Page 3 of 11
Re: Why I had to stop using PureBasic
Posted: Thu Sep 14, 2017 8:57 pm
by said
Olby wrote:I know a few people strongly opposed the notion of fixing something that is not broken. But PB is not Microsoft or any other big player therefore we have to play according to their rules. While it is possible to tell someone to uninstall completely or use a different AV it is a futile request. I don't expect someone to buy a new AV just because "my little utility written in PB" is quarantined. They'll just find another piece of software. In my case it would be nearly impossible to accommodate PB and request the corporation to change to another AV provider or get rid of it at all (which will not happen anytime soon since AVs usually come bundled with firewalls, networks threat prevention, safe web browsing etc). The answer would be simple, why are you using PB, just switch to something else that doesn't require any extra work. Sadly this doesn't help to promote PB outside bedroom and hobbyist coder scene.
TLDR;
If the mountain will not come to Muhammad, then Muhammad must go to the mountain. Therefore the best course of action in my opinion would be to try changing the binary code generated by PB compiler to something that will cause less false-positives by, perhaps, working together with AV developers such as Symantec.
Fully agree, hopefully Fred can find something that reverse this trend, it is just not normal that so many PB programs get flagged
there must be something in those exe that upset those AV
We love PB and invested a lot of time in it, but by the end of day if it cant be used to sell/share programs then what's the point and we need to move into something else even if we have to restart from scratch
What happened with marc_256 is really sad and the PB source code cannot be used anywhere else
To be honest, i am in the same boat as you and for the past 2 years i have been delaying this moment of truth, but seemingly things are not going to change any time soon ... so most likely i will have to walk away as well, probably others have already done it silently ?!
Re: Why I had to stop using PureBasic
Posted: Thu Sep 14, 2017 9:18 pm
by Josh
Has anybody experience how different AV react with other non-mainstream languages (like BlitzBasic or comparable)?
Re: Why I had to stop using PureBasic
Posted: Thu Sep 14, 2017 10:09 pm
by mk-soft
Same problem by Bitzbasic, Profan, XProfan, VB6, VB.Net, etc
Re: Why I had to stop using PureBasic
Posted: Thu Sep 14, 2017 10:52 pm
by Olby
mk-soft wrote:Same problem by Bitzbasic, Profan, XProfan, VB6, VB.Net, etc
Never had problems with apps written in Delphi, VB6, VB.Net, C#, C++ etc. on my work computer. I haven't tried BlitzBasic tho.
Re: Why I had to stop using PureBasic
Posted: Thu Sep 14, 2017 11:02 pm
by mk-soft
Olby wrote:mk-soft wrote:Same problem by Bitzbasic, Profan, XProfan, VB6, VB.Net, etc
Never had problems with apps written in Delphi, VB6, VB.Net, C#, C++ etc. on my work computer. I haven't tried BlitzBasic tho.
Some people have problems with some virus scanner.
I have no problem with Avira-Professional or Windows X Pro Defender
Re: Why I had to stop using PureBasic
Posted: Fri Sep 15, 2017 12:34 am
by Bitblazer
Symantecs product quality was a joke when i had a thorough look into it some years ago. afaik they did buy over some other company in between and basically replaced everything under the hood.
You really need to intergrate code signing into your business model (financially and technically) and i am not aware of code signing having a problem with PB. Find an affordable solution like
Comodo's and the problem should be solved without having to abandon PB.
Re: Why I had to stop using PureBasic
Posted: Fri Sep 15, 2017 7:46 am
by Kukulkan
I think it is not really a problem of the compiler/language used. It is the popularity of the software and also the handling by the developers/publishers.
We are commercially publishing several PB programs *) and yes, we have about two false alerts a year. So we report it to the AV vendor and it is solved in a week or two. You can see our false alerts listed on our wiki pages:
http://wiki.regify.com/index.php?title= ... _positives
But we digitally sign most of the executables and the installer files. As mentioned before in this thread, it is not that expensive. Especially, if you compare this cost against the time and money you've spent in the past on development. We just paid 179,- EUR incl. VAT for a two year Comodo code signing certificate (German vendor:
https://www.psw-group.de/code-signing/).
Yes, the AV thing is annoying and costs us time and sometimes even trustworthiness. But today, many users know about false alerts, too. They learn to handle it.
Kukulkan
*) Our products, mostly based on PB, are listed here: http://www.regify.com. Some of the executables I mention are the regify client programs (https://free.regify.com/phpDownloads.php). They are usable with the regify accounts that customers register. We release some of them for Windows, Linux and Mac and therefore, PB is great for us.
Re: Why I had to stop using PureBasic
Posted: Fri Sep 15, 2017 8:53 am
by Little John
@Kukulkan:
I think what you wrote is a good summary of the current situation.
Re: Why I had to stop using PureBasic
Posted: Fri Sep 15, 2017 9:36 am
by Bisonte
In my opinion, this scare tactic of virus scanners is another way to make money out of nothing. Who owns the parts these "register" companies? Manufacturer of virus scanner.
They urgently need sales arguments for their products. And with the second company their income will be increased.
Re: Why I had to stop using PureBasic
Posted: Fri Sep 15, 2017 10:36 am
by said
@ Bitblazer, Kukulkan thanks for the info and the links, so by simply having code signing things can get that much better
... i think i have read something similar in these forums but never thought would be that critical
It certainly worth giving it a shot and see, that would be really great if that works out
Bisonte wrote:In my opinion, this scare tactic of virus scanners is another way to make money out of nothing. Who owns the parts these "register" companies? Manufacturer of virus scanner.
They urgently need sales arguments for their products. And with the second company their income will be increased.
Ironic as it might look, i believe this sounds true, damn we are victims at both sides
Re: Why I had to stop using PureBasic
Posted: Fri Sep 15, 2017 2:24 pm
by MarcNL
Since Windows Vista, which introduced UAC and much stronger security, I permanently stopped using AV because they’re the real viruses. I never ever had any virus. Never.
Rule is of course that you use common sense and make use of the security options an OS provides you:
1) Keep UAC on. It helps you a lot. You must of course read what it says, before clicking Yes.
2) Work as a user, that is without the administrator role. This is also advisable for a developer, so you know what restrictions a user might have.
3) Obvious: keep away from illegal sources (....).
Nowadays, with threads becoming more and more advanced, AV aren’t of use anymore. Trusting your OS is a better choice.
Problem is of course: how to convince system administrators .... ;)
Re: Why I had to stop using PureBasic
Posted: Fri Sep 15, 2017 2:27 pm
by MarcNL
It’s true that some dumb AV software look at the size of an EXE, and assume that very small ones might be dangerous.
Maybe PB could add an option that PowerBasic has: “BLOAT”. It increases the exe size with dummy data.
Re: Why I had to stop using PureBasic
Posted: Fri Sep 15, 2017 2:35 pm
by Fred
Yes code signing makes a big difference, you should do it if you plan to sell your app (we are in the process to get a new cert as well for PB apps)
Re: Why I had to stop using PureBasic
Posted: Fri Sep 15, 2017 2:41 pm
by Marc56us
I never ever had any virus. Never.
Or you have one (sleeping) but you don't know you have one...
Maybe PB could add an option that PowerBasic has: “BLOAT”. It increases the exe size with dummy data.
Easy to do: IncludeBinay() with big image (used as splashscreen)
But this goes against the philosophy of PB (small fast exe)
we are in the process to get a new cert as well for PB apps
Good!
Re: Why I had to stop using PureBasic
Posted: Fri Sep 15, 2017 2:51 pm
by MarcNL
Marc56us wrote:I never ever had any virus. Never.
Or you have one (sleeping) but you don't know you have one... :)
Maybe PB could add an option that PowerBasic has: “BLOAT”. It increases the exe size with dummy data.
Easy to do: IncludeBinay() with big image (used as splashscreen) 8)
we are in the process to get a new cert as well for PB apps
Good! 8)
I’m not that dumb ;). Of course I do a manual virus check once in a while, using different AV, but mostly Microsoft Defender. Seriously, a virus can only get in if you open the door. Since Vista you get enough help, if you let the OS help you. I remember that when Vista was introduced almost every PC magazine published tips to turn that “irritating” UAC off. They basically told you to unlock your door.