Re: Nasty propaganda by "security tool" providers




Leythos wrote:
<snip>

The first post was from VB stating:

-- test of VB's initial post --
while my simple and harmless PoC codes how to ignore "Personal
Firewalls" already are found as "viruses" by many virus scanners,
now my tool "Shutdown Windows' services" is found as
"SPR/Tool.KillService" virus by AntiVir. A tool, which has nothing to do
with a virus, and improves security on a Windows 2000 or Windows XP host
before SP2.

The reason, why this is done, should be obvious. Just think twice.

I'm wondering, wether one at all could trust in AntiVir any more. How
many other things this tool is "detecting" because of political reasons,
ignoring the needs of the user?
-- end of VB's initial post --

Nowhere in the post does it indicate the vendor has refused anything.

Nowhere in the post does it indicate that VB contacted them and got a
response.

VB clearly tries to imply that the AV vendor targeted him personally,
not the application based on it's functions/purpose.

As we've seen in the two threads, the following:

21 av detection engines, according to b.nice, detected VB's code as some
form of risk.

None of the av vendors have posted or given reason as to why the
consider it a risk.

As description of the code, shuts down windows services, indicates it
does the same thing as many malware, regardless of intenet of the
author.

One AV vendor has changed their classification and is going to list it
as a Risk instead of SPR.

So, what are we left with:

Did all 21 vendors decided to go after VB personally, not because of the
code, but, because it came from VB? I seriously don't think that they
did, he's an unknown and not worth the cost of looking for him.

Did all 21 vendors give anyone a reason for marking it as a risk? Not
that I've seen anywhere in the thread.

We don't have a single factual bit of info as to why the code was
identified as a Risk.

If you've got something to factually dispute these statements, please
post so that I can see where I missed something in these facts.

--


it's what they omitted that is so revealing.

VB informed them that their program mistakenly identified his program
as malware, and that theirs should be corrected.

They did not say that they would fix their program - on the contrary,
they justified it. Meaning, They're saying they won't.


can you imagine if their software flagged a new MS program (that used
the same technique) as malware and they didn't correct it.?

their refusal has no technical justification, because their software is
meant to identify malware, and possible malware. Not things that are
implemented a bit like malware but most certainly are not malware.
Technically, they can excempt VB's program.


So what is the reason? If not technical, then I think it must be
political, what other possibility is there?

.