It is currently Tue Feb 25, 2020 10:03 am

All times are UTC + 1 hour




Post new topic Reply to topic  [ 155 posts ]  Go to page Previous  1, 2, 3, 4, 5, 6, 7 ... 11  Next
Author Message
 Post subject: Re: Why I had to stop using PureBasic
PostPosted: Fri Sep 15, 2017 4:45 pm 
Offline
New User
New User

Joined: Mon Jun 12, 2017 5:49 pm
Posts: 1
The reality is PAID "security" lives to make money, false positives increase cash flow. Yes, it is mostly heuristics, but a good part is allowing their customers not to keep current.

1. Pay for a signing cert. They can be had for less than $100 a year.
2. Make good use of VirusTotal. Customer says you have a bad file, show them you do not, using the current day's signatures.
3. Educate. Spread the word the only real protection is the person at the keyboard. "Security" software can only accurately help protect with known items (things the user should never see anyway), and are not any more accurate at guessing the future than someone with a crystal ball.
4. Be ready. Get a false positive you seem to be stuck with? Recompile after swapping some code into a new position, and it will probably clear the issue. With some compilers, you can cause a new signature with simple case changes.

Accept there are things you cannot change. The big AV people spread fear daily, you will never beat them at that. You WILL lose potential new customers due to those who live in fear. Take care of the customers who beat the fear.


Top
 Profile  
Reply with quote  
 Post subject: Re: Why I had to stop using PureBasic
PostPosted: Fri Sep 15, 2017 8:15 pm 
Offline
Enthusiast
Enthusiast

Joined: Mon Apr 10, 2017 6:17 pm
Posts: 312
Location: Germany
MarcNL wrote:
Seriously, a virus can only get in if you open the door.


Well and installing a Microsoft OS and dozens of drivers for your hardware will leave you open with a few hundred "backdoors". How do you want to avoid those?

Medlin wrote:
1. Pay for a signing cert. They can be had for less than $100 a year.


If you have a cheaper one than Comodo - please link :)

But it needs to be officially recognized by microsoft. Otherwise you can have it for free too by doing your own certification with your personal cert which signs your own software ;) (useful for development sometimes, but pointless for releases)

_________________
webpage


Top
 Profile  
Reply with quote  
 Post subject: Re: Why I had to stop using PureBasic
PostPosted: Sat Sep 16, 2017 6:12 am 
Offline
Addict
Addict

Joined: Mon Feb 16, 2015 2:49 pm
Posts: 1905
As for PureBasic, I note with interest that 5.61 results in LESS false-positives with VirusTotal than 5.60! :shock: :D

An exe I made with 5.60 a couple of months ago (40/65 "malware"): https://i.imgur.com/JsHZOe2.png
The same exe compiled with 5.61 today (just 13/64 "malware" now): https://i.imgur.com/6BjdcQi.png

So that's looking good! I recommend everyone upgrade to 5.61 if they haven't, to see if that helps.

[Edit] I also tried embedding a large random binary of 10 MB to my exe, but VirusTotal still said 13/64 "malware", so size didn't help.


Last edited by Dude on Sat Sep 16, 2017 8:40 am, edited 1 time in total.

Top
 Profile  
Reply with quote  
 Post subject: Re: Why I had to stop using PureBasic
PostPosted: Sat Sep 16, 2017 6:26 am 
Offline
Addict
Addict

Joined: Mon Feb 16, 2015 2:49 pm
Posts: 1905
Signing certs can be hacked, and also bought by anyone to release a malware exe. They're not the answer.


Top
 Profile  
Reply with quote  
 Post subject: Re: Why I had to stop using PureBasic
PostPosted: Sat Sep 16, 2017 6:34 am 
Offline
Addict
Addict

Joined: Mon Feb 16, 2015 2:49 pm
Posts: 1905
Marc56us wrote:
Quote:
we are in the process to get a new cert as well for PB apps
Good! 8)

Why good? That won't help for exes we compile.


Top
 Profile  
Reply with quote  
 Post subject: Re: Why I had to stop using PureBasic
PostPosted: Sat Sep 16, 2017 6:35 am 
Offline
PureBasic Expert
PureBasic Expert
User avatar

Joined: Fri Apr 25, 2003 4:34 pm
Posts: 936
Location: Canada
Dude wrote:
So that's looking good! I recommend everyone upgrade to 5.61 if they haven't, to see if that helps.


Just tried to compile a small app with 5.61 using LinkedLists and SelectElement and AVIRA blocked it from compiling causing a POLink error.

Same app compiled fine with 5.60

That being said, I've had all kinds of problems with false positives lately and PB compiled apps :(
I've submitted numerous EXE's to AV vendors stating their AV Software is triggering a False Positive and I eventually receive an email back saying not to worry, the EXE I submitted does not contain a virus. Nice work guys... I know there's no virus because I wrote the app and the next virus signature update still does not fix the problem.

_________________
Image Image


Top
 Profile  
Reply with quote  
 Post subject: Re: Why I had to stop using PureBasic
PostPosted: Sat Sep 16, 2017 6:36 am 
Offline
Addict
Addict

Joined: Mon Feb 16, 2015 2:49 pm
Posts: 1905
Paul, compile that exe from the same source with 5.60 and 5.61, and submit both to VirusTotal.com like I did, and check the results. I'd be interested to know.


Top
 Profile  
Reply with quote  
 Post subject: Re: Why I had to stop using PureBasic
PostPosted: Sat Sep 16, 2017 7:40 am 
Offline
Enthusiast
Enthusiast
User avatar

Joined: Sun Jul 29, 2012 10:33 pm
Posts: 747
Location: United States
I uploaded my largest PB project (125,000+ lines of code) to virustotal and it passed (0/64). Maybe that's related to the scale of the project in this case? Also my executable isn't signed, yet.

Side note: I use Avast free for my computers. It's easy to white list blocked files and it doesn't usually flag my compiled PB executables.


Top
 Profile  
Reply with quote  
 Post subject: Re: Why I had to stop using PureBasic
PostPosted: Sat Sep 16, 2017 8:35 am 
Offline
Addict
Addict

Joined: Sat Mar 02, 2013 9:17 am
Posts: 930
Beware of supporting malware coders in this forum

Open your eys (before) :shock:

search.php?author_id=15109&sr=posts

_________________
http://www.nachtoptik.de


Top
 Profile  
Reply with quote  
 Post subject: Re: Why I had to stop using PureBasic
PostPosted: Sat Sep 16, 2017 9:26 am 
Offline
Addict
Addict
User avatar

Joined: Sat Feb 13, 2010 3:45 pm
Posts: 995
walbus wrote:
Beware of supporting malware coders in this forum

Open your eys (before) :shock:

search.php?author_id=15109&sr=posts

Yes, this is a problem here in the forum and in consequence for us all.

Many users here doesn't open there eyes and don't want to open there eyes. See here.
What is even worse, some here in the forum find it great, if such sleazy persons is helped. See here.

_________________
sorry for my bad english


Top
 Profile  
Reply with quote  
 Post subject: Re: Why I had to stop using PureBasic
PostPosted: Sat Sep 16, 2017 9:58 am 
Offline
Addict
Addict

Joined: Sat Mar 02, 2013 9:17 am
Posts: 930
Yep, i would not bashing J.....
But, its absolutely simple for seeing what this boy want
His latest stepp is a Backdoor Proxy
The problem is, malware sources from malware coders have a "butterfly effect"
https://en.wikipedia.org/wiki/Butterfly_effect

_________________
http://www.nachtoptik.de


Top
 Profile  
Reply with quote  
 Post subject: Re: Why I had to stop using PureBasic
PostPosted: Sat Sep 16, 2017 10:11 am 
Offline
Always Here
Always Here

Joined: Fri Oct 23, 2009 2:33 am
Posts: 6001
Location: Wales, UK
Quote:
Signing certs can be hacked, and also bought by anyone to release a malware exe. They're not the answer.

That was a huge problem at Symantec in 2015, as was their irresponsible issuing of certificates more recently - prompting Goggle to dump them.

However, they are the answer to false positives simply because AV checks your app and verifies the digital signature. If you are making malware with a digital signature, it will get past that security - but it won't be long before your app is recognised for what it is and the digital signature can lead the authorities to you and to the lawyer that physically signed-off your identification paperwork. Nothing is perfect in this imperfect world so it's more a question of whether you see the glass half-full or half-empty.

_________________
IdeasVacuum
If it sounds simple, you have not grasped the complexity.


Top
 Profile  
Reply with quote  
 Post subject: Re: Why I had to stop using PureBasic
PostPosted: Sat Sep 16, 2017 12:13 pm 
Offline
Enthusiast
Enthusiast
User avatar

Joined: Sun Sep 11, 2016 2:17 pm
Posts: 610
walbus wrote:
Beware of supporting malware coders in this forum

Open your eys (before) :shock:

search.php?author_id=15109&sr=posts


Without proof you cant conclude beyond the reason of doubt
that someone is indeed involved in illegal activities.
(Textual elemets alone that might indicate something are not enough!)

Your logic is flawed.

You can be suspicious about some individual/s and act accordingly
but you should not conclude something without any real proof.


Top
 Profile  
Reply with quote  
 Post subject: Re: Why I had to stop using PureBasic
PostPosted: Sat Sep 16, 2017 12:29 pm 
Offline
Addict
Addict

Joined: Sat Mar 02, 2013 9:17 am
Posts: 930
M.
And again and again, you don't get any answers from me, also not for your nice PN
Find someone else for your flaming and damaging the forum !

_________________
http://www.nachtoptik.de


Top
 Profile  
Reply with quote  
 Post subject: Re: Why I had to stop using PureBasic
PostPosted: Sat Sep 16, 2017 12:57 pm 
Offline
Enthusiast
Enthusiast
User avatar

Joined: Sun Sep 11, 2016 2:17 pm
Posts: 610
walbus wrote:
Are you blind ?
And again and again, you don't get any answers from me, also not for your nice PN
Find someone else for your flaming and damaging the forum !


Is threre anything in my post besides the clear wish for a better and just community?

Ps. Pls dont edit your post after i already have replied!


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 155 posts ]  Go to page Previous  1, 2, 3, 4, 5, 6, 7 ... 11  Next

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  

 


Powered by phpBB © 2008 phpBB Group
subSilver+ theme by Canver Software, sponsor Sanal Modifiye