36
General Software Discussion / Re: Have AV False Positives Improved? (Systemus 16 months later)
« on: April 12, 2022, 01:05 PM »To give you an idea of how ridiculous false positives can be, I once wrote a single line program consisting of one hotkey that simply EXITED THE PROGRAM. Nothing else. Even that didn't come up clean in the virus scans. As you might imagine, it was about that point that I stopped caring.-skwire (April 12, 2022, 12:01 AM)
It occurs to me that the entire approach to "software safety checking" or whatever is entirely misguided. Instead of "scanning" a program and guessing that it might have some code that looks similar to another program that someone said had some bad code, it may be a a better approach for some "authoritative" site to actually run it on a virtual machine to see what functions it hijacks. If it only grabs keyboard and it is a hotkey program then perhaps nobody should panic. But if it hijacks everything in sight then maybe it should be noted on the site. I don't see how a quick scan that generates some kind of CRC result can tell you if the intent of the application is malicious. It is just a quick and leaky prophylactic being sold to the public as far as I can tell. :Thmbsup: