Why I had to stop using PureBasic

Everything else that doesn't fall into one of the other PB categories.
Medlin
New User
New User
Posts: 1
Joined: Mon Jun 12, 2017 5:49 pm

Re: Why I had to stop using PureBasic

Post by Medlin »

The reality is PAID "security" lives to make money, false positives increase cash flow. Yes, it is mostly heuristics, but a good part is allowing their customers not to keep current.

1. Pay for a signing cert. They can be had for less than $100 a year.
2. Make good use of VirusTotal. Customer says you have a bad file, show them you do not, using the current day's signatures.
3. Educate. Spread the word the only real protection is the person at the keyboard. "Security" software can only accurately help protect with known items (things the user should never see anyway), and are not any more accurate at guessing the future than someone with a crystal ball.
4. Be ready. Get a false positive you seem to be stuck with? Recompile after swapping some code into a new position, and it will probably clear the issue. With some compilers, you can cause a new signature with simple case changes.

Accept there are things you cannot change. The big AV people spread fear daily, you will never beat them at that. You WILL lose potential new customers due to those who live in fear. Take care of the customers who beat the fear.
Bitblazer
Enthusiast
Enthusiast
Posts: 733
Joined: Mon Apr 10, 2017 6:17 pm
Location: Germany
Contact:

Re: Why I had to stop using PureBasic

Post by Bitblazer »

MarcNL wrote:Seriously, a virus can only get in if you open the door.
Well and installing a Microsoft OS and dozens of drivers for your hardware will leave you open with a few hundred "backdoors". How do you want to avoid those?
Medlin wrote:1. Pay for a signing cert. They can be had for less than $100 a year.
If you have a cheaper one than Comodo - please link :)

But it needs to be officially recognized by microsoft. Otherwise you can have it for free too by doing your own certification with your personal cert which signs your own software ;) (useful for development sometimes, but pointless for releases)
webpage - discord chat links -> purebasic GPT4All
Dude
Addict
Addict
Posts: 1907
Joined: Mon Feb 16, 2015 2:49 pm

Re: Why I had to stop using PureBasic

Post by Dude »

As for PureBasic, I note with interest that 5.61 results in LESS false-positives with VirusTotal than 5.60! :shock: :D

An exe I made with 5.60 a couple of months ago (40/65 "malware"): https://i.imgur.com/JsHZOe2.png
The same exe compiled with 5.61 today (just 13/64 "malware" now): https://i.imgur.com/6BjdcQi.png

So that's looking good! I recommend everyone upgrade to 5.61 if they haven't, to see if that helps.

[Edit] I also tried embedding a large random binary of 10 MB to my exe, but VirusTotal still said 13/64 "malware", so size didn't help.
Last edited by Dude on Sat Sep 16, 2017 8:40 am, edited 1 time in total.
Dude
Addict
Addict
Posts: 1907
Joined: Mon Feb 16, 2015 2:49 pm

Re: Why I had to stop using PureBasic

Post by Dude »

Signing certs can be hacked, and also bought by anyone to release a malware exe. They're not the answer.
Dude
Addict
Addict
Posts: 1907
Joined: Mon Feb 16, 2015 2:49 pm

Re: Why I had to stop using PureBasic

Post by Dude »

Marc56us wrote:
we are in the process to get a new cert as well for PB apps
Good! 8)
Why good? That won't help for exes we compile.
User avatar
Paul
PureBasic Expert
PureBasic Expert
Posts: 1243
Joined: Fri Apr 25, 2003 4:34 pm
Location: Canada
Contact:

Re: Why I had to stop using PureBasic

Post by Paul »

Dude wrote: So that's looking good! I recommend everyone upgrade to 5.61 if they haven't, to see if that helps.
Just tried to compile a small app with 5.61 using LinkedLists and SelectElement and AVIRA blocked it from compiling causing a POLink error.

Same app compiled fine with 5.60

That being said, I've had all kinds of problems with false positives lately and PB compiled apps :(
I've submitted numerous EXE's to AV vendors stating their AV Software is triggering a False Positive and I eventually receive an email back saying not to worry, the EXE I submitted does not contain a virus. Nice work guys... I know there's no virus because I wrote the app and the next virus signature update still does not fix the problem.
Image Image
Dude
Addict
Addict
Posts: 1907
Joined: Mon Feb 16, 2015 2:49 pm

Re: Why I had to stop using PureBasic

Post by Dude »

Paul, compile that exe from the same source with 5.60 and 5.61, and submit both to VirusTotal.com like I did, and check the results. I'd be interested to know.
User avatar
Samuel
Enthusiast
Enthusiast
Posts: 755
Joined: Sun Jul 29, 2012 10:33 pm
Location: United States

Re: Why I had to stop using PureBasic

Post by Samuel »

I uploaded my largest PB project (125,000+ lines of code) to virustotal and it passed (0/64). Maybe that's related to the scale of the project in this case? Also my executable isn't signed, yet.

Side note: I use Avast free for my computers. It's easy to white list blocked files and it doesn't usually flag my compiled PB executables.
walbus
Addict
Addict
Posts: 929
Joined: Sat Mar 02, 2013 9:17 am

Re: Why I had to stop using PureBasic

Post by walbus »

Beware of supporting malware coders in this forum

Open your eys (before) :shock:

http://www.purebasic.fr/english/search. ... 9&sr=posts
User avatar
Josh
Addict
Addict
Posts: 1183
Joined: Sat Feb 13, 2010 3:45 pm

Re: Why I had to stop using PureBasic

Post by Josh »

walbus wrote:Beware of supporting malware coders in this forum

Open your eys (before) :shock:

http://www.purebasic.fr/english/search. ... 9&sr=posts
Yes, this is a problem here in the forum and in consequence for us all.

Many users here doesn't open there eyes and don't want to open there eyes. See here.
What is even worse, some here in the forum find it great, if such sleazy persons is helped. See here.
sorry for my bad english
walbus
Addict
Addict
Posts: 929
Joined: Sat Mar 02, 2013 9:17 am

Re: Why I had to stop using PureBasic

Post by walbus »

Yep, i would not bashing J.....
But, its absolutely simple for seeing what this boy want
His latest stepp is a Backdoor Proxy
The problem is, malware sources from malware coders have a "butterfly effect"
https://en.wikipedia.org/wiki/Butterfly_effect
IdeasVacuum
Always Here
Always Here
Posts: 6425
Joined: Fri Oct 23, 2009 2:33 am
Location: Wales, UK
Contact:

Re: Why I had to stop using PureBasic

Post by IdeasVacuum »

Signing certs can be hacked, and also bought by anyone to release a malware exe. They're not the answer.
That was a huge problem at Symantec in 2015, as was their irresponsible issuing of certificates more recently - prompting Goggle to dump them.

However, they are the answer to false positives simply because AV checks your app and verifies the digital signature. If you are making malware with a digital signature, it will get past that security - but it won't be long before your app is recognised for what it is and the digital signature can lead the authorities to you and to the lawyer that physically signed-off your identification paperwork. Nothing is perfect in this imperfect world so it's more a question of whether you see the glass half-full or half-empty.
IdeasVacuum
If it sounds simple, you have not grasped the complexity.
User avatar
Mijikai
Addict
Addict
Posts: 1360
Joined: Sun Sep 11, 2016 2:17 pm

Re: Why I had to stop using PureBasic

Post by Mijikai »

walbus wrote:Beware of supporting malware coders in this forum

Open your eys (before) :shock:

http://www.purebasic.fr/english/search. ... 9&sr=posts
Without proof you cant conclude beyond the reason of doubt
that someone is indeed involved in illegal activities.
(Textual elemets alone that might indicate something are not enough!)

Your logic is flawed.

You can be suspicious about some individual/s and act accordingly
but you should not conclude something without any real proof.
walbus
Addict
Addict
Posts: 929
Joined: Sat Mar 02, 2013 9:17 am

Re: Why I had to stop using PureBasic

Post by walbus »

M.
And again and again, you don't get any answers from me, also not for your nice PN
Find someone else for your flaming and damaging the forum !
User avatar
Mijikai
Addict
Addict
Posts: 1360
Joined: Sun Sep 11, 2016 2:17 pm

Re: Why I had to stop using PureBasic

Post by Mijikai »

walbus wrote:Are you blind ?
And again and again, you don't get any answers from me, also not for your nice PN
Find someone else for your flaming and damaging the forum !
Is threre anything in my post besides the clear wish for a better and just community?

Ps. Pls dont edit your post after i already have replied!
Post Reply