Author Topic: Avast Default=Small Time Dev?Must be making malware. Give the app user a scare!!  (Read 6190 times)

0 Members and 1 Guest are viewing this topic.

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6699
  • Trust only what you test yourself!
The best advice is create an infection free software.
The mere fact that avast detects the malware speaks volumes for the
efficacy of avast.

Let's take a look at it this way...Imagine a malware/virus author creates a new software and avast
gives them a token. Now with that token the infectious material gets loose on the web. Who would gets the
blame? The author or avast for handing out the token? The best way is for the developer to keep testing
their work with an antivirus and anti-malware software. Once it is confirmed infection free then release it
to the general public.

Until then upload the zipped file to virus@avast.com and let the virus lab experts deal with it.
After all that's what they are there for.
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

REDACTED

  • Guest
Quote
  well,  avast could avoid scanning them. and then avoid marking them as viorus and throwing them into the chest.     
Not virus ...... Suspicious

Anyway this is the price we pay for using generic/heuristic detections to be able to catch new virus before signature is created
If lots of undetected malware slipped by ..... what would you say then?

It treats 'suspicious' and 'virus' the same way though Pondus. In the bin and scare the user.

Don't get me wrong though, I agree that locking down threats at the earliest possible opportunity is good for everybody, and if my code unintentionally and inadvertently did bad things, it's right to lock it up. No questions. The problem is most developers aren't all major organisations that have the resources behind them to do such things as get a full security audit or buy expensive certificates that need renewing. etc. Avast! whilst being a market leader and doing a great job at fighting 'bad stuff' is slowly destroying hobbyist and the smaller developer, without putting anything back into it.

If Avast! wants to take a tough stand against 'baddies', that's good, but they should also have the same enthusiasm to ensure 'good' programs/programmers are recognised.  Remember this is not auto-whitelisting that i am proposing. But a cheaper intermediate than buying thawte or other certification, that is just used for a specific MD5.
I can get a free class 1 ssl certificate by answering some questions here: https://www.startssl.com/?app=32 and I envisioned  something similar from Avast! for developers/users. 

To answer the next comment on the next page about "what if the malware developers get a token. What then?"  <-- That's exactly the same as them getting their worked signed by any other authority. s
What-if's such as that would prevent everything that ever progressed. And Avast! would not exist, nor would any other technology whatsoever. We'd still be freezing our butts off in caves because "'What if' the fire we created from rubbing sticks together burned us?" 





Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37698
  • F-Secure user
Quote
   It treats 'suspicious' and 'virus' the same way though Pondus. In the bin and scare the user.   
I agree with that.
It has been suggested that the suspicious popup should be in another color (yellow) and with suspicious txt at top, and ask what action to take