Reply to Thread

Post a reply to the thread: False positives are bad for business

Your Message

Click here to log in

What's the name of our main installation product (in uppercase letters), directly followed by the current year?

 

You may choose an icon for your message from this list

Additional Options

  • Will turn www.example.com into [URL]http://www.example.com[/URL].

Topic Review (Newest First)

  • 03-31-2015, 06:42 AM
    linder

    False positives are bad for business

    False positives are a headache for software developers. In the case of bad detections that have a widespread impact, software developers will have to deal with a surge in technical support calls and even bad press. Did you know that some antivirus products share the very same detection engine or malware signatures? This is the result of inter-vendor partnerships. So what appears as a malware detection by three separate products could actually be the result of a single bad signature shared by all of them.

    Unfortunately, false positive detections are common in the antivirus industry. They occur when a benign program is wrongfully flagged as malicious due to an overly broad detection signature or algorithm used in an antivirus product. But let's call it what it is: a BUG in the protection software.

    False positives are like false alarms; they occur when security software reports a vulnerability or security issue that in reality does not exist.

    For software developers it can be stressful to track down the appropriate contacts at different antivirus firms spread around the globe and then to convince them to fix a false positive detection. Some developers might not even be aware for days or weeks that their products are wrongfully detected as malware, which can lead to loss of potential customers.

    Just because it is not your fault does not mean it is not your problem. If an anti-virus scanner reports that your SetupBuilder generated files are infected or otherwise malicious, please post here along with the name of your anti-virus/security software, the name of the virus/malware/exploit that it reports it as, and the SetupBuilder build you were using.

    See below for example reporting format:

    Security Software: Super Duper Ultra Hyper Anti-Malware
    Contact: http://www.superduperultrahyper.com - falsepositive@superduperultrahyper.com
    Definition Version: Latest as of 2015-03-31
    Detected Item: Trojan.Agent.VGENX
    SetupBuilder Build: 8.5.4738
    VirusTotal Link: Yada

    === HALL OF SHAME ===

    #1 - Jiangmin KV Antivirus (China) - http://global.jiangmin.com - support@jiangmin.com
    #2 - Rising Antivirus (China) - http://www.rising-global.com

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts
  •