[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: Lua x antivirus
- From: "M. Edward (Ed) Borasky" <znmeb@...>
- Date: Fri, 13 Jul 2012 10:16:24 -0700
On Fri, Jul 13, 2012 at 7:30 AM, Oliver Schneider
> On 2012-07-12 21:43, Enrico Colombini wrote:
>> I didn't know that; are you sure it works that way? I've often used it
>> to check files and I often got a negative result. Sometimes it was a
>> false positive by a single antivirus only.
> As someone from the industry I can tell you that it doesn't work this
> way. It's yet another myth similarly grotesque as the one that we're
> writing the malware to sell the protection against it :)
> There is sample sharing going on between vendors over other channels and
> sometimes also from VT, but the decision whether something is classified
> malware, grayware or goodware is at the discretion of each vendor.
> Although it is a known problem that false positives spread like this and
> there is (IMO) no proper mechanism in pace to report a false positive to
> numerous vendors (although VT worked on something like that some time
> ago). I suppose Florian was referring to this spreading of false
> positives. But it's a fallacy to believe VT is the driving mechanism there.
>> If virustotal has such an impact, I guess it should be possible to
>> contact them and have it marked as "good",
> You can register and do that yourself, btw. I did it for that file.
> // Oliver
My experience is that the only "fix" is to use your virus scanner's
tools on your machine to allow "false positives" to execute. There's
no other practical solution; this isn't a "democratic" or
Twitter: http://twitter.com/znmeb Computational Journalism Server
Data is the new coal - abundant, dirty and difficult to mine.