:
However, already been told that the thread will move to another domain, I am not inclined to register at Bitsum's, in order to upload a post or two. I think more people than me may have had a similar thought.-Curt (September 24, 2011, 05:00 AM)
I sure hope this anti-FP action will go well. :up:
However, already been told that the thread will move to another domain, I am not inclined to register at Bitsum's, in order to upload a post or two. I think more people than me may have had a similar thought.-Curt (September 24, 2011, 05:00 AM)
It has been moved already -- http://falsepositivereport.com-db90h (September 26, 2011, 08:58 PM)
my login doesnt work for this site (just reporting, not bitching!)-tomos (September 27, 2011, 09:00 AM)
my login doesnt work for this site (just reporting, not bitching!)-tomos (September 27, 2011, 09:00 AM)
my login doesnt work for this site (just reporting, not bitching!)-tomos (September 27, 2011, 09:00 AM)
If you can elaborate, perhaps it might be helpful too... ;). Sorry again.
EDIT: We did NOT migrate accounts, as I thought we would. The reason being is that the new site is using SMF 1.1.15, while I use SMF 2.0.1 .. so it would have been a harder issue.-db90h (September 27, 2011, 09:08 AM)
Microsoft Security Essentials is/wasincorrectly saying Google Chrome is malware and removing it from users' PCs.
http://chrome.blogspot.com/2011/09/problems-with-microsoft-security.html
http://techcrunch.com/2011/09/30/microsoft-accidentally-tags-chrome-as-malware/-Deozaan (September 30, 2011, 09:14 PM)
In our first week of operation (actually merely days), we had 3 real-time false-positive reports. *2 OF THOSE 3 WERE FIXED _AT_ OUT FORUMS* (one by Trend Micro, the other by Symantec). We are very proud of the security companies who have stepped up to the plate to mitigate collateral damage wherever they can. Many or most major security companies are monitoring the forum.
I presume this report of IE suggesting deletion of FARR (as it is "not commonly downloaded" lol) would fit in the forum?
FARR not a commonly downloaded program? (https://www.donationcoder.com/forum/index.php?topic=28365.new#new)-tomos (October 15, 2011, 02:51 PM)
I presume this report of IE suggesting deletion of FARR (as it is "not commonly downloaded" lol) would fit in the forum?
FARR not a commonly downloaded program? (https://www.donationcoder.com/forum/index.php?topic=28365.new#new)-tomos (October 15, 2011, 02:51 PM)
No, because it is your fault for not having a digital cert... which costs YEARLY 1/4 of your reported MONTHLY operational costs. It is not 1996 anymore, the reality is every developer should have a cert. Sorry to be so harsh, just telling it like it is.-db90h (October 15, 2011, 07:36 PM)
It is not 1996 anymore, the reality is every developer should have a cert. Sorry to be so harsh, just telling it like it is.For free software? Really? And it's the person's fault? I'd think that for software that doesn't make money, there would be an option that's doesn't incur a yearly cost. And that's how it is IMO.-db90h (October 15, 2011, 07:36 PM)-wraith808 (October 15, 2011, 10:06 PM)
I release as donationware on the offchance that someone decides to give something, more than with any expectation that this will happen. Even though I get a lot of downloads, I've gotten very few donations. Heck, I released as postcardware (without requiring a postcard even... just an e-mail) before finding this site and putting the donation part in there, and received exactly 3 e-mails. If people won't send e-mails, why would they pay?-wraith808 (October 16, 2011, 08:09 AM)