Results 1 to 1 of 1

Thread: False positives are bad for business

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Join Date
    Mar 2004
    Posts
    3,863

    Default False positives are bad for business

    False positives are a headache for software developers. In the case of bad detections that have a widespread impact, software developers will have to deal with a surge in technical support calls and even bad press. Did you know that some antivirus products share the very same detection engine or malware signatures? This is the result of inter-vendor partnerships. So what appears as a malware detection by three separate products could actually be the result of a single bad signature shared by all of them.

    Unfortunately, false positive detections are common in the antivirus industry. They occur when a benign program is wrongfully flagged as malicious due to an overly broad detection signature or algorithm used in an antivirus product. But let's call it what it is: a BUG in the protection software.

    False positives are like false alarms; they occur when security software reports a vulnerability or security issue that in reality does not exist.

    For software developers it can be stressful to track down the appropriate contacts at different antivirus firms spread around the globe and then to convince them to fix a false positive detection. Some developers might not even be aware for days or weeks that their products are wrongfully detected as malware, which can lead to loss of potential customers.

    Just because it is not your fault does not mean it is not your problem. If an anti-virus scanner reports that your SetupBuilder generated files are infected or otherwise malicious, please post here along with the name of your anti-virus/security software, the name of the virus/malware/exploit that it reports it as, and the SetupBuilder build you were using.

    See below for example reporting format:

    Security Software: Super Duper Ultra Hyper Anti-Malware
    Contact: http://www.superduperultrahyper.com - falsepositive@superduperultrahyper.com
    Definition Version: Latest as of 2015-03-31
    Detected Item: Trojan.Agent.VGENX
    SetupBuilder Build: 8.5.4738
    VirusTotal Link: Yada

    === HALL OF SHAME ===

    #1 - Jiangmin KV Antivirus (China) - http://global.jiangmin.com - support@jiangmin.com
    #2 - Rising Antivirus (China) - http://www.rising-global.com
    Last edited by linder; 03-01-2016 at 02:48 AM.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts
  •