Re[4]: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x



Dear sk GroundZero,

sG> well but you dont see the developer side of this.
sG> the big companies can "buy their way out of the
sG> signature file", that means that their application
sG> wont be included as "potential unwanted software".

You mix the parameters here, you are refering to CLARIA
and Microsoft. Claria never developed "hacking" related
tools but adware. I never saw this reported otherwehere ?
(imho)

sG> but for small companies and freeware developers,
sG> this is a big loss, since if a AV vendors mark their
sG> software as malware, noone will download it
sG> anymore or even send complain mails and its hard
sG> for a little company or a single programmer to do
sG> much about this.
Like I said I know the developer side of this becuase one of my tools
was flagged. I choose to write a sentence above the download link
about it, that cut 98% of the complaint mails.

sG> for a small company that
sG> is selling shareware this could mean loss of money.
Tell me, I am/was doing trialware.

sG> sure an AV vendor wont care if some little company
sG> goes out of business. i remember this one tool called
sG> pest remover or something ..it simply removes anything
sG> that could possibly harm.
It still exists : "Pest Patrol". Companies bought it explicitely
_because_ it reported _everything_. On some critical LANS not
even netcat should be installed. That's where these programs
come in and fill the gap. Yes on the business side there was a gap
the common AV solutions reported _not enough_ for certain
environments, AV vendors saw this and partielly closed the gap.

sG> but their selection is very stupid
sG> as even a C programming text (!) will be removed
sG> and various portscanners or other administrative tools.
IMHO : Yes and no. Again in _some_ highly critical enviroment
there should never be source code lying around on workstation
which opens sockets or similar. It's hard to see but there IS actually
a rising demand for these scanners that tag everything.

sG> anyhow the most redicilous malware
sG> removing tool i ever saw!
I agreed years ago, now I disagree.


--
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • Re: I need some expert advice on database design
    ... also know getting a programmer to criticize another programmer may be like ... Private Sub Command 31 Click ... Anyone who programs using Access's "Macros" as opposed to VBA is ... highly suspect as a professional Access developer. ...
    (microsoft.public.access.tablesdbdesign)
  • Re: mastering programming with vb.net?
    ... I do know the writer Michael Halvorson's he has also written some good VB ... The " Developer Reference and Focused Topics " are more my books as i see ... VB.Net programmer i would say read his book "Programming Microsoft Visual ...
    (microsoft.public.dotnet.languages.vb)
  • Re: Update db FE with "power user"
    ... This boss is not making changes for fun, he has a problem to solve ... that his developer has not addressed yet. ... One time there was a cheap programmer and me, ... But other bosses might be sitting in the captain's chair going thru something like invoices; punch figure, punch figure...hmmm...how do I find out the sum of my figures...write code...punch figures punch figures...how many invoices is that customer delinquent on?...write code...punch figures...etc. ...
    (comp.databases.ms-access)
  • Re: I wont argue with you all.
    ... If you have no aspirations of becoming a developer, ... about angry and hot-headed remarks, ... >> 4) Dont asume everyone has a problem just because you are another ... The kind of programmer that was made just using code ...
    (microsoft.public.dotnet.framework.aspnet)
  • VB Project & SourceSafe question
    ... maintain a main storage separate from the developers, ... In addition you will want to assign each programmer their ... Make sure each developer labels any significate changes. ... We then 'pin' these versions, ...
    (microsoft.public.vb.general.discussion)