ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

The False Positive and Improperly Rated Site Epidemic

(1/16) > >>

I have been a member of a malware working group at the IEEE of which almost ALL security vendors participate. I've therefore been in a position to create and propose this new Forum: . This is only hours old, but one security vendor has agreed to take part. As the others wake, we'll see who will voluntarily take part in it. As long as Software Vendors take part, security vendors will eventually be forced to take part in order to respond.


I would like to congratulate Microsoft as the one company who takes the conservative approach, making their false positive rate the lowest in the industry. Kudos to them. All security companies should act that way! Causing collateral damage to innocent businesses/families is simply unacceptable. It will sometimes accidentally occur, but clearly not enough is being done to prevent this problem, as it has only gotten worse.


Accountability. Transparency. Communication. Prevention.
Helping to prevent false positives and mis-rating of web sites, instead of merely retroactively addressing them

This is a new effort to help slow (and expose) the plague of false positives and mis-rated web sites that are destroying hundreds or thousands of small businesses every year. Some security companies do better than others, but never before has there been a place where false positives and mis-rated sites can be publicly reported. The security companies can then respond, fix the issue, then determine why it happened and work with the vendor to avoid it in the future. After all, once a false positive happens, the damage is already done. Some security companies will not even respond to reports of false positives and mis-rated sites, much less work to avoid them in the future. Other companies DO act much more responsibly.

This is NOT about crucifying security companies. They do have a terribly hard job. Still, many of them can and should do better. This site is about showing which companies are doing the best to avoid collateral damage. It is also intended to facilitate the mitigation of collateral damage when it occurs, and, through communication, help prevent collateral damage (FPs) from recurring. For instance, why did the FP or misrating occur? What can be done to avoid it in the future?

Ironically, malware authors are hardly affected by these aggressive tactics. After all, if these tactics really worked, why would there be so many malware infestations?

Also remember, public transparency and accountability will let consumers know which security companies care about the collateral damage they inflict. Is this not important in your purchasing decision? If not, it should be ;). By choosing carefully with whom you spend your money, YOU can force companies to start behaving ethically.

As always, the power is in the hands of the consumer. Choose carefully who you spend your money with and you can force these corporations to act ethically and responsibly.

At this site you can:

1. Report false positives and mis-rated sites in REAL TIME to a CENTRAL LOCATION. At this central location, companies will know where to find false positives and mis-rated sites, if they care to look.
2. You can then see which companies care to fix these issues, and how fast. You can also see which companies are interested in AVOIDING them in the future.
3. Communicate with security companies to fix these issues, and help avoid these problems from recurring.
4. Provide historical stories about damage inflicted to your innocent business and/or family.
5. Communicate with other software vendors with similar concerns and troubles.

I bought a few domain names a number of years ago because I wanted to try to draw attention to this problem, but never got around to it. (,

It's a tough job to detect real malware, but like you said:

Causing collateral damage to innocent businesses/families is simply unacceptable. It will sometimes accidentally occur, but clearly not enough is being done to prevent this problem, as it has only gotten worse.
--- End quote ---

I sort of see it like being hired to cut the grass in the park, but also mowing down the children. Y'know... Like who cares if a few patches of grass are red? :P

Thank you for your support ;).

If you're an ASP member, post it there -- also -- post it in the JoS forums too.

There are more software forums like those (I've kind of stopped reading/visiting them as so many tech people there just seem to be looking for a fight) -- if anyone can remember some of those, post them as well -- it might help. I know a lot of people have been burned by false positives. Actually, thinking about it, if you've been around for long, it's almost impossible that you haven't... Just about everyone complains about it.

Good idea! I'm not a member of the ASP anymore, I quit years ago and never joined back. However, since I author developer tools, I know a lot of vendors personally, so will start contacting them. Please do spread the word. It is important. We must make a stand. The major security companies will be waking up in a few hours and reading this, so let's show them how much interest there is ASAP.

My personal story of FPs and misratings you wouldn't believe.. and I do NOT compress my software or use any protector. That is why I got so fed up. I finally was able to fix problems only through my direct contacts, because so many of these companies simply don't respond to their false positive or mis-rating reporting systems. They just ignore you, its absurd. Some others DO respond well, but the damage is done, and they don't make an effort to PREVENT it from happening in the future.

Let's change the world! ;)


[0] Message Index

[#] Next page

Go to full version