Malwarebytes claim: IObit is stealing signature databases [Archive] - Page 2

littlebits

November 5th, 2009, 03:44 AM

Here are my views on this situation;

First if IObit is guilty then shame on them, but if they are not guilty then shame on MBAM for jumping the gun.
I don't believe it is right for a company to infringe on another vendor's work and sale that product.

Second, MBAM did have some good evidence against IOBit but now since they went public with this evidence, that gave IObit a chance to destroy it. Now all they have is images which can be manipulated with about any imaging software. I really doubt these images would stand up in a court of law.

Third, shame on MBAM for making this issue a online soap opera. That was very unprofessional of them.
If they were smart, they would have kept quite about this issue, contacted their attorneys and taking legal actions without involving all of these unnecessary online battles. If IObit was indeed guilty, then they should have to pay a license fee (http://www.malwarebytes.org/corporate.php) to MBAM and other vendor's also. They should also give credits to any vendor's database used.

Forth, it can believe how everyone on the web just takes MBAM's word and judges IObit with a guilty plea.
So far none of us really know how they got those fake detections into their database. That gives us reasonable doubt. Most of us here know that you just can't trust the word of one side, remember how MBAM went a made false accusations about other sites that tested or reviewed their product??

Other reasonable doubts, IObit 360 was becoming more popular than MBAM, many online testing sites gave IObit 360 better reviews. The detection rate was much better on IObit 360. This did cause a conflict of interest since IOBit 360 was becoming MBAM main competitor. Why did MBAM go public and allow IObit a chance to destroy the evidence?? Maybe because they knew that the evidence would be enough to use in a court of law?? or maybe since they knew IObit was located in China, they really couldn't do much legally?? maybe they were the ones that used the online submitter to frame IObit??
Who really knows for sure??

On the opposing side, I have mentioned many times how similar the detection between MBAM and IObit 360. Since I run a computer shop, I have used many free malware removal tools. The malware found by both products had the exact same malware name. Most anti-malware products will have different names for the same exact malware and the description would also be a little different. That is what made me suspicious.

I have also found similarities between IObit 360 to CA (eTrust) and a few others. I really find it very hard to believe that IObit has achieve this excellent detection with the little time that they have been in business.
I know that they have the online submitter, but still it appears to be unreasonable that they have developed their database without infringing upon other vendor's.

So these are my views in the situation, maybe the truth will come out soon.
Until then, I'm not going to pre-judge IObit.
I love their SmartDefrag, Advanced SystemCare and 360 Security and will not affect my choice to use their software for now.

Also remember this issue doesn't affect the quality of IObit's software, but if they are proven to infringe upon other vendor's work, then it will hurt their reputation and then I would change my mind about using any products that infringed upon other vendor's work.

I'm sure that if these accusations are true, then MBAM Team would really be pissed off.
They are a very loud spoken group, they hate when someone tests their product with low scores or doesn't give them an excellent review, they hate anyone making illegal cracks for their product, now if some vendor used their technology for profit without their approval would really put them on a rampage. All of this online media news is hurting both sides. If anything it is creating more interest for IObit's products. Almost everyone knows about MBAM, now they also know about IObit.

Thanks. :smile:

arran

November 5th, 2009, 05:02 AM

-{ Quote: "Here are my views on this situation;

Third, shame on MBAM for making this issue a online soap opera. That was very unprofessional of them.
If they were smart, they would have kept quite about this issue, contacted their attorneys and taking legal actions without involving all of these unnecessary online battles. If IObit was indeed guilty, then they should have to pay a license fee (http://www.malwarebytes.org/corporate.php) to MBAM and other vendor's also. They should also give credits to any vendor's database used.

" }-

given the fact that both companies are in different countries it would be very difficult and costly with doing legal actions. seeking justice and fighting the battle online was the best way to go. I don't believe it was MBAM's intentions to make it out to be an online soap opera, what made it a soap opera was all the public spreading the word on the internet. That said I don't believe it should have only been sorted out behind closed doors because the public have a right to know the truth.

Fuzzfas

November 5th, 2009, 07:31 AM

-{ Quote: "

Second, MBAM did have some good evidence against IOBit but now since they went public with this evidence, that gave IObit a chance to destroy it. Now all they have is images which can be manipulated with about any imaging software. I really doubt these images would stand up in a court of law. " }-

There are 2 considerations here:

1) You assume that MBAM has the economic means to open a legal dispute in chinese courts, even more in a period of global economic crisis.

2) You assume that since MBAM went public, Iobit got the chance to destroy the evidence. Pray tell, what would impede Iobit from destroying the evidence just in the same way (renaming or removing detections), as soon as the legal paper of the lawsuit arrived to their offices? You DO know that it takes MONTHS or even years to try a lawsuit of civil nature, don't you? Or do you think that before they even know there is a lawsuit, the People's Army of China will raid their offices, arrest them and seize all assets?

-{ Quote: "
Third, shame on MBAM for making this issue a online soap opera. That was very unprofessional of them.
If they were smart, they would have kept quite about this issue, contacted their attorneys and taking legal actions without involving all of these unnecessary online battles. If IObit was indeed guilty, then they should have to pay a license fee (http://www.malwarebytes.org/corporate.php) to MBAM and other vendor's also. They should also give credits to any vendor's database used. " }-

- Maybe making public the issue is the only REALISTIC way of getting back to Iobit. (See above for explanations).

- Your argument about legal battles, can work both ways you know. If Iobit is being slandered and practically destroyed (because a security company is effectively destroyed once its reputation takes such a blow) , why doesn't SHE make lawsuit against MBAM? You didn't think of that, did you?

-{ Quote: "
Forth, it can believe how everyone on the web just takes MBAM's word and judges IObit with a guilty plea. " }-

People on the web aren't judges to give a plea. But they are persons, and as such, can form an opinion on who is more likely to be telling the truth. After all, the people of the web, are also the target audience of the 2 products.

Is there anyone impeding Iobit to counter MBAM's claims? No. Iobit actually replied. Then it all goes down to how each evaluates the 2 claims.

Does it cross your mind that "everyone on the web" is against Iobit, because ... after hearing the 2 stories, the one of MBAM is much more convincing? What do you expect for people to do? Just sit on their asses, switch off their brain and say "Oh well, i will only wait for this to go to court. If it doesn't , it never happened"?

Do you know how many real law infringements occur everyday and don't end up in courts either because it's too costly or next to impossible? That's especially true for electronic products or people who can't afford to start a legal battle, specially when the target is abroads and subject to foreign laws. MBAM's lawyes in particular, if MBAM has a fixed law service, are good to nothing against Iobit, because they don't know chinese law, which given the huge copyright infringement occuring in China (they sell in shops pirated boxed (!) Windows for 5$) , must be pretty loose. They 'd have to go to China and hire some local Chinese lawyers, specialists on copyright infringement and then open battle against Iobit, which as yourself said, would have all the time to destroy the evidence from her own database. Because as i said, you don't expect to file a lawsuit and get a trial the next day or next week do you?

-{ Quote: "
So far none of us really know how they got those fake detections into their database. That gives us reasonable doubt. Most of us here know that you just can't trust the word of one side, remember how MBAM went a made false accusations about other sites that tested or reviewed their product?? " }-

You 're right. We DON'T know how these detections went there. IObit knows:

http://blog.iobit.com/archives/95.html

Then all you have to do, is think whether that explanation is enough for you or not. My opinion about that, is that even if Iobit's (improbable) explanation is true, there is STILL a very serious issue, where they practically add to their definitions any file, without controlling it and with the name you sent it to them.

-{ Quote: "
Other reasonable doubts, IObit 360 was becoming more popular than MBAM, many online testing sites gave IObit 360 better reviews. The detection rate was much better on IObit 360. This did cause a conflict of interest since IOBit 360 was becoming MBAM main competitor. Why did MBAM go public and allow IObit a chance to destroy the evidence?? Maybe because they knew that the evidence would be enough to use in a court of law?? or maybe since they knew IObit was located in China, they really couldn't do much legally?? maybe they were the ones that used the online submitter to frame IObit??
Who really knows for sure??

" }-

- Whether the detection rate of Iobit was better than MBAM's or whether sites were giving better reviews to Iobit, is something i haven't researched enough, but specially on the 1st one i wouldn't bet anything about it. And it tells nothing to me. Even if it's true, by stealing the MBAM's defs and adding their own, it's quite probable that eventually they surpass MBAM... There's nothing weird about that. One company spends her time researching her own malware, the other takes the database of the other company and adds her own malware, probably the latter in the long run will prevail... But you know, at least currently, between a product with better detection but which resident scanner doesn't work and another with worse detection which resident's scanner actually works, i 'd choose the latter. :) Although i won't be buying MBAM anytime soon since i 've won a SAS Pro license some time ago and i have yet to use it.

-{ Quote: "
On the opposing side, I have mentioned many times how similar the detection between MBAM and IObit 360. Since I run a computer shop, I have used many free malware removal tools. The malware found by both products had the exact same malware name. Most anti-malware products will have different names for the same exact malware and the description would also be a little different. That is what made me suspicious. " }-

The SPECIFIC issues raised by MBAM go beyond a casual name coincidence. Both the non malware flagged as "Don't steal our Software" and the "fake malware" detections which don't exist in the wild and were put in the MBAM database just for trap.

-{ Quote: "
So these are my views in the situation, maybe the truth will come out soon.
Until then, I'm not going to pre-judge IObit.
I love their SmartDefrag, Advanced SystemCare and 360 Security and will not affect my choice to use their software for now.

Also remember this issue doesn't affect the quality of IObit's software, but if they are proven to infringe upon other vendor's work, then it will hurt their reputation and then I would change my mind about using any products that infringed upon other vendor's work. " }-

You know what's the problem with software? It's so hard to effectively prove in court that you are right. Because as you said, it's so easy to cover your tracks in this case and it's also very costly and time consuming to start legal battle to the other end of the world and specially in China...

Then, all you can do, is make public your story and let the consumers decide if they want to buy the one or the other.

-{ Quote: " All of this online media news is hurting both sides. If anything it is creating more interest for IObit's products. Almost everyone knows about MBAM, now they also know about IObit.

Thanks. :smile:" }-

I think all of this online media is hurting only one side, that is Iobit. And if anything, it scares people away from Iobit's products, because when it comes to security software, the last thing you want is to have a security company that steals others to make their money. If i am prone to believe that Iobit did steal MBAM's database to make money, what will stop me from believing that Iobit is capable of stealing my own data for making money (example my email addresses?).

Also, for those people who use site advisors or internet reviews, this hurts Iobit only too. Because as you pointed, all the web is against Iobit. So if you read an Iobit review with these accusations and you also visit WOT and see the rating going down the drain, who's hurt? MBAM or Iobit? I 'd say Iobit.

MBAM on the other hand is gaining sympathy and if you visit various fora, including this one, it gains even new customers.

I am sure that if Iobit comes up with a better explanation, the web will turn in her favour. I mean, it's not that "all the web" are MBAM's users or MBAM shareholders and are endorsing on purpose the MBAM conspiracy, is it? They endorse it because it sounds much more credible than Iobit's position, who also shot herself on the foot by rushing to delete and ban members from her forum. When you do that, even if you 're telling the truth, you sure help appear guilty as sin.

Regards

Fly

November 5th, 2009, 09:18 AM

-{ Quote: "This is serious now. IOBit are letting their forum staff down. Now the forum staff are ready to jump ship. Read from the top down and also the next page: http://forums.iobit.com/showthread.php?t=4802&page=15

Note the edit made by Solbjerg in the first post. Incredible!" }-

Just FYI, the thread has been removed.

What a surprise ! ::)

CogitoTesting

November 5th, 2009, 09:47 AM

@ littlebits

You've got to be kidding? MBAM is the innocent party here and MBAM has conducted itself with diligence and honor. You have forgotten that MBAM is dealing with a foreign entity, IObit. IObit is Chinese and no US court has jurisdiction over China.

Let's say for the sake of argument that MBAM decides to sue IObit in US courts, what would you think would happen? In all likelihood MBAM will win the case with a heavy monetary judgment against IObit. Then what? Well nothing will happen against IObit because the Chinese government would not allow such a judgment to take hold. The only thing that MBAM can do is to petition the US government to complain to the World Trade organization. And even that route is a long shot, because the US government would not jeopardize the relationship of its favorite trade partner (China). Other companies have tried to petition the US government to no avail.

To me, MBAM has done it right. The only way that MBAM can win is within the hearts and minds of the public at large. You also mentioned that MBAM by its actions allowed IObits to destroy its own evidences. What in the world you are talking about? You cannot destroy electronic evidence once it is published on the web with a date and time stamp on it.

MBAM has Google as a witness with respect to the time that MBAM evidences were indexed by Google and more importantly MBAM has thousands of witnesses all over the web. My conclusion is that IObit is done, their reputation is utterly destroyed, and their sale prospects are over for the rest of the computer security world. :D :thumb:

LaserWraith

November 5th, 2009, 09:59 AM

-{ Quote: "@ littlebits

You've got to be kidding? MBAM is the innocent party here and MBAM has conducted itself with diligence and honor. You have forgotten that MBAM is dealing with a foreign entity, IObit. IObit is Chinese and no US court has jurisdiction over China.

Let's say for the sake of argument that MBAM decides to sue IObit in US courts, what would you think would happen? In all likelihood MBAM will win the case with a heavy monetary judgment against IObit. Then what? Well nothing will happen against IObit because the Chinese government would not allow such a judgment to take hold. The only thing that MBAM can do is to petition the US government to complain to the World Trade organization. And even that route is a long shot, because the US government would not jeopardize the relationship of its favorite trade partners (China). Other companies have tried to petition the US government to no avail.

To me, MBAM has done it right. The only way that MBAM can win is within the hearts and minds of the public at large. You also mentioned that MBAM by its actions allowed IObits to destroyed its own evidences. What in the world you are talking about? You cannot destroyed electronic evidence once it is published on the web with a date and time stamp on it.

MBAM has Google as a witness with respect to the time that MBAM evidences were indexed by Google and more importantly MBAM has thousands of witnesses all over the web. My conclusion is that IObit is done, their reputation is utterly destroyed, and their sales prospect are over for the rest of the computer security world. :D :thumb:" }-

:thumb: I agree with you. :)

RejZoR

November 5th, 2009, 09:59 AM

It happens that certain company just copies the name of the malware based on VT detections, but when some company includes a signature for a file that was designed inside MBAM and was NEVER released ITW with a name "Don't steal out software" (or something like that) i seriously doubt it was "just" some sort of mistake like Iobit stated. It's just impossible for them to mistakenly obtain sample of the file that doesn't exist anywhere but inside MBAM virus lab and detect it with such khm, obvious detection name.

But from my quite good software knowledge:
1. virus definitions don't just copy themself by "mistake", especially not for "ghost" files don't don't exist ITW
2. malware names like that just don't exactly grow out of nowhere
3. what exactly would MBAM benefit from random accusation of a competitor, other than from defending their own intellectual property?
4. MBAM has the reputation of it's own and doesn't really need to go the dirty way against competitors to succeed

So Iobit is pretty much guilty if you ask me.

DOSawaits

November 5th, 2009, 10:15 AM

I think MB's Purchasing Page is making overhours these days, and I suspect IObit's too, all of a sudden everyone knows IObit's 360.
Everytime Comodo was seen pants down, their fan- & customerbase got another serious boost.

You don't make a good sale these days by keeping your respect and manners for the end user, but from making your company's name show up on as many internet sites as possible, the average Joe doesn't care if these are positive or negative news items.

Shameful reality on how business, especially the Security one happens these days.

LnSrocks

November 5th, 2009, 11:12 AM

i guess this is the hotttest topic!

iobit isn't even guilty until they are puished by law, so idk y ~ Snipped as per TOS (http://www.wilderssecurity.com/faq.php?faq=wilders_tos#faq_wilders_tos_1) ~ Malwarebyte fanboys spreading it everywhere. iobit 360 is crapware anyways, only novice users would use that to scan their comp.

-{ Quote: "3. what exactly would MBAM benefit from random accusation of a competitor, other than from defending their own intellectual property?" }-

FREE ADVERTISING from die hard fanboys lol :argh: i mean this topic is almost everywhere online... better than a 30 secs commercial

nosirrah

November 5th, 2009, 11:14 AM

I saw a few things mentioned that I can clarify .

IOBit will supply all evidence in the form of its own integrated database in previous versions of its software stored all over the web and obviously backed up by us . They themselves set this in stone . Someone mentioned doctoring pictures and destroying evidence . Again , their DB is locked in current and previous versions of their installer , in the event we need to prove something we will be using their software , not pictures and their current database .

Fuzzfas

November 5th, 2009, 11:30 AM

-{ Quote: "I saw a few things mentioned that I can clarify .

IOBit will supply all evidence in the form of its own integrated database in previous versions of its software stored all over the web and obviously backed up by us . They themselves set this in stone . Someone mentioned doctoring pictures and destroying evidence . Again , their DB is locked in current and previous versions of their installer , in the event we need to prove something we will be using their software , not pictures and their current database ." }-

So , do you plan to pursue this in the chinese courts?

-{ Quote: "i guess this is the hotttest topic!

iobit isn't even guilty until they are puished by law, so idk y ~ Snipped as per TOS (http://www.wilderssecurity.com/faq.php?faq=wilders_tos#faq_wilders_tos_1) ~ Malwarebyte fanboys spreading it everywhere. iobit 360 is crapware anyways, only novice users would use that to scan their comp." }-

Welcome to the forum and congrats for your intelligent posting (as opposed to that of ~ Snipped as per TOS (http://www.wilderssecurity.com/faq.php?faq=wilders_tos#faq_wilders_tos_1) ~ posters). So intelligent, that we may soon not be able to see your post i suspect. BTW, that's what fanboys are for. But how many actually manage to make their advertizing go "everywhere online"? So, you have to hand it to MBAM, in having the most efficient fanboys around. :argh:

RejZoR

November 5th, 2009, 11:32 AM

As i said, start adding their files into your definitions. I doubt they can track that and they'll destroy themself if they're really stealing the base.

nosirrah

November 5th, 2009, 11:39 AM

-{ Quote: "So , do you plan to pursue this in the chinese courts?" }-

This is not my place in the company and not for me to say . All I can say is that if the need arises their own software is all that we need . The traps were to make a visual and verifiable display for our and their users . Obviously the strongest evidence is not on public forums . I don't think that this is a secret to anyone .

nosirrah

November 6th, 2009, 01:33 AM

Has anyone retested samples from their tests to see if detection dropped ? Unless I am wrong here detection should have gone up by now right ?

SUPERAntiSpy

November 6th, 2009, 02:33 AM

In my opinion, MalwareBytes (or any company in this situation) should have had an outside authoritative company conduct the "trap" - right now all there is is internal data from MalwareBytes and they have destroyed IOBits company reputation - it's akin to accusing someone of "rape" without it being adjudicated in a court of law where is proven beyond all reasonable doubt. Once that bell has been rung, you can't unring that bell - IOBit is now forever "tainted" no matter if they are innocent or guilty.

It's being stated as "FACT" that the database was stolen by many blogs and news sites.

To play devils advocate, we receive "legit" files and "fake samples" submitted to us on a daily basis - some from competitors trying to get us to remove something that should not be removed, and some from users submitted files they just don't know the status of - if a company were to overzealously process those, they could end up in the database very easily - it would be EASY to set up another company to use "private" files "not available outside the company" - we have done tests ourselves - those samples end up in definitions rather quickly. As for naming, the names are essentially meaningless - and many companies "adopt" names other companies use - it's just part of the industry - obviously the "Fake Rogue" is suspect as to how that ended up in the database - but again it could have been submitted to IOBit and they simply used the name. SUPERAntiSpyware has been reverse engineered by several companies as certain things we pioneered appeared in competitive products shortly thereafter - again, it happens to all of us.

If the case is true, it's very unfortunate and needs to be properly handled, but if it's not true then MalwareBytes has just opened themselves up to a multi-million dollar lawsuit from IOBIT.

It's been turned into a huge publicity stunt - IOBit received a higher review on several sites that sell MBAM (undisclosed to the public) and profit from its sale - those sites are now being pressured to remove IOBits software.

What's done is done - but I think this whole situation should have been handled with a little more tact.

JohnnyDollar

November 6th, 2009, 03:38 AM

SUPERAntiSpy,

Maybe MBAM has handled this the wrong way, and as a result there has been serious damage to IObits' reputation. Who knows it may come back to bite them.

Ok that is one of the players in this, what about the other one? How has IObit in it's own defense handled this? I would say their handling of this has been unprofessional to say the least. As one of the other posters here noted: They have let their volunteer mods on their forum fight the battle for them. This should have been resolved by the senior staff. When Iobit forum members created threads to discuss this, the mods deleted the threads and started banning members. When Iobit finally issued a response it sounded weak and incomplete, it didn't give anyone that was trying to look at this issue objectively any confidence in their side of the story at all.

My perspective on this is a little different than yours. The way this whole deal has evolved surrounding this issue, and how it has been handled by the parties does not leave me feeling sorry for IObit and seeing them as the poor victim. I also would like to add that IMO just because Superantispyware has been reverse engineered before does not make it ok for IObit to reverse engineer MBAM.

Edit: BTW I like your product.:)

littlebits

November 6th, 2009, 03:41 AM

nosirrah

November 6th, 2009, 03:47 AM

Almost sounds like you volunteered .

OK , I believe you will see the logic in what I am going to propose . Install an archived copy of IOBit 1.1 , they are all over the web . I don't think their after install update has a prompt so disable networking before install . Next take a pile of max 4 month old samples and filter by detected by IOBit . Re-filter by detected by MBAM . Update to IOBit 1.2 and scan the same samples . Report the final scan log and samples for independent confirmation .

I think we can all agree that Malwarebytes only has only one way to influence these results .

littlebits

November 6th, 2009, 03:56 AM

A little update, IObit has removed 360 Security from their homepage and all download sites. http://www.iobit.com/security360.html?Str=download

They replaced the download link with "Updating... New Version Available Soon!"

This doesn't look good at all, why would they remove their download unless they have something to hide?

Thanks.:)

JohnnyDollar

November 6th, 2009, 04:06 AM

Fuzzfas

November 6th, 2009, 04:48 AM

-{ Quote: "In my opinion, MalwareBytes (or any company in this situation) should have had an outside authoritative company conduct the "trap" - right now all there is is internal data from MalwareBytes and they have destroyed IOBits company reputation - it's akin to accusing someone of "rape" without it being adjudicated in a court of law where is proven beyond all reasonable doubt. Once that bell has been rung, you can't unring that bell - IOBit is now forever "tainted" no matter if they are innocent or guilty. " }-

Hello Nick.

As a general principle, i would agree in the concept of putting a 3rd party "authoritative" company to do the entrapment. However, a doubt comes to my mind. Who this "authoritative" company might be? Does it exist? Is there such an authority that does this kind of entrapment without being paid? Because, once you pay a company, excuse me, but all you have is like the tests sponsored by Norton that by coincidence every time rank Norton first. What i mean is, once you pay someone, he ceazes to be "authoritative". What would stop IoBit and any other "devil's advocate" to say "Well, they hired a company to get their job done"?

There is also a bit of difference with the simple rape case. In a rape case, the supposed victim and the supposed offender, are both subject to local legislation. In this case, IoBit, is subject to chinese law. All a US judge can do, is in case they have any US based assets, and the judges condemns them, if Iobit refuses to pay, the judge can order to cease Iobit's US based assets, liquidate them and thus compensate MBAM.

If Iobit has no connection to US whatsoever (which is the most probable), then a US judge can't do anything. MBAM has to hire Chinese lawyers and move to Chinese courts, which means 2 things:

- MBAM must have the financial ability to do that.
- The chinese legislation must be tough enough on copyright infringement as to make MBAM's money and time spent worth the effort. I mean, if the fine for such an infringement under chinese law, equals to a "slap on the wrist", MBAM will end up losing money out of this.

The same applies to Iobit. Iobit can do nothing to MBAM, unless MBAM has a Peking office for example and does business in China based on their local branch. Iobit would have to move to US Courts. On the bright side, i am pretty sure that US courts in cases of slandering make your time worth if you win.

-{ Quote: "

It's being stated as "FACT" that the database was stolen by many blogs and news sites. " }-

It's not a fact, it just seems very probable. But that's the internet. People write all kind of inaccuracies

-{ Quote: "
To play devils advocate, we receive "legit" files and "fake samples" submitted to us on a daily basis - some from competitors trying to get us to remove something that should not be removed, " }-

To play here the devil's advocate too, how do you know that it's your competitors trying to get you to remove files? Did you hire a 3rd party authoritatve company to do an investigation? Which one?

-{ Quote: "
and some from users submitted files they just don't know the status of - if a company were to overzealously process those, they could end up in the database very easily - it would be EASY to set up another company to use "private" files "not available outside the company" - we have done tests ourselves - those samples end up in definitions rather quickly. " }-

Theoretically everything is possible. However, this comes back again to the other problem. Isn't a vendor supposed to test if submitted files are real malware before adding them to their database? Iobit maybe didn't steal, but sure doesn't help admitting that they put innocent files in their definitions either.

-{ Quote: "
As for naming, the names are essentially meaningless - and many companies "adopt" names other companies use - it's just part of the industry - obviously the "Fake Rogue" is suspect as to how that ended up in the database - but again it could have been submitted to IOBit and they simply used the name. " }-

There is IMHO a difference between naming the same Malware as "ZLbot.A" and naming the same NON malware as "Don't Steal Our Software" or even the "HiJack.DisplayProperties" for a registry innocent string.

-{ Quote: "
SUPERAntiSpyware has been reverse engineered by several companies as certain things we pioneered appeared in competitive products shortly thereafter - again, it happens to all of us. " }-

To do the devil's advocate too, do you have any proof about that? Do you have the results of an authoritative 3rd party company? Because there are all kind of products which come up with similar features, it doesn't automatically mean that they reversed engineered yours. Think of how many AVs came with HTTP scanner, how many are currently coming up with behaviour blockers, technology that flags already scanned files so that they won't be scanned again unless modified etc. Getting ideas from others is common. It doesn't necessarily mean they reversed engineered someone else's product.

-{ Quote: "
If the case is true, it's very unfortunate and needs to be properly handled, but if it's not true then MalwareBytes has just opened themselves up to a multi-million dollar lawsuit from IOBIT. " }-

I would expect that MBAM, when got out with this, was conscious of what she is going up against and that IoBit is probably a wealthier company than MBAM itself (since IoBit is selling more products for quite some time). So i don't think they don't know that they expose themselves to a multi-million lawsuit nor that the US Courts can come up heavily on your in slandering cases.

-{ Quote: "
It's been turned into a huge publicity stunt - IOBit received a higher review on several sites that sell MBAM (undisclosed to the public) and profit from its sale - those sites are now being pressured to remove IOBits software. " }-

It is in deed a huge pubblicity opportunity. However, how many companies do you know, which would risk so much in a BLUFF? Because as you said, if IoBit moves against them, it will be multi-million case, which means that if Iobit wins, MBAM may very well close and go bankrupt. Yes, MBAM maybe a desperate poker player i suppose, going "ALL IN" with 7-2 offsuit. ;D But it's also probable that MBAM isn't on a suicide mood and went "ALL-IN" with A-A and that's why thinks that the risk is worth it. (Aka, i don't have the money to pursue Iobit, but i know my position is solid enough to be able to beat Iobit in a US court or deter Iobit alltogether from trying to bring it to US court).

-{ Quote: "
What's done is done - but I think this whole situation should have been handled with a little more tact." }-

I would agree if a) there was a 3rd party authority which does entrapments WITHOUT being paid by one party (trully indepenent authority, otherwise, it's "money talks"- authority) and IF Iobit was a US based company, so automatically subject to US Courts.

For example, if i buy a Software which is from USA and after 1 month the owner of the software company violates the EULA and i can't use my program, i could a) Accuse him pubblically or b) Open a legal battle against him.

But, i am a student and i am not even in USA. I can't afford to start a legal battle against the US vendor. So all i have left is option a.

I don't know how MBAM's economics are, but in the middle of the crisis and considering it's a small vendor, i don't think they are floating in $ right now. And since my brother is a lawyer, i know very well, that starting a legal battle like that, costs A LOT, specially when it's not conducted in your own country.

So, saying "all must end up to court", is theoretically a very correct motto, as long as both sides have the power and opportunity of enough compensation to bring it to power. If not, then it's another game.

For example, suppose i am in Groenland and i own a site that daily slanders SAS. I have no connection to US whatsoever so you can't touch me through US courts. I am also a student with no personal property at all and winning in a Groenland court would give you 1000 $ compensation , while hiring a lawyer for would cost you 5000$. Would you pay 5000 to win 1000? Or would you settle with replying to me pubblically with compelling evidence that i am in deed slandering you and punish me like that?

What i mean by that. If copyright infringement in China is punished loosely and Iobit ends up paying less than what you will pay for moving against them in China (assuming you can spare the money to move the battle to China to start with, because it's money you won't be getting back for more than 1 year and if they appeal you will have to keep paying the lawyers while waiting the day that you will finally get the final verdict and get some money back), what's the gain for MBAM if really got ripped of? Getting ripped off plus paying more?

All this isn't purely theoretical. I will remind that in this very forum, in the discussion about Matousec, almost everyone agreed that Mamutu had no business being put up against "firewalls" in a "firewall challenge" and by doing this, Matousec was effectively badmouthing Mamutu unfairly and causing economic and reputation damage to Emsisoft , which had also called Matousec that she does NOT wish to be included in that test. I remember one Emsisoft representative, saying that moving legally against Matousec, simply isn't something they could not afford (They are in Austria, Matousec is in USA? It would mean for them to "invest" money for US lawyers and forget about that money for a couple of years or more, depending on how fast justice is in USA). So, was Matousec causing effectively damage to Emsisoft? According to the concept of "Let a judge decide, the web should have no opinion", Matousec wasn't...

So "bring me to court if you are right", is a fine concept, but not always realistically applicable.

Fuzzfas

November 6th, 2009, 05:34 AM

-{ Quote: "
Before all of this happened, IObit was a respected company that makes many free products. Almost all download sites gave their products 5 stars.

Thanks.:)" }-

Before yesterday i thought Iobit was respected too. I didn't know that they were doing the "porn phishing" in order to get their products, nor that in one of their "porn phishing" pages, from time to time i get a link to the REAL youporn.

-www.iobit.com/naruto-porn.html

http://img94.imageshack.us/img94/5742/80211685.png

And no, the link doesn't give you to download iobit, it takes you to YOUPORN. And this after i deleted all Opera's private data. It happened to me twice also yesterday night, but the link doesn't always appear.

And if you don't believe that the link is actually taking you to youporn, i got it in video too. (Megaupload deleted it, saying it violated TOS).

Here's a new one:

-http://www.filefront.com/14869555/iobt.7z

EDIT: And since i am sure some devil's advocate may say that it could be site that i set up and faked (i wish i had such knowledge, but i don't), here's also the IE (which i never use) version of the video, where i come to Wilder's and click the link, from the Iobit Porn phishing site i can then click to real porn and to Iobit's download page as well:

-http://www.filefront.com/14869629/IE.7z

A mod might remove the video link, but if he does, it means that video i uploaded DOES take you to youporn, or else there is no reason to remove it, is there?

Yes. Very respectable. Every security vendor should bring the best porn to its users, in all safety. :thumb:

I wonder, do they get paid from youporn per click, or do they have a fixed amount per month?

Of course there is also the probability that the link isn't really Iobit's, but some malicious person set up the page which seems to be iobit's domain and leads you to iobit's downloads and sometimes to real porn. Theoretically...

P.S. : I want my Avast to propone me some good and safe porn sites! :thumb:

andyman35

November 6th, 2009, 06:41 AM

-{ Quote: "Before yesterday i thought Iobit was respected too. I didn't know that they were doing the "porn phishing" in order to get their products, nor that in one of their "porn phishing" pages, from time to time i get a link to the REAL youporn.

-www.iobit.com/naruto-porn.html

http://img94.imageshack.us/img94/5742/80211685.png

And no, the link doesn't give you to download iobit, it takes you to YOUPORN. And this after i deleted all Opera's private data. It happened to me twice also yesterday night, but the link doesn't always appear.

And if you don't believe that the link is actually taking you to youporn, i got it in video too. (Megaupload deleted it, saying it violated TOS).

" }-
Thanks for that link I'll keep hold of that for,errr research later.;)

Seriously though you've made some excellent points in general,not least regarding the difficulties of persuing any legal redress within China.That country is one of the piracy hotspots of the World now so I'm guessing that copyright infringement and intellectual property laws are somewhat lacking in that country.

Fuzzfas

November 6th, 2009, 06:49 AM

-{ Quote: "Thanks for that link I'll keep hold of that for,errr research later.;)

Seriously though you've made some excellent points in general,not least regarding the difficulties of persuing any legal redress within China.That country is one of the piracy hotspots of the World now so I'm guessing that copyright infringement and intellectual property laws are somewhat lacking in that country." }-

I know. And your US lawyers are automatically out of the game. Because they can't write legal paper in chinese and it's not a clever idea to go with them for oral hearing to court either, unless you want to rely to chinese interpreter.

Also, a "normal" chinese lawyer won't do. You 'd better find a specialized on copyright infringement if you want any chance of victory. This, because "ordinary" civil lawyers aren't familiar enough with copyright infringement. At least my brother isn't. He could study the law to try to pull it off, but it's your money at stake.

There are specialized lawyers that handle such cases, but they will charge you their weight in gold for that.

And you NEED a specialized one, because most likely, the chinese judge will have little to no clue of what you are trying to explain him with technical details.

-{ Quote: "Thanks for that link I'll keep hold of that for,errr research later." }-

Well, maybe they are trully pioneers in that! Imagine, instead of googling in blind for your porn, to be able to go to your antivirus' site and have a list of "good porn sites" certified by your AV vendor! Sorted by category to easily find what you like,etc. It could be also a good way to evade parental controls. "The PC is infected again,son. Did you go to porn sites again?". "No dad! Honestly! I was just visiting my antivirus vendor!" ;D

andyman35

November 6th, 2009, 07:10 AM

-{ Quote: "I know. And your US lawyers are automatically out of the game. Because they can't write legal paper in chinese and it's not a clever idea to go with them for oral hearing to court either, unless you want to rely to chinese interpreter." }-
Well I'm actually British mate but what you say makes perfect sense.If it's a legal minefield that even many Chinese lawyers struggle with it'll be impossible for foreign lawyers to make any headway.It's difficult enough to understand each other's language with the simplest of conversations never mind the nuances of legal terminology thrown in.

Also with other well publicised scandals involving,if I remember correctly,Rising against Micropoint? it seems that some companies will go to any length to step up the ladder.I was reading a post on that deleted IOBit thread before and although the poster wasn't English so I didn't fully understand it there was mention of some legal case with Kaspersky too?

I'm sure your idea for AV related porn search facilities will be endorsed by teenagers (and married men) the World over.

Fuzzfas

November 6th, 2009, 07:20 AM

-{ Quote: "Well I'm actually British mate but what you say makes perfect sense.If it's a legal minefield that even many Chinese lawyers struggle with it'll be impossible for foreign lawyers to make any headway.Also with other well publicised scandals involving,if I remember correctly,Rising against Micropoint? it seems that some companies will go to any length to step up the ladder.

i'm sure your idea for AV related porn search facilities will be endorsed by teenagers (and married men) the World over." }-

I don't know about Chinese lawyers, but my brother (who's an all-around lawyer in private practice), when i asked him, he said that honestly he has no clue, it's a very specialized field and specialized means "you pay more". And you pay more, because specialized lawyers are familiar with the law, have experience in that and KNOW how to present a case like that before a judge who usually has no clue about what the definitions database is about. I mean, my brother would be in terrible trouble trying to explain to a clueless judge what's all this about. And my brother himself would have trouble to put up a good fight, because he isn't computer savvy himself.

On the contrary the specialized ones know how to do the job.

IMHO MBAM should evaluate 1) Whether she has the money available to start legal battle (it's money that you will commit for say 2 years and you must forget about them in the meantime) and 2) Whether the chinese legislation is harsh enough to make them get a good compensation if they win. Because, if you ask any honest lawyer, he ll tell you to never start a case, where you will invest too much to get back too little.

Iobit should evaluate if she has the money to sue MBAM in USA. If she wins the result will be surely profitable enough for her, cause US law is hard on such cases.

If opening legal battles against chinese companies for copyright infringements was an easy task, probably the West wouldn't be full of counterfeit products with counterfeit logos that range from branded shoes and handbags to branded perfumes. Because you can see on the import papers which company imported them and from that , who is the supplier. Apparently few western companies bother to sue the chinese supplier. There must be a reason for that.

-{ Quote: "I'm sure your idea for AV related porn search facilities will be endorsed by teenagers (and married men) the World over." }-

Yes, it would! :)

Fuzzfas

November 6th, 2009, 10:14 AM

An update on the Hijack.DisplayProperties issue about which i posted yesterday.

The original article's site has posted the screenshot from IoBit too:

http://freeantivirushelp.com/blog/post/2009/10/24/IObit-Security-360-Review-and-Download.aspx

Note that even the fullstop (.) is exactly the same.

Is there any other scanner besides MBAM and Iobit which flag that particular registry key and with that name too? I doubt it.

Yet another coincidence. They get to have the exact names on non malware detections and they are also the only ones who detect those detections as MBAM's original announcement showed...

I know for sure that Avast doesn't flag that registry key and neither does SAS ! ;D

P.S.: No, that blog is not mine.

the Tester

November 6th, 2009, 11:38 AM

-{ Quote: "A little update, IObit has removed 360 Security from their homepage and all download sites. http://www.iobit.com/security360.html?Str=download

They replaced the download link with "Updating... New Version Available Soon!"

This doesn't look good at all, why would they remove their download unless they have something to hide?

Thanks.:)" }-

I agree.
The actions of IObit after this all went public are strange indeed.
Pulling the download for Security 360 looks like a "no contest" move. You gotta wonder why they did that unless they really have been caught.

New Version Available Soon???
Why the new version if the old one isn't a rip-off of Malware Bites?

Fuzzfas

November 6th, 2009, 11:39 AM

Softpedia removes IoBit from her site:

-{ Quote: "In light of recent events, Softpedia has decided to remove the IObit Security download, at least until the company clears its name. For more details, please read the following article: http://news.softpedia.com/news/Malwarebytes-IObit-Stole-Our-Signatures-Database-125928.shtml

http://www.softpedia.com/get/Antivirus/IObit-Security-360.shtml
" }-

If i were Iobit and had the money (and a solid case) i 'd surely announce immediately that i proceed to lawsuit against MBAM, because the damage Iobit is receiving is huge. MBAM may complain about losing royalty fee , but this is worse damage for Iobit. By announcing the lawsuit, it would contain somewhat the damage, because it would show confidence.

Fuzzfas

November 6th, 2009, 11:47 AM

-{ Quote: "I agree.
The actions of IObit after this all went public are strange indeed.
Pulling the download for Security 360 looks like a "no contest" move. You gotta wonder why they did that unless they really have been caught.

New Version Available Soon???
Why the new version if the old one isn't a rip-off from Malware Bites?" }-

The whole reaction of Iobit is incoherent. In their anouncement, they do 2 IMO contradictory things:

-{ Quote: "3. For the sake of avoiding dispute and possible problems, we have deleted all disputed items in our database temporarily and updated IObit Security 360’s database. " }-

-{ Quote: "4. In consideration of Malwarebytes’ fallacy and calumniation, and its terrible effect to our company, products and reputation, we hereby demand that Malwarebytes immediately discontinue to spread all rumors regarding this issue. Otherwise we will consider all appropriate action to protect our rights." }-

http://blog.iobit.com/archives/95.html

I don't understand how you threat the other with legal action and support your thesis of calumniation and you on the other hand "delete all disputed items" from the database. Delete them, to what end? For "avoiding dispute"? Does it change anything if they delete them? The "bomb" has already exploded! Or is it rather a message to MBAM "Let's forget all about it, we stop it both here and no hard feelings"?

the Tester

November 6th, 2009, 11:58 AM

Has anyone else noticed the blank "Security 360" page on Major Geeks?
Or did I miss a post?
It looks like they have removed the download.

http://majorgeeks.com/IObit_Security_360_d6088.html

About IOBit deleting items from their database....
They say that and then pull the Security 360 download from their own site.

Anar

November 6th, 2009, 12:34 PM

I am not a lawyer but would it be illegal to parse report files of an application to build an own database? Since MBAM has a command line parameter that will dump the signature that causes the detection to the report there would be no reverse engineering involved. All you would do is scanning a bunch of files and parse the report.

Fuzzfas

November 6th, 2009, 12:38 PM

-{ Quote: "Has anyone else noticed the blank "Security 360" page on Major Geeks?
Or did I miss a post?
It looks like they have removed the download.

http://majorgeeks.com/IObit_Security_360_d6088.html

" }-

The page is blank for me too. But i think it's more likely that Iobit asked Major Geeks to remove the download , awaiting the new "updated" version. Otherwise i would expect Major Geeks to put an anouncement similar to that of Softpedia.

wtsinnc

November 6th, 2009, 12:50 PM

I didn't proceed with an actual download, but Iobit 360 is showing as still available at www.download.com, www.fileforum.com, and www.ZDnet.com.

Iobits' own website still states "Updating...new version available soon".

Fuzzfas

November 6th, 2009, 12:58 PM

-{ Quote: "I didn't proceed with an actual download, but Iobit 360 is showing as still available at www.download.com, www.fileforum.com, and www.ZDnet.com.

Iobits' own website still states "Updating...new version available soon"." }-

At download.com if you click, you are re-directed to Iobit's home site and see the "new version soon".

Fileforum does have the "old" version and allows you to download.

Fuzzfas

November 6th, 2009, 01:13 PM

Iobit should better decide soon whether to "call or fold", if she is to save any reputation left.

-{ Quote: "Stealing AV signatures is not a new phenomena — AV companies have battled this type of thing for years. In this case, it looks to be quite blatant, based on the evidenced presented.

Alex Eckelberry

http://sunbeltblog.blogspot.com/2009/11/iobit-accused-of-stealing-malwarebytes.html

" }-

-{ Quote: "Even CNet is still promoting IOBit Security from China on their main page. Do they think Malwarebytes is making this stuff up?
about 3 hours ago from web

ZDNet is Featuring IOBit Security in todays Download Digest even though it was proven they ripped off Malwarebytes. Are you kidding me?

http://twitter.com/BillP
" }-

Fuzzfas

November 6th, 2009, 01:18 PM

According to this blog, Major Geeks removed Iobit alright:

(2009.11.03)MajorGeeks.com has removed IOBit Security 360 from their downloads section in response to a DMCA Notice served by Malwarebytes.
(2009.11.05)SoftPedia has removed IOBit Security 360 download. The IOBit Security 360 Download page is still available.
(2009.11.05) CNET's Download.com no longer hosts the IOBit Security 360 installation file. Instead the IOBit Security 360 download link points directly to the IOBit web site.

http://www.malwareteks.com/news.php?item.294.4

Chubb

November 6th, 2009, 01:57 PM

-{ Quote: "At download.com if you click, you are re-directed to Iobit's home site and see the "new version soon".

Fileforum does have the "old" version and allows you to download." }-

They indeed have a new version 1.20.10. :o

firzen771

November 6th, 2009, 03:52 PM

-{ Quote: "They indeed have a new version 1.20.10. :o" }-

and as usual they NEVER release a changelog probly...

Dr who

November 6th, 2009, 04:03 PM

Hi all,

Now this is getting interesting.
IObit have upgraded their application but MBAM have just published test results showing a noticable drop in their detection rate.
The mind now wonders why would this have occured:blink:
Source
http://www.malwarebytes.org/forums/index.php?showtopic=29772&view=findpost&p=154444

IObit Security 360

OS:Windows XP
Version:1.2.0.10
Define Version:1273
Time Elapsed:00:00:12
Objects Scanned:1857
Threats Found:367

367/1857 = 19.7%

Versus

IObit Security 360

OS:Windows XP
Version:1.1.0.30
Define Version:1269
Time Elapsed:00:00:10
Objects Scanned:1857
Threats Found:1427

1427/1857= 76.8%

Theses tests can be verified by anyone with access to new and old version of IObit+ a good bunch of 0-3 mth old malware.

How about it Littlebits, Custom scanning a folder of malware is your specialality:thumb:

qpok

November 6th, 2009, 04:20 PM

littlebits

November 6th, 2009, 04:51 PM

-{ Quote: "Hi all,

Now this is getting interesting.
IObit have upgraded their application but MBAM have just published test results showing a noticable drop in their detection rate.
The mind now wonders why would this have occured:blink:
Source
http://www.malwarebytes.org/forums/index.php?showtopic=29772&view=findpost&p=154444

IObit Security 360

OS:Windows XP
Version:1.2.0.10
Define Version:1273
Time Elapsed:00:00:12
Objects Scanned:1857
Threats Found:367

367/1857 = 19.7%

Versus

IObit Security 360

OS:Windows XP
Version:1.1.0.30
Define Version:1269
Time Elapsed:00:00:10
Objects Scanned:1857
Threats Found:1427

1427/1857= 76.8%

Theses tests can be verified by anyone with access to new and old version of IObit+ a good bunch of 0-3 mth old malware.

How about it Littlebits, Custom scanning a folder of malware is your specialality:thumb:" }-

This is the proof that most people needed to know for sure, now I'm pretty certain that IObit did infringe MBAM's database, if they didn't then why would they go and remove all of these signatures??

To Dr who: I have never been involved in malware testing, because you can knock off all of the BS.

I just found the similarities in the detection between IObit and MBAM, when removing malware from my clients' systems. I also notice the same with Yahoo Anti-Spy provided by CA (eTrust). Because I do believe they were also using CA (eTrust) database as well and maybe others.

I know that the MBAM Team works very hard and has come a long ways with only a small team unlike other vendors who have many developers working together. I have had issues in the past with MBAM, but that is over now.

IObit knows that they were in the wrong by stealing others hard work and even if they don't pay legally, their reputation is destroyed. Their best option now is to offer an apology and admit what they have did, maybe some will be able to forgive. They could even legally buy a license from MBAM that would makes things better.

Hopefully both MBAM and IOBit can move past this issue.

This issue really got to me now only because they stole MBAM's work, but also because the profits earned from the sales left the USA and went to China.

Since I'm from the USA, this is something that really bothers me.

Thanks.:)

Dr who

November 6th, 2009, 05:01 PM

-{ Quote: "
To Dr who: I have never been involved in malware testing, because you can knock off all of the BS.
" }-
My bad,i mistaken you for this guy from SSupdater so no BS intended!
http://ssupdater.com/modules/Forums/index.php?showforum=54

Will leave it at that.Piece be with you!

Chubb

November 6th, 2009, 08:21 PM

-{ Quote: "IObit knows that they were in the wrong by stealing others hard work and even if they don't pay legally, their reputation is destroyed. Their best option now is to offer an apology and admit what they have did, maybe some will be able to forgive. They could even legally buy a license from MBAM that would makes things better. " }-
It would be very hard for IOBit to admit this and to give an apology. If they remain in silence, they can still argue a bit. If they admit with apology, the IOBit brand will be good for nothing anymore, and more and more lawsuits will come.

RejZoR

November 7th, 2009, 03:07 AM

This means they were guilty as hell, but they don't have guts to admit it.

Anar

November 7th, 2009, 05:40 AM

To be honest ... I am still not convinced. I have dumped both databases - MBAM as well as IObit. If you compare their actual content you will see that only a few parts of the signatures are identical. A large portion is not.

The problem I have is the following:
Working under the assumption that IObit has reverse engineered MBAM, why would they only use a fraction of their database? Why not the whole database instead? The signature format of MBAM isn't that complicated. Reimplementing an engine that is able to use the whole database would take about a week for an experienced developer.

In my opinion it is much more likely that IObit has outsourced the signature generation (which believe it or not is quite common ... there are plenty of indian and african companies that offer such services) and one of their contractors stole the signatures from MBAM that could be used by the IObit engine as well.

Fuzzfas

November 7th, 2009, 05:51 AM

-{ Quote: "
How about it Littlebits, Custom scanning a folder of malware is your specialality:thumb:" }-

Can i give it a try? I repeated the test on the malware samples that i had used here:

http://www.wilderssecurity.com/showthread.php?t=244614&page=15

V.1.10 WITHOUT any updates, detects about 100 more than 1.20 with updated definitions.

The difference with 1.10 in my previous test is of 1 sample only, probably because in my old test, i had updated before scanning, while this time i used 1.10 without updatng.

Included are the 2 log files. You should start with 1.20 video first:

http://www.filefront.com/14876475/Iobit.zip

The samples are supposed to be late summer samples.

The reason that i do custom scan in C: , is because in Win7x64 i don't get a right click context menu to scan just a folder with Iobit. I also stop the test after it passes the AMALWARE folder, cause there is no point in continuing and for my privacy.

The reason that i did 2 separate videos, is that if you scan with 1.20, uninstall and then install 1.10, despite deleting manually the Iobit leftover folder in C:programs, the 1.10 shows that the last update was today. While i wanted to show that 1.10 was done with 40 days old definitions (no updates, just the signatures in the setup file). So i rebooted , launched Shadow Defender again and installed a "clean" v. 1.10, put again the malwares in C:programsx86 and made a 2nd video.

- Devil's advocates:

1) Somehow i rigged the test by using video editor.(good luck in proving that).

2) I rigged the test by alterating the files between the tests (that's why i scroll slowly the files, so someone with patience may compare the hash names).

3) Iobit deleted these detections by accident.

4) The new Iobit database is incomplete , that's why 1.20 doesn't detect them. They just forgot to make an anouncement about that warning the users about getting incomplete database protection.

5) They are 100+ false positives in 1.10 (the problem is, in my last test, Avast was detecting those and even some more).

6) V. 1.10 works fine under Shadow Defender, while v.1.20 can't scan some files under Shadown Defender.

Or there is another explanation. Iobit is "cleaning up" her database.

-{ Quote: "It would be very hard for IOBit to admit this and to give an apology. If they remain in silence, they can still argue a bit. If they admit with apology, the IOBit brand will be good for nothing anymore, and more and more lawsuits will come." }-

The cleaning of their database, if accompanied by further silence, for me means that they just want the issue to be forgotten, to get out of the lights of "internet negative pubblicity" and slowly resume their activity with all this forgotten. As long as you don't admit something, time will pass and the issue will be forgotten for the large mass of users that don't read security fora. While if they did admit it, they would be banned by all download sites forever for that product.

For me the position of "MBAM stop is or we will sue you, in the meantime we will remove the disputed database because we don't want further dispute", is more likely a way to say "Enough of this, we will clean our database from your files, you stop destroying our reputation and let's forget about it".

EDIT:
P.S: No, i am in no way affiliated in MBAM, i have started using MBAM free only lately actually, since i moved to Win7 x64, i am not even member of their forum. As a matter of fact, i should be more prone in licking Iobit's ass, since i got the 1 year free license offer from them and SAS Pro, since i have won a lifetime license of them in the past (but i don't run it yet, cause 2 drivers give error in x64 although it does seem to work fine.). I am also not against China or chinese products per se, i have been Twister's defender for 2 years in this forum. Also in my old post in Wilder's posted above, i was actually speaking well of Iobit before all this happened. So, if anything else, MBAM is the one company which has given me the least she could (a freeware version opposed to Iobit and SAS that gave me a paid version for free). Not to mention that Iobit also gave me safe and free porn, while MBAM never did. ;D

The thing is, if i had to give my chances to who's telling the truth, i 'd give 90% to MBAM and i hate it when a small vendor that doesn't have the power of Norton to strike back gets ripped.

Fuzzfas

November 7th, 2009, 05:58 AM

-{ Quote: "To be honest ... I am still not convinced. I have dumped both databases - MBAM as well as IObit. If you compare their actual content you will see that only a few parts of the signatures are identical. A large portion is not. " }-

The problem is that you talk about things that i suppose 95% of those that read the forum, me included, have no idea. I haven't seen nor i know how to compare signatures.

-{ Quote: "

The problem I have is the following:
Working under the assumption that IObit has reverse engineered MBAM, why would they only use a fraction of their database? Why not the whole database instead? The signature format of MBAM isn't that complicated. Reimplementing an engine that is able to use the whole database would take about a week for an experienced developer. " }-

Let me ask you something. If they used the entire database, would they be able to deny they stole it? If i were to steal signatures and i had the way, i 'd mix signatures of various vendors plus my own signatures. This way, you get a mixed database that makes it easier to deny claims. Also, by adding your own , you have the best of both world. Both stolen and your own.

-{ Quote: "
In my opinion it is much more likely that IObit has outsourced the signature generation (which believe it or not is quite common ... there are plenty of indian and african companies that offer such services) and one of their contractors stole the signatures from MBAM that could be used by the IObit engine as well." }-

I 've no idea how outsourcing of signatures is done and whether it's legal to do so. However, it seems that Iobit is removing signatures from her database instead of making lawsuit against MBAM. And this tells me something.

I mean, REALLY, you threaten pubblically with lawsuit unless MBAM stops it, MBAM goes one and sends letter to Major Geeks removing your product, Softpedia makes anouncement that you must "clear your name" , download.com no longer hosts the file itself and all you do is anounce "new version" that has WORSE detection rate than your previous version? Your reputation has been destroyed , MBAM didn't stop it and you remove signatures from your database? What happened to the lawsuit?

I can't say that Iobit did this 100%, but let me tell you, even the way that Iobit handles the whole story, is shouting "i am guilty". From the way the handled the forum to the way they handled MBAM's attack and download site's slap and their new version release. So, it's not that everyone will get convinced, but most people on the net if you google "Iobit steals database" are prone to think Iobit has things to hide. That's all. I don't think that MBAM expects ALL people to believe them either. There are people who still beleive that NASA never got to the moon back in the Apollo mission, some people are hard to convince no matter what to say. I think MBAM have achieved their goal pretty well. 90%+ of the people in all kind of fora believe the MBAM version of the story. Google it yourself... And if i were MBAM i 'd be pretty happy with the result.

Regards

nosirrah

November 7th, 2009, 05:59 AM

-{ Quote: "Why not the whole database instead" }-

There are 2 technologies that we know for a fact they cant use and these came into play after their last major app update and are not compatible with their application . These sections were never copied .

We knew this long before we had proof as virtually all malware we detect with these technologies was missed by IOBit and the ones they did hit did not match our naming .

There was one specific IOBit update that had the maximum number of stolen defs around Oct. 20th . The integrated defs in 1.2 will not reflect the reality of past theft .

In our very first report we mentioned that their may have been other vendors involved and this could explain what you saw , we have never actually confirmed this as this falls on the laps of those other vendors .

As far as outsourcing goes , man that would be even more damning . I lead the database team and there is no chance in hell that I would EVER add definitions from a source that I did not personally know and work with , this is pure insanity as all of your control is lost .

Anar

November 7th, 2009, 06:39 AM

-{ Quote: "There are 2 technologies that we know for a fact they cant use and these came into play after their last major app update and are not compatible with their application . These sections were never copied ." }-~Comment containing proprietary information removed~

-{ Quote: "There was one specific IOBit update that had the maximum number of stolen defs around Oct. 20th . The integrated defs in 1.2 will not reflect the reality of past theft." }-
I compared 1.10 defs.

-{ Quote: "As far as outsourcing goes , man that would be even more damning . I lead the database team and there is no chance in hell that I would EVER add definitions from a source that I did not personally know and work with , this is pure insanity as all of your control is lost ." }-
That is what contracts are for. But this is not a discussion about outsourcing pros and contras. We all do it ... you do it as well (you are using several third party components in your application). I just said that this is a likely possibility. If you guys would actually add all malware to your database instead of just a fraction you would much likely think about outsourcing as well.

-{ Quote: "The problem is that you talk about things that i suppose 95% of those that read the forum, me included, have no idea. I haven't seen nor i know how to compare signatures. " }-
Which is ok. I don't intend to explain how anyone could do that. I just posted my thoughts. And nobody has to believe me.

-{ Quote: "Let me ask you something. If they used the entire database, would they be able to deny they stole it? If i were to steal signatures and i had the way, i 'd mix signatures of various vendors plus my own signatures. This way, you get a mixed database that makes it easier to deny claims. Also, by adding your own , you have the best of both world. Both stolen and your own." }-
Ok, since you and nosirrah both brought up that point I will try to rephrase my previous comment to make it more clear what I want to say. After all English is not my native language so it's quite hard for me to bring my point accross.

I didn't refer to IObit's database content in a whole compared to MBAM's. I was talking about MBAM's database content compared to IObit's. IObit's database does contain a lot more than MBAM's database. But if they have had stolen MBAM's database due to reversing you would see a much higher percantage of MBAM's database content inside IObit's. And I am not talking about just a few signatures either. I am talking about complete signature types that are missing. Signature types that would be relatively easy to implement if you had the intention to do so.

Additionally your argumentation is flawed. Stealing only half of the database would cause the same bad reputation as stealing the whole. Your company's reputation would be screwed either way. So why just taking a fraction of the database instead of the whole?

-{ Quote: "I 've no idea how outsourcing of signatures is done and whether it's legal to do so. However, it seems that Iobit is removing signatures from her database instead of making lawsuit against MBAM. And this tells me something." }-
Who says they don't take legal actions against MBAM? If I were IObit (which I am not ... just in case) I would remove the signatures in question so the public can calm down and sue Malwarebytes. Thereby both preventing more damage to my reputation and defending my product. Keeping the signatures as they are now would just be like throwing more fuel into the fire.

Fuzzfas

November 7th, 2009, 06:53 AM

-{ Quote: "
Ok, since you and nosirrah both brought up that point I will try to rephrase my previous comment to make it more clear what I want to say. After all English is not my native language so it's quite hard for me to bring my point accross. " }-

Your english is better than mine. It's just that obviously you know how to "view" signature databases and compare them, while i don't. So i can't understand you not because of the english, but because you see things that i can't see and can't understand. :D

-{ Quote: "
I didn't refer to IObit's database content in a whole compared to MBAM's. I was talking about MBAM's database content compared to IObit's. IObit's database does contain a lot more than MBAM's database. But if they have had stolen MBAM's database due to reversing you would see a much higher percantage of MBAM's database content inside IObit's. And I am not talking about just a few signatures either. I am talking about complete signature types that are missing. Signature types that would be relatively easy to implement if you had the intention to do so. " }-

I think only you and Nosirrah can talk effectively about that. Cause i don't know what percentage of the 1 is in the other and can't verify it. The only thing that i can say, is "Is there a rule saying what percentage of the other you 'd better steal"? I mean, i unsderstand your question, but i don't see the perfect logic behind it. All i know is that if i were to steal databases, i 'd take some from more sources. In that way, there wouldn't be a crushing similarity with any other's vendor and hence i could more easily deny. It would also be harder to DETECT.

I bet that you can talk with Nosirrah about the details, cause i am in no position to know anything about the details of the signatures, which are easy to implement, which shouldn't, which are "spiked" (trapped), etc.

All i know is that v. 1.20 fully updated detects 100+ less samples in my testbed than 1.10 without updates. You draw your own conclusions from that.

-{ Quote: "
Additionally your argumentation is flawed. Stealing only half of the database would cause the same bad reputation as stealing the whole. Your company's reputation would be screwed either way. So why just taking a fraction of the database instead of the whole? " }-

I differ with your opinion. It's easier to defend a partial database similarity than a huge database similarity. It's what you 're doing right now, isn't it? If they had ripped the entire database, how would you defend them right now? Your own line of defence is the answer to your own question.

-{ Quote: "
Who says they don't take legal actions against MBAM?" }-

Oh, i hope they do! I know they threatened to but not taken yet (at least they didn't say so). We will be both here when they do or when they don't and we will see how it ends up in court , won't we?

-{ Quote: "
If I were IObit (which I am not ... just in case) I would remove the signatures in question so the public can calm down and sue Malwarebytes. Thereby both preventing more damage to my reputation and defending my product. Keeping the signatures as they are now would just be like throwing more fuel into the fire." }-

If I were Iobit and had stolen anything, i wouldn't remove anything, cause i did nothing bad and i would immediately anounce that i sue MBAM. This would show confidence and could probably help avoiding some sites removing my product. When you say "MBAM stop it right now or i sue, i ve stolen nothing", MBAM doesn't stop it and sites start one after the other removing your product, security specialists and MS MVPs start openly siding with MBAM and all you do is "I will update my database", you 're not helping youself IMHO. But that's a different view we have on this, it's ok. Cause you know, the public wasn't upset for the fact that the signatures where in Iobit's database. The public was upset that the signatures were claimed to be stolen from MBAM. Now, either they are stolen or not is the problem. Not whether you keep them in your database or remove them. Removing them, won't help you with public opinion. Convincing that they weren't stolen will. 2 different things.

Just a curiocity. Why did Iobit remove the samples from my testbed too? They 're not mentioned in MBAM's anouncement and they are really malware according to Avast.

nosirrah

November 7th, 2009, 06:59 AM

-{ Quote: "That is what contracts are for. But this is not a discussion about outsourcing pros and contras. We all do it ... you do it as well (you are using several third party components in your application). I just said that this is a likely possibility. If you guys would actually add all malware to your database instead of just a fraction you would much likely think about outsourcing as well." }-
If someone we contracted gave us a new DB chunk that deleted critical parts of several legit apps would people say "now that you have explained it we totally support you again" in reaction to us saying "its not our problem , our contracted DB guys did this , not us" .

Fuzzfas

November 7th, 2009, 06:59 AM

Anyway, we don't have to agree that one must be convinced that either side is right. Personally i have written enough in this thread, done my own test, i won't convince you and you won't convince me.

After a point, struggling to keep trying to convince the other becomes futile.

I m off for some naruto hentai "malware" testing now (that one sure helped me take Iobit more seriously). ;D

Fuzzfas

November 7th, 2009, 07:14 AM

-{ Quote: "That is what contracts are for. But this is not a discussion about outsourcing pros and contras. We all do it ... you do it as well (you are using several third party components in your application). I just said that this is a likely possibility. If you guys would actually add all malware to your database instead of just a fraction you would much likely think about outsourcing as well." }-

Sorry, i missed that one. So, you 're in the "business" too. Then, out of courtesy, if you wish, tell us, in which company do you work for?

Anar

November 7th, 2009, 07:40 AM

-{ Quote: "If someone we contracted gave us a new DB chunk that deleted critical parts of several legit apps would people say "now that you have explained it we totally support you again" in reaction to us saying "its not our problem , our contracted DB guys did this , not us" ." }-
I just noticed ... you guys do outsource some parts of the signature generation. Fatdcuk is located in the UK according to his profile. You are based in the US. I would bet he is self-employed and not an employee of Malwarebytes. Therefore a contractor.
And to reply to your comment ... obviously the people won't care who the signatures that caused the FP came from. So it wouldn't matter from a reputation point of view. It would matter from a legal point of view though.

-{ Quote: "Just a curiocity. Why did Iobit remove the samples from my testbed too? They 're not mentioned in MBAM's anouncement and they are really malware according to Avast." }-
Would be perfectly explainable by my "contractor theory". They discovered that one of their contractors stole signatures and therefore removed all signatures originating from that contractor.

-{ Quote: "Sorry, i missed that one. So, you 're in the "business" too. Then, out of courtesy, if you wish, tell us, in which company do you work for?" }-
I am contractor and work in software development. No current employer though because of the recession.

Fuzzfas

November 7th, 2009, 07:48 AM

-{ Quote: "
Would be perfectly explainable by my "contractor theory". They discovered that one of their contractors stole signatures and therefore removed all signatures originating from that contractor. " }-

Just for the history, my samples are pubblically available on the internet in public forum, you need no contractor, just internet connection. A guy has put them in rapidshare, hundred of users or even more have them. I don't know much more about contractors. Anyway, even if the contractor stole signatures of MBAM or even if he included my samples in his "package" so they think they are illegal, well, you know that accepting stolen goods is punishable by law too, don't you? They should say so and sue their contractor. Having a stealing contractor , if he stole from MBAM, it's still Iobit's problem having stolen signatures. Maybe they didn't do it themselves, but it's still illegal. If i steal jewelery and i come to your jewel shop and you accept to buy them, the police will bust you too.

What i understand is that they are doing "house cleaning" in their database. And in the process either on purpose (like to eliminate contractor's signatures) or by accident, they delete some definitions. I wouldn't do that if i was innocent.

-{ Quote: "
I am contractor and work in software development. No current employer though because of the recession." }-

I see. I didn't even know that contractors exist. ;D That's something interesting and new for me to learn, thanks.

nosirrah

November 7th, 2009, 07:56 AM

-{ Quote: "I just noticed ... you guys do outsource some parts of the signature generation. Fatdcuk is located in the UK according to his profile. You are based in the US. I would bet he is self-employed and not an employee of Malwarebytes. Therefore a contractor.
And to reply to your comment ... obviously the people won't care who the signatures that caused the FP came from. So it wouldn't matter from a reputation point of view. It would matter from a legal point of view though." }-

I work directly with all of my researchers and their geographic location is irrelevant . All of them are NDA employees and all of them report to and get work directly from me . Me and my top researchers train our new researchers and they don't get to do any real defs until they are fully ready and approved by the team and owners . I have also worked with Ade on multiple forums and projects for the last 4 years . I knew him far better than any person that might walk in our front doors looking for work .

Fuzzfas

November 7th, 2009, 07:59 AM

Oh, in case you missed it, since there are many pages in this thread, here's what Iobit says about the origin of MBAM's "claimed" samples:

-{ Quote: "After carefully tracing and investigating the history of IObit’s database, we find that someone used the submission page which is disabled now (http://db.iobit.com/deal/sdsubmit/index.php) to submit samples with the same names from Malwarebytes. Unfortunately, IObit database analyzer carelessly used the names provided by the submission. This mistake can be understood because it is very normal - Many enthusiastic IObit users find there are samples missed by IObit Security 360 but detected by other anti-malware products, then they would submit these samples to us and provide names defined by other anti-malware vendors.

http://blog.iobit.com/archives/95.html

" }-

Which goes against the theory of the contractor, as far as at least the malware samples mentioned by MBAM goes.

I also find weird, that they also detect the registry key "Hijack.DisplayProperties". Some user exported the key after scanning with MBAM, renamed the registry key to "HiJack.DisplayProperties" and submitted it to Iobit where the same (obviously) naive analyst included the detection of a harmless registry key with the same name?

Because i doubt a contractor would sent... a Windows registry key as "sample". Which is false positive by the way 100% of the times you change your display settings.

Dr who

November 7th, 2009, 08:11 AM

-{ Quote: "
Would be perfectly explainable by my "contractor theory". They discovered that one of their contractors stole signatures and therefore removed all signatures originating from that contractor.
" }-

If i understand from information around the web this is not a case of 100 signatures,not even a thousand but whoever copy and pasted a large chunk of the hacked MBAM database.The only stuff not copied was the stuff their engine could'nt process.
You have confirmed this since you have been peeking into both unpacked databases.

So they snipped what was not compatable with IO engine and your telling me that massive chunk of data inserted into the IObit database went unnoticed by anyone at IObit360 HQ. Yeah right like hell!

Even if they broke it down into smaller chunks over time they would extremely noticable increases in their database size increase because of sheer volume of signatures added.

I'm sorry but for a software developer your arguement is thin.

Databases that double insize tend to get noticed by develelopers and coworkers a like at the time and questions would be asked internally.

No bones about it IObit database for a unspecified period of time contained signatures that were block copy and pasted from the unencrypted MBAM database.

Theft is theft no matter if it is outsourced or inhouse:shifty:

Anar

November 7th, 2009, 08:19 AM

-{ Quote: "I work directly with all of my researchers and their geographic location is irrelevant. All of them are NDA employees and all of them report to and get work directly from me. " }-
Though they are not employees but are self-employed and therefore are contractors (otherwise an NDA would not be neccessary - at least not where I live). I bet they will sent invoices every month and will have to take care of taxes, social security and other social receivables themselves as well (which wouldn't be the case if they were employees - at least not where I live).

-{ Quote: "Me and my top researchers train our new researchers and they don't get to do any real defs until they are fully ready and approved by the team and owners . I have also worked with Ade on multiple forums and projects for the last 4 years . I knew him far better than any person that might walk in our front doors looking for work ." }-
And there goes your "I lead the database team and there is no chance in hell that I would EVER add definitions from a source that I did not personally know and work with" argument. But as I said ... it's not about outsourcing pros and cons. I just explained my theory based on my observations.

-{ Quote: "If i understand from information around the web this is not a case of 100 signatures,not even a thousand but whoever copy and pasted a large chunk of the hacked MBAM database.The only stuff not copied was the stuff their engine could'nt process." }-
Right. But if IObit did in fact reverse engineer MBAM in-house, they could have and would have implemented the missing signature types, don't you think?

-{ Quote: "So they snipped what was not compatable with IO engine and your telling me that massive chunk of data inserted into the IObit database went unnoticed by anyone at IObit360 HQ. Yeah right like hell!" }-
Let's do a little test: Go to a large contractor site. Like for example http://www.rentacoder.com. Look for projects involving Spyware. You would be surprised.

-{ Quote: "Even if they broke it down into smaller chunks over time they would extremely noticable increases in their database size increase because of sheer volume of signatures added." }-
Or the contractor did it from the beginning and noone noticed it so far. Huge database growth is normal for young applications. It could be unnoticed.

-{ Quote: "Theft is theft no matter if it is outsourced or inhouse:shifty:" }-
Lawyers would disagree. I think the US has a principle of utmost good faith as well.

Fuzzfas

November 7th, 2009, 08:22 AM

-{ Quote: "

Theft is theft no matter if it is outsourced or inhouse:shifty:" }-

Well, if they did get illegal samples but didn't do it consciously , but were fooled by a contractor (i don't know how easy that is), at least they have an attenuation factor.

Of course it's not MBAM's business to know that. MBAM's business was to find out if the database was stolen and it was a success to actually suspect that it may be stolen.

Of course i suppose when identical names , specially if on false positives start accumulating , you become suspicious.

This guy who before all this exploded, also noted the "interesting" thing about the false positive:

-{ Quote: "Interestingly, this is identical to what MalwareBytes Antispyware finds and is not a result of malicious modification hence a false positive." }-

http://www.freeantivirushelp.com/blog/?tag=/hijack.displayproperties

I am actually thinking of starting a poll about that later, to see how many antiviruses, flag that particular key. I expect it to be only MBAM and Iobit.

Fuzzfas

November 7th, 2009, 08:29 AM

My prediction about this case:

- For whatever reasons, Iobit will just wait until the story is forgotten and won't sue MBAM.

- If the story is about a contractor that fooled them really, they may sue the contractor and ruin him.

They will leave the rest to time, that heals everything and makes people forget.

Anar

November 7th, 2009, 09:01 AM

Ok, since I got a few PMs I want to clarify one thing:

I don't want to deny that IObit's database has large portions of definitions that are equal to Malwarebytes' definitions. I even would go so far that I would say that someone did copy Malwarebytes' signatures.

What I don't understand is why IObit would go through the trouble of reversing MBAM in order to only copy half of it (* this is a figure of speech, it's not exactly 50% of MBAM's signatures they copied ... though I could calculate the exact value). Somehow - for me - that doesn't make much sense. For me the only logical thing would be that they didn't and instead someone else did.

That is all I wanted to say and discuss about. I don't have a grudge against MBAM and I am not an IObit fanboy (though I have an account over there since I intended to participate in their testing contest). I just have personal doubts after taking an in-depth look at it and wanted to share my opinion.

Fuzzfas

November 7th, 2009, 09:34 AM

@ Anar,

Your theory of a contractor, sounds plausible. Albeit, Iobit until now has not verified this theory (you saw what they said about their investigation). But i wouldn't say it's improbable for larger pieces.

Personally, i can't exclude them from having done all this by themselves either though. Because for me it's perfectly logical NOT to steal the 100%, because you increase drammatically the chances that someone will notice the similarity. Unless Iobit was expecting to be suspected and "caught" so she should think "well, since i will be busted anyway, i may as well take it all". But this is something that you want to do WITHOUT raising suspicion and thus getting caught. So the less you get from more sources, the better the chances that you will pass un-noticed.

It's like the thieves after the bank robbery, you know? Where they say "Guys, don't spend the money right away, or they will catch us". They don't think "Since they will catch us, we may as well go immediately and buy a Ferrari and enjoy it".

Or, you stole some diamonds and you need to pass from airport check. Where's the best place to hide them? a) In a bag on their own, b) Amongst other , legal diamonds which are 3 times the numbers of the stolen ones and hope nobody will recognize the stolen ones. I would pick the latter. You know, the same principle of "keeping my diamonds in the freezer inside the ice cube generator", because this way a thief will not notice you have a bunch of diamonds inside ice cubes (hopefully). Of course you can stack all your diamonds in an angle of the freezer in a bag and write on them "diamonds here". I wouldn't do that. Stealing the entire MBAM database, for me is equal to shouting "MBAM database here people!".

If i were at their place and wanted to steal, i 'd take a 15-20% of MBAM and that's it. I 'd try to take another 15% from someone else and so one. It would be less easy to be detected. I 'd also try to use different detection names for as many samples as possible.

qpok

November 7th, 2009, 10:03 AM

-{ Quote: "
If i were at their place and wanted to steal, i 'd take a 15-20% of MBAM and that's it. I 'd try to take another 15% from someone else and so one. It would be less easy to be detected. I 'd also try to use different detection names for as many samples as possible." }-

My worry is that IObit (and possibly other companies pursuing similar strategies) will put effort into obfuscating their usage of stolen signatures. So instead of researching threats and creating new signatures and ways of battling malware they would research and implement ways of better hiding the fact that they use illegally obtained signatures. Then again I am no security expert so I can't say whether this fear is real or just pure theoretical speculation.

nosirrah

November 7th, 2009, 10:13 AM

If ethics don't prevent that then the knowledge that we all have trap defs will . IOBit missed both of those chapters in "the rule book" .

ePost

November 7th, 2009, 10:33 AM

-{ Quote: "If ethics don't prevent that then the knowledge that we all have trap defs will . IOBit missed both of those chapters in "the rule book" ." }-
nosirrah, you guys at MBAM's staff wrote a few other companies about this theft. They too are victims of this. Do you think that we will some day hear more about these other AV-manufacturers? Will some of the other vendors go public or is that classified information? I'd like to know a bit about their reaction...

nosirrah

November 7th, 2009, 10:42 AM

-{ Quote: "nosirrah, you guys at MBAM's staff wrote a few other companies about this theft. They too are victims of this. Do you think that we will some day hear more about these other AV-manufacturers? Will some of the other vendors go public or is that classified information? I'd like to know a bit about their reaction..." }-

I cant confirm anything other than what our investigation found looked funny and needs to be looked into . We did not do any confirmation on our own for other vendors and that is totally up to them where they go from here . I can say that some of what looked funny is in plain sight and if anyone wants to look into it they can go right ahead .

ePost

November 7th, 2009, 10:55 AM

-{ Quote: "I cant confirm anything other than what our investigation found looked funny and needs to be looked into . We did not do any confirmation on our own for other vendors and that is totally up to them where they go from here . I can say that some of what looked funny is in plain sight and if anyone wants to look into it they can go right ahead ." }-
Thanks. A bit funny that the other vendors didn't get back to you - they could at least have said thank you. But I realize that whatever they said or didn't say - it's not for us to know. Such correspondence is not a public matter...

SUPERAntiSpy

November 7th, 2009, 11:27 AM

The right way to have handled this was silently until actual facts are proven in a court of law and/or by outside parties. This has turned into a huge publicity stunt - MalwareBytes has destroyed a competitors reputation.

Many sites that MalwareBytes forced IOBit off of SELL MBAM without disclosing that fact - now they are forced to remove IOBit - I wonder if forcing out a higher rated product helped MBAM's sales? Of course it does.

Who's gets accused next? SUPERAntiSpyware? AdAware? CounterSpy? AVG?

Dr who

November 7th, 2009, 11:38 AM

Of course Nick,

You would have handled it completely differently(but that will not known unless you find yourself in that same predicament).

Nick follow this logic...if they had'nt of robbed MBAM database contents then there would have been no news or outcry!

Unbelievable that you overlook that one major detail.

Are you jealous they did'nt use your signatures ?

SUPERAntiSpy

November 7th, 2009, 11:44 AM

We have found more than one company potentially stealing our definitions and some of our technology - you don't hear about it because we are handling it in a legal nature, and once the situation is adjudicated in a court of law, or settled legally we would announce it, but not before - and we won't name the companies involved.

I hope that clears that up for you as to how I and my company would handle the situation! I wouldn't risk a giant defamation and slander case by announcing something like that all over the web.

waters

November 7th, 2009, 11:46 AM

I agree with Nick compleatly

nosirrah

November 7th, 2009, 11:48 AM

Risk implies uncertainty , we have none .

And for the record , we would not risk that either .

ePost

November 7th, 2009, 11:48 AM

-{ Quote: "
Who's gets accused next? SUPERAntiSpyware? AdAware? CounterSpy? AVG?" }-
Have you tested if your sigs were stolen as well? In regard to the IOBit case, I mean.

SUPERAntiSpy

November 7th, 2009, 11:49 AM

-{ Quote: "Have you tested if your sigs were stolen as well? In regard to the IOBit case, I mean." }-

Of course, we just are not splattering the results all over the web.

Dr who

November 7th, 2009, 12:01 PM

-{ Quote: "We have found more than one company potentially stealing our definitions and some of our technology - you don't hear about it because we are handling it in a legal nature, and once the situation is adjudicated in a court of law, or settled legally we would announce it, but not before - and we won't name the companies involved.

I hope that clears that up for you as to how I and my company would handle the situation! I wouldn't risk a giant defamation and slander case by announcing something like that all over the web." }-

Nick,

Are you using defamation of the innocent inorder to protect defamation against the guilty ?

SUPERAntiSpy

November 7th, 2009, 12:05 PM

-{ Quote: "Nick,

Are you using defamation of the innocent inorder to protect defamation against the guilty ?" }-

Defamation of the innocent? I am defaming no one.

pandlouk

November 7th, 2009, 12:06 PM

@nosirrah

I do not know how these things are handdled in US but in most European countries, the correct procedure would be to:

1st. Contact the offender person/company and try to resolve the problem.
2nd. If no agreement is reached, to follow legal procedures...
3rd. After the above take place (at least the 1st one), make the subject public dominion.

To my understanding you followed the exact opposite path...

Panagiotis

SUPERAntiSpy

November 7th, 2009, 12:13 PM

Just so this thread doesn't spiral into a flame war, I want to make sure everyone here understands that I have nothing againt MalwareBytes, or any other company.

I am looking at this situation from a "global problem" situation - meaning that if someone accused SUPERAntiSpyware of doing the same thing, it would likely destroy our reputation - or any company that was accused of such behavior. These types of public "witch hunts" can be spur on others to make claims that may not be legit just to receive the press and attention.

I would not want IOBit, nor any company, to be on the receiving end of such claims - especially when the industry is highly competitive, until such claims were proven beyond a doubt by more than just the accusing company.

Juha L

November 7th, 2009, 02:20 PM

-{ Quote: "We have found more than one company potentially stealing our definitions and some of our technology - you don't hear about it because we are handling it in a legal nature, and once the situation is adjudicated in a court of law, or settled legally we would announce it, but not before - and we won't name the companies involved." }-

Haha, try to handle such thing in legal nature against a Chinese company which operates from China. You gotta be kidding. ::)

JohnnyDollar

November 7th, 2009, 02:32 PM

-{ Quote: "Just so this thread doesn't spiral into a flame war, I want to make sure everyone here understands that I have nothing againt MalwareBytes, or any other company.

I am looking at this situation from a "global problem" situation - meaning that if someone accused SUPERAntiSpyware of doing the same thing, it would likely destroy our reputation - or any company that was accused of such behavior. These types of public "witch hunts" can be spur on others to make claims that may not be legit just to receive the press and attention.

I would not want IOBit, nor any company, to be on the receiving end of such claims - especially when the industry is highly competitive, until such claims were proven beyond a doubt by more than just the accusing company." }-

If MBAM accused SAS of the same thing with the same evidence and SAS reacted the same way IOBIT has, then yes your reputation would go down big time.

If you can't stand up and fight off accusations that a rival company is making against you in the public arena then you got problems anyway IMO. Unfortunately politics plays a big role in this world. You have to be on your toes all the time and not get greedy.

ePost

November 7th, 2009, 02:39 PM

I think it depends on the evidence. If MBAM's case is as strong as they seem to believe themselves then a public accusation is acceptable....

Fuzzfas

November 7th, 2009, 03:02 PM

-{ Quote: "Haha, try to handle such thing in legal nature against a Chinese company which operates from China. You gotta be kidding. ::)" }-

Maybe they 're rich enough to afford it, no matter what the costs and the probable compensation by chinese law.

Symantec for example could afford it probably...

Page42

November 7th, 2009, 03:28 PM

-{ Quote: "Of course, we just are not splattering the results all over the web." }-
So what is your point in critcizing MBAM's handling of this situation? To make yourself look better? Couldn't you have shared your opinions on MBAM's handling of this in private with those folks? Why do you "splatter" your criticism of MBAM all over the web? I know the answer... because you can't miss what you feel is an opportunity to make a competitor look bad and yourself look good. Big ol thumbs down to SUPERAntiSpy for being a hypocrite... for not practicing what he preaches. :thumbd: :thumbd: :thumbd:

aigle

November 7th, 2009, 03:43 PM

aigle

November 7th, 2009, 03:47 PM

-{ Quote: "Just so this thread doesn't spiral into a flame war, I want to make sure everyone here understands that I have nothing againt MalwareBytes, or any other company.

I am looking at this situation from a "global problem" situation - meaning that if someone accused SUPERAntiSpyware of doing the same thing, it would likely destroy our reputation - or any company that was accused of such behavior. These types of public "witch hunts" can be spur on others to make claims that may not be legit just to receive the press and attention.

I would not want IOBit, nor any company, to be on the receiving end of such claims - especially when the industry is highly competitive, until such claims were proven beyond a doubt by more than just the accusing company." }-
In this situition, if IOBit or any other company can bring an evidence as solid as that of MBAM, belive me they are going to dominate the market.

LaserWraith

November 7th, 2009, 03:53 PM

@Nick: Maybe MB isn't bathing in money. Maybe they can't afford a lawsuit. Maybe the odds of winning a lawsuit in China wouldn't be too high.

If I am correct, they are located in the US. So they have lawyers who are familiar with US law.

But wouldn't it cost some to get Chinese lawyers?

And I heard a lot of Chinese companies do things that would be illegal in the US and get away with it.

In addition, I think the community has a right to know if some company is stealing. They want to get protection, and who would want stolen protection? ???

~LaserWraith

bellgamin

November 7th, 2009, 05:11 PM

-{ Quote: "Big ol thumbs down to SUPERAntiSpy for being a hypocrite... for not practicing what he preaches. :thumbd: :thumbd: :thumbd:" }-Agree totally. Well said!!

littlebits

November 7th, 2009, 05:18 PM

IObit's main site maybe located in China but they do have servers in the USA.

When I run an update for Security 360 it connects to 174.37.22.173.

http://whois.domaintools.com/174.37.22.173

Also when I download their products, it connects to the same address located in Dallas, TX.

That is why I always thought they were a USA company.

Thanks.:)

Fly

November 7th, 2009, 05:34 PM

-{ Quote: "The right way to have handled this was silently until actual facts are proven in a court of law and/or by outside parties. This has turned into a huge publicity stunt - MalwareBytes has destroyed a competitors reputation.

Many sites that MalwareBytes forced IOBit off of SELL MBAM without disclosing that fact - now they are forced to remove IOBit - I wonder if forcing out a higher rated product helped MBAM's sales? Of course it does.

Who's gets accused next? SUPERAntiSpyware? AdAware? CounterSpy? AVG?" }-

SAS and MBAM are both popular antispyware programs.
To SUPERAntiSpy: Are you sure you're completely objective here ? :dry:

Court of law ? The WHOIS info of MBAM points to the USA.
Attempting to solve this in a Chinese court is probably not realistic. They can try, but can they win ? Even if they could win such a case and Chinese laws would inflict significant damage to IObit, it would be a very expensive and time-consuming battle. Should MBAM just have to put up with IObit's actions for two years, with IObit continuing to use MBAM's database ? And China isn't exactly well known for respect of copyright.

Maybe MBAM will take legal action, but I see no point in not presenting the evidence to the public. MBAM succeeded in shaming IObit and stopping IObit from continuing to abuse MBAM's database.

MBAM isn't wealthy like Symantec or Kaspersky, nor do they have similar political clout.

You stated: 'The right way to have handled this was silently until actual facts are proven in a court of law and/or by outside parties. This has turned into a huge publicity stunt - MalwareBytes has destroyed a competitors reputation.' Who are you to say how MBAM should have handled this issue ?

You also stated: 'Many sites that MalwareBytes forced IOBit off of SELL MBAM without disclosing that fact - now they are forced to remove IOBit - I wonder if forcing out a higher rated product helped MBAM's sales? Of course it does' IObit was hurting MBAM's sales and market share by stealing their database. What's wrong with stopping that ?

The evidence MBAM presented was conclusive. Not just my opinion, many websites removed the IObit software, and IObit has removed the database of MBAM from its products. Thus (implicitly) admitting guilt.

JRViejo

November 7th, 2009, 06:06 PM

Removed one Off-Topic post. May I remind all Wilders members to be civil in your discussions of this subject, otherwise this thread will close. Thanks!

JR

SUPERAntiSpy

November 7th, 2009, 07:21 PM

-{ Quote: "So what is your point in critcizing MBAM's handling of this situation? To make yourself look better? Couldn't you have shared your opinions on MBAM's handling of this in private with those folks? Why do you "splatter" your criticism of MBAM all over the web? I know the answer... because you can't miss what you feel is an opportunity to make a competitor look bad and yourself look good. Big ol thumbs down to SUPERAntiSpy for being a hypocrite... for not practicing what he preaches. :thumbd: :thumbd: :thumbd:" }-

Typical comment from you Page42.

The point is that NO COMPANY should do this type of smear campaign against another based on ONLY INTERNAL EVIDENCE - it sets a precidence of ways to behave - the Internet is messed up enough - sites are stating this as fact when there is no external evidence - and NONE of other companies being "ripped off" have come forward to join in - that's very odd.

I am not saying "MalwareBytes is bad", or that it's ok if they were ripped off, it's NOT - my point is that if IOBit is in the clear and MalwareBytes made a "mistake" then they have ruined IOBit's company and reputation - as an owner of a company I certainly would not want such accusations being splattered all over the web without a fair shot in court or other legal venue.

SUPERAntiSpy

November 7th, 2009, 07:27 PM

-{ Quote: "SAS and MBAM are both popular antispyware programs.
To SUPERAntiSpy: Are you sure you're completely objective here ? :dry:

Court of law ? The WHOIS info of MBAM points to the USA.
Attempting to solve this in a Chinese court is probably not realistic. They can try, but can they win ? Even if they could win such a case and Chinese laws would inflict significant damage to IObit, it would be a very expensive and time-consuming battle. Should MBAM just have to put up with IObit's actions for two years, with IObit continuing to use MBAM's database ? And China isn't exactly well known for respect of copyright.

Maybe MBAM will take legal action, but I see no point in not presenting the evidence to the public. MBAM succeeded in shaming IObit and stopping IObit from continuing to abuse MBAM's database.

MBAM isn't wealthy like Symantec or Kaspersky, nor do they have similar political clout.

You stated: 'The right way to have handled this was silently until actual facts are proven in a court of law and/or by outside parties. This has turned into a huge publicity stunt - MalwareBytes has destroyed a competitors reputation.' Who are you to say how MBAM should have handled this issue ?

You also stated: 'Many sites that MalwareBytes forced IOBit off of SELL MBAM without disclosing that fact - now they are forced to remove IOBit - I wonder if forcing out a higher rated product helped MBAM's sales? Of course it does' IObit was hurting MBAM's sales and market share by stealing their database. What's wrong with stopping that ?

The evidence MBAM presented was conclusive. Not just my opinion, many websites removed the IObit software, and IObit has removed the database of MBAM from its products. Thus (implicitly) admitting guilt." }-

I am speaking objectively as a businessman - I am not saying ANYTHING about the MalwareBytes product - I am speaking to the fact of the way this was smeared around the web, all based upon an accusation and what that can do to a companies reputation.

IOBit's case doesn't look "strong" by them removing the product on a temporary (or more) basis.

JohnnyDollar

November 7th, 2009, 07:49 PM

-{ Quote: "
I am not saying "MalwareBytes is bad", or that it's ok if they were ripped off, it's NOT - my point is that if IOBit is in the clear and MalwareBytes made a "mistake" then they have ruined IOBit's company and reputation - as an owner of a company I certainly would not want such accusations being splattered all over the web without a fair shot in court or other legal venue." }-

Not necessarily, look at how Iobit has responded to this. Don't you think that if MBAM was accusing SAS of the same and was making a mistake that SAS would have done a better job of defending itself against the accusations? The accusations alone are not ruining Iobits' reputation. The way they have handled their response or lack of it has a lot to do with how this is playing out also.

CogitoTesting

November 7th, 2009, 07:51 PM

-{ Quote: "Typical comment from you Page42.

The point is that NO COMPANY should do this type of smear campaign against another based on ONLY INTERNAL EVIDENCE -" }-

Smear campaign, I do not understand; who is smearing whom? MBAM smearing Iobit? Internal evidence only? My God where are you coming from :thumbd: ? Read the previous post on this thread and MBAM forum and behold. What's your point here are your so-call internal evidences wrong? Is Iobit innocent?

More importantly, whose side are you on? Be a man or a woman ;D please state your real intention.

SUPERAntiSpy

November 7th, 2009, 07:52 PM

-{ Quote: "Not necessarily, look at how Iobit has responded to this. Don't you think that if MBAM was accusing SAS of the same and was making a mistake that SAS would have done a better job of defending itself against the accusations? The accusations alone are not ruining Iobits' reputation. The way they have handled their response or lack of it has a lot to do with how this is playing out also." }-

Remember there is the language barrier going on here as well.....

SUPERAntiSpy

November 7th, 2009, 07:58 PM

-{ Quote: "Smear campaign, I do not understand; who is smearing whom? MBAM smearing Iobit? Internal evidence only? My God where are you coming from :thumbd: ? Read the previous post on this thread and MBAM forum and behold. What's your point here are your so-call internal evidences wrong? Is Iobit innocent?

More importantly, whose side are you on? Be a man or a woman ;D please state your real intention." }-

The evidence collected and examined was generated by MalwareBytes, that is why I am referring to it as internal evidence. I don't know if IOBit is innocent or guilty - from the MBAM side of course they appear guilty.

I am not trying to judge who is right or wrong as far as the definition stealing - I can't make that call without of course examining the entire situation - in which all the evidence is now modified and altered - IOBit obviously changed their product database.

The point I brought up and have referenced is the way the situation was handled.

JohnnyDollar

November 7th, 2009, 08:00 PM

-{ Quote: "Remember there is the language barrier going on here as well....." }-

Surely that wouldn't be a hard thing to work around. They seem to have a fair share of supporters that are defending them around the web that seem to speak English very well. Heck if worst came to worst they could hire a PR firm to handle that I would think.

edit: I think it has less to do with language and more to do with judgment. They have decided to stay quiet for the most part and deny it. Their actions though, have spoken volumes.

SUPERAntiSpy

November 7th, 2009, 08:08 PM

-{ Quote: "Surely that wouldn't be a hard thing to work around. They seem to have a fair share of supporters that are defending them around the web that seem to speak English very well. Heck if worst came to worst they could hire a PR firm to handle that I would think." }-

Yep, there are ways around it - it will be interesting to see how this all ends up!

JohnnyDollar

November 7th, 2009, 08:11 PM

-{ Quote: "Yep, there are ways around it - it will be interesting to see how this all ends up!" }-

agreed

Saraceno

November 7th, 2009, 08:20 PM

I agree that most things are best settled between two parties, but at the same time, as others have mentioned, if MBAM aren't rolling in money, and don't have the time or resources to push with legal action, given the data they uncovered and the knowledge they have of their program and how it works, you would have to lean towards their side.

And IObit taking down their previous version, and replacing it with a new version, reeks of guilt.

To me it's the same as seeing someone leave the side-gate of your house, and you notice all your tools are missing, and they respond with, 'but did you actually see me pick the items up and take them, I have done nothing wrong'.

We place our values in the court of law, but each day I see plenty of dirt-bags with the better lawyers escape conviction.

So sometimes, lawyers and courts aside, you just get that feeling someone is telling the truth, and someone isn't.

CogitoTesting

November 7th, 2009, 08:29 PM

-{ Quote: "The evidence collected and examined was generated by MalwareBytes, that is why I am referring to it as internal evidence. I don't know if IOBit is innocent or guilty - from the MBAM side of course they appear guilty.

I am not trying to judge who is right or wrong as far as the definition stealing - I can't make that call without of course examining the entire situation - in which all the evidence is now modified and altered - IOBit obviously changed their product database.

The point I brought up and have referenced is the way the situation was handled." }-

Please tell me who should have gathered the evidence if it is not by MBAM? Would Iobit generate it and in the process shoot itself in the foot? Is there an agency in the computer security world that MBAM would have called in order to investigate the matter without getting paid? MBAM has conducted itself with honor and its internal evidence would stand in any objective court of law.

Whose side are you on? Please state your real intention.

ePost

November 7th, 2009, 08:47 PM

I guess that had it not been for the fact that IOBit is Chinese SUPERAntiSpy would have been right. As it is now MBAM's folks did not have much choice in the matter. They wanted the piracy stopped and this was the only way. How else do you stop a Chinese company from copying your products? The country earned itself Herostratic fame for not respecting international copyright laws.

SUPERAntiSpy

November 7th, 2009, 10:54 PM

-{ Quote: "Please tell me who should have gathered the evidence if it is not by MBAM? Would Iobit generate it and in the process shoot itself in the foot? Is there an agency in the computer security world that MBAM would have called in order to investigate the matter without getting paid? MBAM has conducted itself with honor and its internal evidence would stand in any objective court of law.

Whose side are you on? Please state your real intention." }-

I am on the side of things being done justly, that's the side I am on - the way this was handled was much like the witch trials of the 1600's where someone simply said "this person is a witch" and suddenly they are being rallied around and stoned to death because of an ACCUSATION and "proof" that was not verfied by ANYONE but the accusing party. (Yes, I know some were "tried" by "courts" - but not in a legal sense)

As I have stated in several posts, if IOBit stole the database, they deserve to have their product removed from download sites and thus have their reputation destroyed - but if by ANY chance it is not the case, they can NEVER recover.

How would everyone here feel if that turned out to the be the case - that IO Bit really "stole" nothing and someone had simply submitted those samples to them and they were added overzealously by their researchers? Would you all turn on MalwareBytes and destroy their reputation as IOBits has been destroyed? I am honestly curious about the answer to this question.

ePost

November 7th, 2009, 10:59 PM

You're an expert, Nick and I assume that you've looked into this matter very, very thoroughly since you write the things you do. You're capable of analyzing the content of IOBit 360 as well as MBAM. Did your investigation give you any reason to doubt the claims from MBAM's staff? It's almost as if SUPERAntiSpyware now has become a third party involved in this.

the Tester

November 7th, 2009, 11:07 PM

-{ Quote: "

How would everyone here feel if that turned out to the be the case - that IO Bit really "stole" nothing and someone had simply submitted those samples to them and they were added overzealously by their researchers? Would you all turn on MalwareBytes and destroy their reputation as IOBits has been destroyed? I am honestly curious about the answer to this question." }-

I would feel indifferent. If IOBit did steal nothing I would say that they did a very poor job of defending themselves and actually did things that make themselves look guilty. Pulling the download of Security 360 on their own website is the obvious example of that.

In the hypothetical situation of turning on Malware Bites...Malware Bites has proven that they are capable of defending themselves, so I wouldn't worry about them.

SUPERAntiSpy

November 7th, 2009, 11:35 PM

-{ Quote: "You're an expert, Nick and I assume that you've looked into this matter very, very thoroughly since you write the things you do. You're capable of analyzing the content of IOBit 360 as well as MBAM. Did your investigation give you any reason to doubt the claims from MBAM's staff? It's almost as if SUPERAntiSpyware now has become a third party involved in this." }-

I have no way of looking at the matter now - meaning, if MBAM had contacted me, as an outside party and had me/my team analyze the situation BEFORE the public announcement, then that would have built a stonger case - you never know what IOBit is going to do - I don't see how they can just "lie down" on this one.

Now, after the fact, each side has had "time" to potentially alter the "facts" of the case and there is no way to "catch" anyone in the act anymore. (not that anyone has, but I certainly would not put my reputation on the line after the fact).

I would have been more than happy to assist MalwareBytes in this situation. Companies, even if competitive in nature, have to stick together - if this happens again, and it will, my hope is that people lock down the case more, form a plan to handle it, then take it public if necessary.

SUPERAntiSpy

November 7th, 2009, 11:47 PM

-{ Quote: "I would feel indifferent. If IOBit did steal nothing I would say that they did a very poor job of defending themselves and actually did things that make themselves look guilty. Pulling the download of Security 360 on their own website is the obvious example of that.

In the hypothetical situation of turning on Malware Bites...Malware Bites has proven that they are capable of defending themselves, so I wouldn't worry about them." }-

As an analogy - if someone who spoke little english in another country was accused by an english speaker in the USA of murder and didn't do a great job of defending themselves in a different country, you would feel ok that they were accused of murder and everyone thought that they were murders, even if they were not? That's just scary.

ePost

November 8th, 2009, 12:32 AM

-{ Quote: "I have no way of looking at the matter now" }-You haven't looked into the matter, you say. I'm disappointed and very surprised. This sort of closes this part of the discussion. At least for me.

SUPERAntiSpy

November 8th, 2009, 12:42 AM

-{ Quote: "You haven't looked into the matter, you say. I'm disappointed and very surprised. This sort of closes this part of the discussion. At least for me." }-

I don't have access to MalwareBytes, nor IOBits private data - if someone would like to provide that information, I'd be happy to analyze it.

Rain_Train

November 8th, 2009, 12:52 AM

Wow. I don't understand why some are going after Nick now. All he is doing is speculating: what if MBAM is wrong, then they could have a mess on their hands because they decided to handle it the way they did.

That's it. I don't think he's debating the facts, and frankly I don't think it's too hard to understand his point. But I guess that as soon as you get the yellow color, you forfeit all rights to express yourself as a normal poster; instead your every comment is taken as one from a professional or a company executive.

:thumbd: :gack:

waters

November 8th, 2009, 02:28 AM

This could only happen on the web and is wrong , to have the accusing company supplying all the evidence is crazy.If there is more than one company affected by this then they have stayed strangely silent

Fuzzfas

November 8th, 2009, 04:40 AM

-{ Quote: "I have no way of looking at the matter now - meaning, if MBAM had contacted me, as an outside party and had me/my team analyze the situation BEFORE the public announcement, then that would have built a stonger case - you never know what IOBit is going to do - I don't see how they can just "lie down" on this one. " }-

So you say that MBAM could have given access to her database and source of contractors/transactions with her sources to your company, who is also a competitor... I mean, i do understand that you love MBAM , but let's put the hypothesis that MBAM is secretive (because even though all security companies are good people occasionally one reverse engineers the other, steals ideas, etc) and doesn't love you and doesn't want in general another company with no legal juristiction to peek in her in-house affairs.

If 'd have to put someone to peek in my company's data, i 'd certainly wouldn't ask a competitor to do that. I 'd do that in case i ended in court and i 'd wait a for Court's appointed or accepted investigator (expert) to do that. Because you know, even 3rd party experts in a court case must be first approved by the judge (neverminding the fact that their testimony is of reduced weight).

Please DO cite ONE (1) case example of case in your line of business, where between 2 disputing competitors , 1 of the 2 used a 3rd , also competing company giving her access to her company's data WITHOUT Court's order or approval of that appointed that 3rd company as investigating 3rd party expert.

You sound like this is the "normal" procedure. So , with your experience you will be able to show us such a case, right?

Let me present it from another angle. MBAM , if decided that the best and most realistical attack on Iobit is going public, doesn't HAVE to do what you say. The public is already on her favour in majority. The ball is in Iobit's court. What you say would be a requirement if this does end up in Court. But until it does (if it does), MBAM has no reason to use you or any other company for PR. Their PR is working fine as it is.

-{ Quote: "
Now, after the fact, each side has had "time" to potentially alter the "facts" of the case and there is no way to "catch" anyone in the act anymore. (not that anyone has, but I certainly would not put my reputation on the line after the fact). " }-

You missed the part where Iobit's (and MBAMs) database is in every "old" installer and all you have to do is have the installer (hash checks allow for originality verification as you know). As for MBAM they pubblished their samples.

-{ Quote: "
I would have been more than happy to assist MalwareBytes in this situation. Companies, even if competitive in nature, have to stick together - if this happens again, and it will, my hope is that people lock down the case more, form a plan to handle it, then take it public if necessary." }-

With which of the 2 competitors do you wish to stick together though? Because there are 2 here.

-{ Quote: "How would everyone here feel if that turned out to the be the case - that IO Bit really "stole" nothing and someone had simply submitted those samples to them and they were added overzealously by their researchers? Would you all turn on MalwareBytes and destroy their reputation as IOBits has been destroyed? I am honestly curious about the answer to this question.]" }-

A few samples may have been submitted and an overzealus analyzer may have incorporated them (i can analyze like that too). Let's also say that MBAM is lying about the "in-house" detection which does not exist in the wild. What about the rest of the database?

And since you have a lawyer in your company, ask him this one. Under US law, even if say a contractor "fooled" Iobit into incoroporating a chunk of MBAM's database without them realizing that, does a judge:

1) Automatically grant "good faith" to Iobit? Or in such a case "good faith" must be proven to the judge?
2) Even if Iobit was in good faith, the fact that she gained direct profit out of this and that MBAM on the other hand was receiving economical damage (unfair competition), frees Iobit out of any responsibility towards MBAM?

My prediction is that your lawyer will tell you that if Iobit proves good faith (not automatically granted) , they will pay a lower fine, but they will pay. On their part, Iobit can reclaim their loss by pursuing the party that fooled them.

But of course under chinese law, all this may be different. An example:

http://silkroadintl.net/blog/2009/02/24/third-party-contracts-by-matt-kawalak/

-{ Quote: "As an analogy - if someone who spoke little english in another country was accused by an english speaker in the USA of murder and didn't do a great job of defending themselves in a different country, you would feel ok that they were accused of murder and everyone thought that they were murders, even if they were not? That's just scary." }-

I think there is also another analogy. You 've some pretty solid evidence that someone murdered your wife and that murderer has gone to a country where he is outside your own country's law and no extradiction agreement. What do you do?

And who's impeding Iobit to defend herself better? Don't have a lawyer too? They do.

http://blog.iobit.com/archives/95.html

Don't you think that MBAM has a lawyer too? Don't you think that they ask their lawyer before going public and what risks this would imply?

This is MY speculation about this:

- For either economical reasons or because of too soft chinese law on the matter (why doesn't MS pursue Chinese shop owners that sell boxed pirated Windows inside SHOPS? Why doesn't Lacoste/Armani/L' Oreal not sue chinese suppliers and factories that produce counterfeit products with their logo and cost 1/100 of the original?) MBAM saw that their means of a moving to China for legal action was insufficient.

- Their lawyer agreed to go public. The reputation hit would be the "compensation".

- Iobit replies that they are innocent and threat with lawsuit and proceed with "cleaning" of their database.

- Nobody goes to court, at best after an exchange of letters or meeting of representatives they agree on that: "You stop it , we clean our database".

-{ Quote: "Remember there is the language barrier going on here as well....." }-

Well, for someone with language barrier, their english seems better than mine... In the worst case they can have the person that wrote their announcement talk to MBAM.

http://blog.iobit.com/archives/95.html

Fuzzfas

November 8th, 2009, 04:45 AM

Oh, Nick, i know that this may be of little consolation, but if MBAM tries to pull a slandering bluff against SAS (or Adware) too, at least you can drag them to US court and make them go bankrupt.

So, MBAM will think it 2 and 3 times before attempting something against SAS. After all, they do want to stay in business, that's why they would try to slander in the first place, right?

Against you, they won't stay in business. At best you will both go down. But they 'd have to really hate you to try that.

Fuzzfas

November 8th, 2009, 05:02 AM

-{ Quote: "Wow. I don't understand why some are going after Nick now. All he is doing is speculating: what if MBAM is wrong, then they could have a mess on their hands because they decided to handle it the way they did. " }-

If they 're wrong , i suppose US law is harsh enough to make them go bankrupt. Right? I suppose they knew that before going public. I mean, they must have asked their lawyer before going public and of the potential risks.

-{ Quote: "
That's it. I don't think he's debating the facts, and frankly I don't think it's too hard to understand his point. But I guess that as soon as you get the yellow color, you forfeit all rights to express yourself as a normal poster; instead your every comment is taken as one from a professional or a company executive.

:thumbd: :gack:" }-

I agree that Nick has a right to an opinion, as everyone else. But do give the people the attentuating factor, that in Nick's case, there may be also a "conflict of interests". I mean, on his own he stated that he worries about his own company falling victim of calumniation. That's the only difference. (He said: "I wonder if forcing out a higher rated product helped MBAM's sales? Of course it does. Who's gets accused next? SUPERAntiSpyware? AdAware? CounterSpy? AVG?").

"Normal people" also have the right to an opinion, even without being judges. If you want to avoid normal people forming an opinion about your case, either you defend yourself publically better too or you move to court and destroy your slanderer. I am sorry but that's how things are. It's the same for every type of presumed crime. Theoretically one is only officially guilty only after a hudge pronounces verdict.

That is true for the law. It's not true for the media part of the case until that verdict is out. You get arrested by the police for any charges and the TV is out there shooting? People will form an opinion. They may think you 're guilty even if eventually you get assolved.

You can't change that. The only way to change that would be to apply censorship law forbiding any discussion about any case that has not reached final verdict worldwide.

Fuzzfas

November 8th, 2009, 05:09 AM

-{ Quote: "I am on the side of things being done justly, that's the side I am on - the way this was handled was much like the witch trials of the 1600's where someone simply said "this person is a witch" and suddenly they are being rallied around and stoned to death because of an ACCUSATION and "proof" that was not verfied by ANYONE but the accusing party. (Yes, I know some were "tried" by "courts" - but not in a legal sense)

" }-

I think your example has a difference with the current situation.

In this case the "witch" isn't automatically "stoned". After hearing the 2 versions, the mob is convinced more from the 1 version and "spits" at the witch.

The witch has then the option to drag the accusator to a very severe Court and have the accusator "stoned to death" if proven right.

It's the 2009 version of witch hunt. :argh:

andylau

November 8th, 2009, 06:10 AM

Fuzzfas, do you have any evidences show that IOBit is a China company?::)

Fuzzfas

November 8th, 2009, 06:16 AM

-{ Quote: "Are there any evidences show that IOBit is a China company?::)" }-

Google is your friend?

Malwarebytes accuses Chinese antivirus vendor IObit
http://news.softpedia.com/news/Malwarebytes-IObit-Stole-Our-Signatures-Database-125928.shtml

Also whois is your friend?

IOBIT.COM WHOIS
Updated: 3 seconds ago
Registrant:
IObit
1st floor of 8th building, No 16, Lansiduan, Erhuanlu
High-tech R&D district
Shanghai, 200000
CN

Domain name: IOBIT.COM

Administrative Contact:
IObit, IObit @iobit.com
1st floor of 8th building, No 16, Lansiduan, Erhuanlu
High-tech R&D district
Shanghai, 200000
CN
+86-10-852722386 Fax: +86-10-852270825

Technical Contact:
IObit, IObit @iobit.com
1st floor of 8th building, No 16, Lansiduan, Erhuanlu
High-tech R&D district
Shanghai, 200000
CN
+86-10-852722386 Fax: +86-10-852270825

Maybe that's why the mods in Iobit forum have so often chinese scripture in their avatar or signature and the Iobit com has links to Naruto Hentai porn.

xXDarkStalkerxX

November 8th, 2009, 06:20 AM

-{ Quote: "

Maybe that's why the mods in Iobit forum have so often chinese scripture in their avatar or signature and the Iobit com has links to Naruto Hentai porn." }-

Naruto Hentai is from Japan anyway 8)

Fuzzfas

November 8th, 2009, 06:23 AM

-{ Quote: "Naruto Hentai is from Japan anyway 8)" }-

Right about that.

Anyway, my brother told me that probably a lawsuit could be held in USA too, if Iobit on her own will would be willing to be subject to US law. Practically agree with MBAM to accept a lawsuit and try it to US courts.

the Tester

November 8th, 2009, 10:39 AM

-{ Quote: "As an analogy - if someone who spoke little english in another country was accused by an english speaker in the USA of murder and didn't do a great job of defending themselves in a different country, you would feel ok that they were accused of murder and everyone thought that they were murders, even if they were not? That's just scary." }-

That's a poor analogy for a number of reasons.
1) The defense of the non-English speaker in the USA would probably be by an attorney-a public defender at the least.
2) How do you compare a hypothetical murder (a capital offense in some states) to theft? One carries much more serious punishment. I believe that the person accused of murder has more on his/her mind than reputation.
3) How the accused are perceived is partially their responsibility isn't it?
That would fall under the Public Relations category. Guilty or not, it's normal to defend yourself and avoid taking actions that tend to indicate guilt.

SUPERAntiSpy

November 8th, 2009, 11:29 AM

It's really pointless with many of the group here - you don't get it - you are on the witch hunt and you can't see anything but what you want to see.

You try and spin everything I write because MalwareBytes and SUPERAntiSpyware are in the same industry. What you don't realize is that companies such as MBAM, SAS, Sunbelt (CounterSpy), etc. do communicate on a friendly basis - who cares if we are in the same industry - I don't view us as competitors - we are allies in the fight against malware - MBAM and SAS make a great combination to fight infections as we each have different strengths and weaknesses.

It's (MBAM & SAS) vs Malware, not MBAM (or another product) vs SAS (or another product)!

What you are really saying is you yourselves can't be objective and don't understant the greater problem with the situation as it was handled.

Try looking at things "out of the box" instead of following "mob mentality"!

(resume flaming)

kasperking

November 8th, 2009, 11:40 AM

-{ Quote: "
It's (MBAM & SAS) vs Malware, not MBAM (or another product) vs SAS (or another product)!
" }-
Now that's an attitude that deserves a big...:thumb:

Dr who

November 8th, 2009, 11:50 AM

Love your logic Nick S,

No proof or independent evidence(Try this simple test equation)

Find test bed of recent malware samples and put in static folder(= X).

Custom scan with with the previous version of IObit security 360 with default installation (no updating)database and then remove all the non detected files from the test bed.
So you have the folder containing only IObit defaultly detected malware files left in the test bed(= Y).

Now scan thoes samples(Y) with most recent IObit security 360 application with default installation database(no updating!) and allow it to remove what it finds this time.

This will leave you with samples that IObit has oddly enough dropped from their database so let call them Z testbed.

Now scan Z testbed with MBAM to get a result =The irrefutable evidence that dose'nt exist according to you

The real evidence is there, you choose not to accept it...I wonder why ;)

Baz_kasp

November 8th, 2009, 11:54 AM

-{ Quote: "It's really pointless with many of the group here - you don't get it - you are on the witch hunt and you can't see anything but what you want to see.

You try and spin everything I write because MalwareBytes and SUPERAntiSpyware are in the same industry. What you don't realize is that companies such as MBAM, SAS, Sunbelt (CounterSpy), etc. do communicate on a friendly basis - who cares if we are in the same industry - I don't view us as competitors - we are allies in the fight against malware - MBAM and SAS make a great combination to fight infections as we each have different strengths and weaknesses.

It's (MBAM & SAS) vs Malware, not MBAM (or another product) vs SAS (or another product)!

What you are really saying is you yourselves can't be objective and don't understant the greater problem with the situation as it was handled.

Try looking at things "out of the box" instead of following "mob mentality"!

(resume flaming)" }-

Nick...I would agree with you in any other case, but not in this one. IOBit have incriminated themselves, and they deserved to be exposed for their actions.

They have consistently proven to be untrustworthy..advetising their products using porn on their own website, censoring questions on their forum, offering no tangiable explanations and trying to hide the evidence (they deleted most of the stolen definitions silently after the allegations surfaced), and even closed a "malware detection competition" that they themselves were running due to the fact that it would expose their theft once the stolen data was removed. (An old version of IObit which hasnt been updated now detects about fourfold more malware than a current, updated version)

I see no way that this would have made it to court...as I am sure IOBit would disappear and set up shop somewhere else with as much ease as they appeared....and malwarebytes would probably have wasted a lot of money in trying to get this court...money which we all now have less of due to the global recession.

I understand why you are concerned, and why this expose (in theory) could have gone wrong, but in this case anyone who has sufficient technical knowledge can see that the technical data is sound and that IOBit is definitely trying to erase details of its crime. They have no leg to stand on and need to be outed from the security industry. My beef with them is no witch-hunt, it is one of them trying to insult my intelligence by categorically denying the evidence presented and coming up with some half-hearted excuses that maybe a non technical user would believe.

Fuzzfas

November 8th, 2009, 11:55 AM

-{ Quote: "It's really pointless with many of the group here - you don't get it - you are on the witch hunt and you can't see anything but what you want to see.

You try and spin everything I write because MalwareBytes and SUPERAntiSpyware are in the same industry. What you don't realize is that companies such as MBAM, SAS, Sunbelt (CounterSpy), etc. do communicate on a friendly basis - who cares if we are in the same industry - I don't view us as competitors - we are allies in the fight against malware - MBAM and SAS make a great combination to fight infections as we each have different strengths and weaknesses.

It's (MBAM & SAS) vs Malware, not MBAM (or another product) vs SAS (or another product)!

What you are really saying is you yourselves can't be objective and don't understant the greater problem with the situation as it was handled.

Try looking at things "out of the box" instead of following "mob mentality"!

(resume flaming)" }-

You are looking out of the box here?

-{ Quote: "The right way to have handled this was silently until actual facts are proven in a court of law and/or by outside parties. This has turned into a huge publicity stunt - MalwareBytes has destroyed a competitors reputation.

Many sites that MalwareBytes forced IOBit off of SELL MBAM without disclosing that fact - now they are forced to remove IOBit - I wonder if forcing out a higher rated product helped MBAM's sales? Of course it does.

Who's gets accused next? SUPERAntiSpyware? AdAware? CounterSpy? AVG?" }-

Yes, very much in the line of "united against malware" and objectivity.... Allies against malware, friendly communication, but hey, maybe these MBAM guys are trying to pull a pubblicity stunt , by bluffing , because they want to take down a superior product and then maybe it's MY turn coming!

"Love is in the air".

I 'd say to you to make an experiment. Take a stranger , don't tell him who you are and then tell him to read the above comment. Then ask him, what he thinks of the feelings of the author towards MBAM.

Back to the topic, an interesting article, which pretty much explains why copyright infringement in China is thriving and so many companies around the world can't stop the flooding of counterfeit products:

-{ Quote: "Criminal Thresholds

China’s Criminal Law involves specific thresholds for specific intellectual property rights violations, criminalizing different types of infringement only, for example, “if the circumstances are serious,” “if the amount of sales is relatively large,” or “if the amount of illegal gains is huge.” These vague phrases are interpreted by Judicial Interpretations into specific quantitative definitions; for example, a business volume of “not less than 50,000 Yuan,” or a distribution of “not less than 500 in total” of the infringing works. China’s reasoning for this construction of its laws is for public and economic order, and for the prioritization of resources.

http://jetl.wordpress.com/2009/02/26/inside-the-us-wto-“victory”-over-china/
" }-

US lost in that part in her WTO complaint last January actually.

SUPERAntiSpy

November 8th, 2009, 11:57 AM

-{ Quote: "Love your logic Nick S,

No proof or independent evidence(Try this simple test equation)

Find test bed of recent malware samples and put in static folder(= X).

Custom scan with with the previous version of IObit security 360 with default installation (no updating)database and then remove all the non detected files from the test bed.
So you have the folder containing only IObit defaultly detected malware files left in the test bed(= Y).

Now scan thoes samples(Y) with most recent IObit security 360 application with default installation database(no updating!) and allow it to remove what it finds this time.

This will leave you with samples that IObit has oddly enough dropped from their database so let call them Z testbed.

Now scan Z testbed with MBAM to get a result =The irrefutable evidence that dose'nt exist according to you

The real evidence is there, you choose not to accept it...I wonder why ;)" }-

That's not irrefutable evidence - what if MalwareBytes really stole those from IOBIT? What is MBAM set up IOBIT? ( I don't believe they did, but you can't call the above "beyond a reasonable doubt" )

Fuzzfas

November 8th, 2009, 12:21 PM

-{ Quote: "That's not irrefutable evidence - what if MalwareBytes really stole those from IOBIT? What is MBAM set up IOBIT? ( I don't believe they did, but you can't call the above "beyond a reasonable doubt" )" }-

With your POV, there would be no pubblically available news/document of "accusation" or "allegedly stole" in the internet, because only a judge can pronounce a verdict on "irrefutable evidence".

Well, the reality is that we live in the age of media and they are full of news where someone makes an accusation and this makes the news without having a judge giving verdict yet or ever. This is also why conviction for slandering exists.

That's how things go. The one who moves first against the other has the initial mediatic advantage.

The difference is that you want to practically keep this all hush hush until it ends up at a judge so that then MBAM can come up and say "We had irrefutable proof and this is why now we can inform you that we won a case against a chinese company". Well, it doesn't go that way! The internet is full of news of accusations BEFORE they end up in Court. You may not like it, but that's how it happens. Think that there are even people who get convicted for murder, their face goes up in tv and then they win in appeal...

Do you see in US news about someone who is described by locals about someone allegedly robbing a bank or a company that accuses some other of intellectual theft? What if it's not true?! What if the man that the police divulges the portrait is actually innocent who happened to be in the wrong place in the wrong time? What if there was no intellectual theft? The answer is simple. You install a "Media Censorship Comittee" who reviews all news that aren't about cases where the accused is convicted "beyond any doubt". Then go make company to the Chinese.

I would have liked to see what have SAS would done, but mind you, with MBAM's budget, if YOU were certain that you are getting ripped off by a CHINESE company. It's all nice and pretty when your other opponent is in USA or say Europe (where laws are more or less similar), within your grasp or if you are rich enough. Maybe if you didn't have the money or the belief that chinese law will protect you, you 'd rather stay quiet and accept your fate and accept the fact that you can't do anything about it. Well, MBAM has another CEO, who's not you.

I know 1 thing. If i were Iobit and i was feeling this is an unjust Witch Hunt or that i was setup or that MBAM stole actually from ME and i was getting the reputation hit i am, because my version of the story doesn't seem to cut it for pubblic opinion, i would a) divulge on my turn my evidence that show that MBAM set me up or stole from me (the product with the older installer containing the same defs is the original, right? So pretty easy to prove who stole who). and b) sue MBAM since like yesterday and destroy them financially.

I would also not change my database.

But that's just me, not being objective.

SUPERAntiSpy

November 8th, 2009, 12:33 PM

-{ Quote: "With your POV, there would be no pubblically available news/document of "accusation" or "allegedly stole" in the internet, because only a judge can pronounce a verdict on "irrefutable evidence".

Well, the reality is that we live in the age of media and they are full of news where someone makes an accusation and this makes the news without having a judge giving verdict yet or ever. This is also why conviction for slandering exists.

That's how things go. The one who moves first against the other has the initial mediatic advantage.

The difference is that you want to practically keep this all hush hush until it ends up at a judge so that then MBAM can come up and say "We had irrefutable proof and this is why now we can inform you that we won a case against a chinese company". Well, it doesn't go that way! The internet is full of news of accusations BEFORE they end up in Court. You may not like it, but that's how it happens. Think that there are even people who get convicted for murder, their face goes up in tv and then they win in appeal...

Do you see in US news about someone who is described by locals about someone allegedly robbing a bank or a company that accuses some other of intellectual theft? What if it's not true?! What if the man that the police divulges the portrait is actually innocent who happened to be in the wrong place in the wrong time? What if there was no intellectual theft? The answer is simple. You install a "Media Censorship Comittee" who reviews all news that aren't about cases where the accused is convicted "beyond any doubt". Then go make company to the Chinese.

I would have liked to see what have SAS would done, but mind you, with MBAM's budget, if YOU were certain that you are getting ripped off by a CHINESE company. It's all nice and pretty when your other opponent is in USA or say Europe (where laws are more or less similar), within your grasp or if you are rich enough. Maybe if you didn't have the money or the belief that chinese law will protect you, you 'd rather stay quiet and accept your fate and accept the fact that you can't do anything about it. Well, MBAM has another CEO, who's not you.

I know 1 thing. If i were Iobit and i was feeling this is an unjust Witch Hunt or that i was setup or that MBAM stole actually from ME and i was getting the reputation hit i am, because my version of the story doesn't seem to cut it for pubblic opinion, i would a) divulge on my turn my evidence that show that MBAM set me up or stole from me and b) sue MBAM since like yesterday and destroy them financially.

I would also not change my database.

But that's just me, not being objective." }-

Yes, you are correct [said in robot voice]. Is that better? :)

You aren't objective, so I completely understand your point of view.

Fuzzfas

November 8th, 2009, 12:38 PM

-{ Quote: "Yes, you are correct [said in robot voice]. Is that better? :)

You aren't objective, so I completely understand your point of view." }-

Maybe i am not objective. But at least, i use arguments to reply, not fireworks.

SUPERAntiSpy

November 8th, 2009, 12:43 PM

-{ Quote: "Maybe i am not objective. But at least, i use arguments to reply, not fireworks." }-

I have stated my opinion very clearly. I am not using fireworks - they are fireworks to you because it goes against the mob mentality that you are wrapped up in here.

Fuzzfas

November 8th, 2009, 12:48 PM

-{ Quote: "I have stated my opinion very clearly. I am not using fireworks - they are fireworks to you because it goes against the mob mentality that you are wrapped up in here." }-

Whatever. Both you and i have stated our opinions alright and people can judge on their own... Or, wait... do you have irrefutable proof that i have mob mentality??? By whose judge verdict? Maybe i should sue you.

Nah... Internet would be too dull if it was all about irrefutable proof, wouldn't it... (Half of Wilder's threads saying "this products sucks" would be censored).

Fortunately i don't have a product to sell, so even if people think in here that i have mob mentality, in the worst case, they won't talk to me again or will tell me that i am an idiot. I can live with that.

waters

November 8th, 2009, 12:59 PM

As in all things in life ,i am against someone being accused of something serious without irrefutable proof,especially when it comes from the accuser.Maybe someone independent will back it up

Baz_kasp

November 8th, 2009, 01:02 PM

-{ Quote: "As in all things in life ,i am against someone being accused of something serious without irrefutable proof,especially when it comes from the accuser.Maybe someone independent will back it up" }-

I wonder why IOBit won't agree to that in order to clear their name ::)

pandlouk

November 8th, 2009, 01:10 PM

-{ Quote: "Whatever. Both you and i have stated our opinions alright and people can judge on their own... Or, wait... do you have irrefutable proof that i have mob mentality??? By whose judge verdict? Maybe i should sue you.

Nah... Internet would be too dull if it was all about irrefutable proof, wouldn't it... (Half of Wilder's threads saying "this products sucks" would be censored).

Fortunately i don't have a product to sell, so even if people think in here that i have mob mentality, in the worst case, they won't talk to me again or will tell me that i am an idiot. I can live with that." }-
Dear Fuzzfas,

I guess that the frase "Anyone is innocent until is proven quilty beyond a reasonable doubt", has no significant to you.

Let's assume the opposite scenario:
A company (that stole the database of MB) created some internal not malicious files that trigger the "don't.steal.oursoftware" definition of MB.
And had accused MB for stealing their own database. Can you imagine how hard would have to be for MB proving that they are innocent?

Panagiotis

Fuzzfas

November 8th, 2009, 01:34 PM

-{ Quote: "Dear Fuzzfas,

I guess that the frase "Anyone is innocent until is proven quilty beyond a reasonable doubt", has no significant to you. " }-

Dear Pandlouk, you confuse public opinion about news with actual law verdict. The "innocent until proven guilty" is before a judge. Not before public opinion. I myself, don't pronounce "guilty" Iobit, nor have i such power. But between the 2 stories, i am much more prone to believe the one of MBAM. Do i have the right to do so? When you watch tv and you hear about someone accusing someone else , in your mind, do you have the right to believe one more over the other? What if i were wrong? Fortunately i am not a judge! That what are judges for, in that you can overturn public's opinion's wrong impression if you are innocent.

-{ Quote: "
Let's assume the opposite scenario:
A company (that stole the database of MB) created some internal not malicious files that trigger the "don't.steal.oursoftware" definition of MB.
And had accused MB for stealing their own database. Can you imagine how hard would have to be for MB proving that they are innocent? " }-

You confuse again ME (or various blogs/media) with a judge. You also confuse the specific case, with yours, an imaginary case. Pray tell, how is the Windows registry key Hijack.Display settings trapped by MBAM to trap Iobit? What about Anar's comment that there are portions of identical database , while himself tried to propose a contractor as the cause? What about Iobit removing signatures en masse from her database? What about Iobit admitting it was "analyzer's error" and not a setup as you imply? It's a CHAIN of events and behaviour here, not just ONE episode.

To come to your example though, since you don't want to speak of the specific case other with the motto "innocent until proven guilty, so shut the internet down":

1) A company steals "MB's" database, creates an internal false positive with triggers "MB" and has the bold face to accuse the "victim". Basically a huge bluff, where the "offender" wears "sheep's skin" and tries to appear as the "offended", do i got this right?

I think you omit some passages here:

- The "stolen database" will have appeared first on the product's installer from which the database originally comes. I mean, the one who first makes the signatures, will have the signatures first, right? So this would give the ability to the "bluffed" to initially counter the attack by actually exposing that the other has stolen his database first.

- The "internal non-malicious" file, would have to be somehow delivered to the "victim" (MB). Even if we suppose that this was successful (passing analysts' analysis) and tracing (who submitted it and when), MB has still point no.1 as defence. I guess this is also a good reason to actually hire analysts that do analyze samples before just throwing them in the database (i can do that too!). If something is not malware, don't put it, specially since all vendors use "poisoned" definitions-traps.

In any case, the company "MB" would have some cards to play in her favour, even for PR, not conceeding total mediatic victory to the "bluffer". And i wouldn't be prone to believe either side's story.

Baz_kasp

November 8th, 2009, 01:53 PM

-{ Quote: "Dear Fuzzfas,

I guess that the frase "Anyone is innocent until is proven quilty beyond a reasonable doubt", has no significant to you.

Let's assume the opposite scenario:
A company (that stole the database of MB) created some internal not malicious files that trigger the "don't.steal.oursoftware" definition of MB.
And had accused MB for stealing their own database. Can you imagine how hard would have to be for MB proving that they are innocent?

Panagiotis" }-

That doesn't make sense...how can malwarebytes be accused of stealing their own database....if the files are manufactured to trigger a signature a quick static analysis of the file would be enough to uncover any deception...unlike in this case where IOBit pretty much cast their guilt in stone by removing a large chunk of stolen definitions in their panic not to get caught.

pandlouk

November 8th, 2009, 01:54 PM

-{ Quote: "Dear Pandlouk, you confuse public opinion about news with actual law verdict. The "innocent until proven guilty" is before a judge. Not before public opinion. I myself, don't pronounce "guilty" Iobit, nor have i such power. But between the 2 stories, i am much more prone to believe the one of MBAM. Do i have the right to do so? When you watch tv and you hear about someone accusing someone else , in your mind, do you have the right to believe one more over the other? What if i were wrong? Fortunately i am not a judge! That what are judges for, in that you can overturn public's opinion's wrong impression if you are innocent.

You confuse again ME (or various blogs/media) with a judge. You also confuse the specific case, with yours, an imaginary case. Pray tell, how is the Windows registry key Hijack.Display settings trapped by MBAM to trap Iobit? What about Anar's comment that there are portions of identical database , while himself tried to propose a contractor as the cause? What about Iobit removing signatures en masse from her database? What about Iobit admitting it was "analyzer's error" and not a setup as you imply? It's a CHAIN of events and behaviour here, not just ONE episode.

To come to your example though, since you don't want to speak of the specific case other with the motto "innocent until proven guilty, so shut the internet down":

1) A company steals "MB's" database, creates an internal false positive with triggers "MB" and has the bold face to accuse the "victim". Basically a huge bluff, where the "offender" wears "sheep's skin" and tries to appear as the "offended", do i got this right?

I think you omit some passages here:

- The "stolen database" will have appeared first on the product's installer from which the database originally comes. I mean, the one who first makes the signatures, will have the signatures first, right? So this would give the ability to the "bluffed" to initially counter the attack by actually exposing that the other has stolen his database first.

- The "internal non-malicious" file, would have to be somehow delivered to the "victim" (MB). Even if we suppose that this was successful (passing analysts' analysis) and tracing (who submitted it and when), MB has still point no.1 as defence. I guess this is also a good reason to actually hire analysts that do analyze samples before just throwing them in the database (i can do that too!). If something is not malware, don't put it, specially since all vendors use "poisoned" definitions-traps.

In any case, the company "MB" would have some cards to play in her favour, even for PR, not conceeding total mediatic victory to the "bluffer". And i wouldn't be prone to believe either side's story." }-
Fuzzfas, I do not confuse anything.

I am talking about how MB handled the matter. They used the public opinion/impression for making "justice".
This, for a serious company, is simple unaccetable, at least for me...

- And in the example only MB would know the date they released the database signature (good luck in proving that to the public).
- No it would not. The signature is already there for that keygen. The other company would have only to create files to trigger it.

Panagiotis

Baz_kasp

November 8th, 2009, 02:01 PM

-{ Quote: "Fuzzfas, I do not confuse anything.

I am talking about how MB handled the matter. They used the public opinion/impression for making "justice".
This, for a serious company, is simple unaccetable, at least for me...

- And in the example only MB would know the date they released the database signature (good luck in proving that to the public).
- No it would not. The signature is already there for that keygen. The other company would have only to create files to trigger it.

Panagiotis" }-

but its not about the keygen detection....the keygen is what alerted them to the fact that IOBit may be stealing signatures....and the trap definitions and subsequent actions of IOBit prove that they really were stealing the database.....

I am still shocked how many people are willing to have the wool pulled over their eyes and still side with IOBit.

pandlouk

November 8th, 2009, 02:08 PM

-{ Quote: "I am still shocked how many people are willing to have the wool pulled over their eyes and still side with IOBit." }-
Are we nuts? ???
I do not side with Iobit.

But this does not mean that MB or any other company/person has the right to take justice in their own hands.

Panagiotis

Fuzzfas

November 8th, 2009, 02:08 PM

-{ Quote: "Fuzzfas, I do not confuse anything.

I am talking about how MB handled the matter. They used the public opinion/impression for making "justice".
This, for a serious company, is simple unaccetable, at least for me... " }-

That's easy to say for you, i suppose. If you were believing that you were a victim in deed and your opponents were either economically or legally out of reach, what would you have done? Of course it's your right to have done something else, but it's also MBAM's decision here.

You also forget that Iobit has the same opportunity to address the public opinion. And that also has the chance to address a legal system (the american one), which, unlike the chinese one, doesn't go light in slandering and reputation destruction.

-{ Quote: "
- And in the example only MB would know the date they released the database signature (good luck in proving that to the public). " }-

Ah, "MB" is actually MBAM? I thought it was an imaginary company you made up, just for an imaginary case!

To the public i think you can prove the following:

- The date of installer release and its detection compared to when the same detections appeared to the installer of your accuser.
- If you got them from a contractor, the data (documents) of when and from whom you got them.
- Probably more that i don't know.
- If all this results insufficient and want to protect your reputation against public opinion, you stop worrying about satisfying public opinion and you proceed to satisfy a judge.

-{ Quote: "
- No it would not. The signature is already there for that keygen. The other company would have only to create files to trigger it. " }-

I suppose that you mean that MBAM's database will have a real malware detection which will be used to "craft" a signature that will also trigger an in-house detection of a "non malware"-trap signature? Excuse me, isn't that called false positive? I had Twister flag real alternatives at Trojan XYZ. This only means that Twister's detection for real malware, got a cross-reaction for real alternative's detection , which is not malware. In this case, Iobit doesn't say that this is cross-reaction with one of her legit signatures. She says that this is a signature sent to them and added "carelessly" in their database.

Now back to the REAL case , i believe more the version of MBAM, because it's not the case you try to propose...

Fuzzfas

November 8th, 2009, 02:12 PM

I 'm also not sure i got the way in which Iobit's trap signature would force MBAM to detect it as "Don't.Steal Our software". I mean, the name. If you would be so kind to explain it to me more simply, because i don't study IT here.

Baz_kasp

November 8th, 2009, 02:16 PM

-{ Quote: "Are we nuts? ???
I do not side with Iobit.

But this does not mean that MB or any other company/person has the right to take justice in their own hands.

Panagiotis" }-

In this case yeah, I hold out as much hope of a chinese company being pursued through the courts for IP theft as being announced the heir to a large estate in the middle of the countryside. MBAM did nothing wrong. They outed a rogue outfit, and rightly so.. They did not go public with an assumption, but with solid proof, proof that IOBit isn't attempting to seriously challenge because there is no way to wriggle their way out of this now.

SUPERAntiSpy

November 8th, 2009, 02:16 PM

-{ Quote: "but its not about the keygen detection....the keygen is what alerted them to the fact that IOBit may be stealing signatures....and the trap definitions and subsequent actions of IOBit prove that they really were stealing the database.....

I am still shocked how many people are willing to have the wool pulled over their eyes and still side with IOBit." }-

What if MBAM (or another party) set up IOBit and submitted all those definitions and names through IOBit's web interface and the IOBit researchers simply put those definitions in without complete analysis? Sloppy, but not malicious. Now they pulled the product as they are embarassed and have to reevaluate all of their definitions and submissions.

I can GUARANTEE you this happens, and in FACT, with all the parties mentioned here in this thread - why do I know this? Because we have conducted our own tests just to "see" what happens over the years - it happens - submit a fake file that "looks" like a threat by characteristic and most companies don't run it, break it down, and do a full analysis - they just pop it into their definitions - companies don't have the physical time to fully analyze each and every file that comes through.

I know other companies/people have done the same with us, you would be surprised at the stuff that gets submitted - we have had a false positive before because of that exact situation - we fix it and move on - but the point is that it happens and it would be quite easy to set up a company - and once the giant press campaign like this has taken hold the other company would never recover and there would be no way to "prove" anything as the "facts" would appear as such - with electronic "data" it's quite easy to doctor up the results and make anything appear as you want it.

I am NOT saying this "is what happened" here, but there are always two sides to every story and certainly more than one possibility of how things could have happened.

pandlouk

November 8th, 2009, 02:22 PM

-{ Quote: "What if MBAM (or another party) set up IOBit and submitted all those definitions and names through IOBit's web interface and the IOBit researchers simply put those definitions in without complete analysis? Sloppy, but not malicious. Now they pulled the product as they are embarassed and have to reevaluate all of their definitions and submissions.

I can GUARANTEE you this happens, and in FACT, with all the parties mentioned here in this thread - why do I know this? Because we have conducted our own tests just to "see" what happens over the years - it happens - submit a fake file that "looks" like a threat by characteristic and most companies don't run it, break it down, and do a full analysis - they just pop it into their definitions - companies don't have the physical time to fully analyze each and every file that comes through.

I know other companies/people have done the same with us, you would be surprised at the stuff that gets submitted - we have had a false positive before because of that exact situation - we fix it and move on - but the point is that it happens and it would be quite easy to set up a company - and once the giant press campaign like this has taken hold the other company would never recover and there would be no way to "prove" anything as the "facts" would appear as such - with electronic "data" it's quite easy to doctor up the results and make anything appear as you want it.

I am NOT saying this "is what happened" here, but there are always two sides to every story and certainly more than one possibility of how things could have happened." }-
At least someone understands what I'm trying to say...

MBAM's reaction seems like "pandora's box" that just got opened...

Panagiotis

Baz_kasp

November 8th, 2009, 02:26 PM

-{ Quote: "What if MBAM (or another party) set up IOBit and submitted all those definitions and names through IOBit's web interface and the IOBit researchers simply put those definitions in without complete analysis? Sloppy, but not malicious. Now they pulled the product as they are embarassed and have to reevaluate all of their definitions and submissions.

I can GUARANTEE you this happens, and in FACT, with all the parties mentioned here in this thread - why do I know this? Because we have conducted our own tests just to "see" what happens over the years - it happens - submit a fake file that "looks" like a threat by characteristic and most companies don't run it, break it down, and do a full analysis - they just pop it into their definitions - companies don't have the physical time to fully analyze each and every file that comes through.

I know other companies/people have done the same with us, you would be surprised at the stuff that gets submitted - we have had a false positive before because of that exact situation - we fix it and move on - but the point is that it happens and it would be quite easy to set up a company - and once the giant press campaign like this has taken hold the other company would never recover and there would be no way to "prove" anything as the "facts" would appear as such - with electronic "data" it's quite easy to doctor up the results and make anything appear as you want it.

I am NOT saying this "is what happened" here, but there are always two sides to every story and certainly more than one possibility of how things could have happened." }-

But it's not what happened here....IOBit pulled a very large chunk of their database after the allegations (which was basically everything they stole from MBAM).......apart from a very feeble statement promising a legal document and an altered file to try and back themselves up with IOBit have gone very quiet.

Their "malware detection" challenge was suddenly closed: http://forums.iobit.com/showthread.php?goto=newpost&t=4863 as they realised it would expose them once and for all...and all valid questions relating to the allegations are stuffed into a random thread (located here: http://forums.iobit.com/showthread.php?t=4799) in my guess to hide it from visiting users....after reading that whole thread I cannot see one decent answer from any IOBit staff. They ignore the questions and keep saying that its a help forum and that all the allegations must be false.

Fuzzfas

November 8th, 2009, 02:50 PM

I have another one. It's a good one. What IF (and i don't say it happened, but you read everyday about industrial espionage), MBAM has actually paid the chinese analyst in Iobit to incorporate a part of their database to Iobit so that later they can accuse them of stealing it? That would explain easily, the extension (according to Anar) of the chunk AND the common names, plus silly detections like Hijack.DisplayProperties.

And Iobit, only *thinks* that it was an analyst's error on the 3 samples (keygen, rogue, dummy) that MBAM published?

That would explain not only the 3 samples, but also the rest of database according to Anar.

OR

What IF one of MBAM's contractors is playing double agent? Selling the same samples to both of them and with the same names?

OR

What IF MBAM paid a contractor of Iobit to include their database, so to setup Iobit from a source that they would never suspect?

That's why earlier i gave a 10% for Iobit telling the truth. Thinking about it, i 'd raise it to 15%. I might come up with some better ones later.

Fly

November 8th, 2009, 03:16 PM

Maybe it's not about 'justice'.

What is justice ? A legal verdict, proven in a court of law ? >>>> snip <<<<

Or is the issue that IObit has been caught with MBAM's database and been shamed into withdrawing MBAM's work from its own products justice ? There is plenty of evidence, both from MBAM and IObit to form an opinion. I think people are entitled to that information.

Scoobs72

November 8th, 2009, 03:27 PM

In Scotland a jury can reach a "guilty, not proven" verdict. That is perhaps the most appropriate decision at this stage. The circumstantial evidence is strong, but it is not proof.

JohnnyDollar

November 8th, 2009, 04:05 PM

Well let us all install Iobit and use their product. Let us all support Iobit. I mean after all they haven't been proven guilty in a court of law right? So we need to just ignore the evidence and actions taken by Iobit. We should ignore our instincts. Shame on MBAM for revealing this to us. They should have dragged this through the legal process for about 5 years spending lots of money and time and energy into it. Then and only then if Iobit is proven guilty should we be informed about this whole issue. Come on give me a break.

Fuzzfas

November 8th, 2009, 05:14 PM

http://news.softpedia.com/news/Malwarebytes-Accuses-IObit-Plays-Dead-126389.shtml

-{ Quote: ".
.
Before we begin, we'd like to note that, in order to be fair and give everyone involved a chance to express their point of view, we also sent a set of questions to IObit for a similar interview. We have received a short response from one of the company's representatives, making it clear that the vendor had more important software development-related tasks on hand than to continue responding to Malwarebytes' accusations.
.
.
" }-

Well, they sure don't try to help their "public battle" over there in Iobit...

SUPERAntiSpy

November 8th, 2009, 05:23 PM

It's quite interesting how the mob mentality is here - I am curious to see who the next victim is! Do you guys have a secret handshake or anything? :)

( just kidding )

It really is interesting that anytime anyone, including myself, brings up the potential that IOBit may not be the direct theives that MalwareBytes has accused them of publicly, you all revolt - is it not possible people can be wrong?

No matter what now, IOBit will never recover from this and MalwareBytes as forced out a competitor who received higher reviews.

Fuzzfas

November 8th, 2009, 05:33 PM

-{ Quote: "It's quite interesting how the mob mentality is here - I am curious to see who the next victim is! Do you guys have a secret handshake or anything? :)

( just kidding ) " }-

It is even more curious this obsession of yours with MBAM coming to get you next. I hope you don't see nightmares about that. ;D

Do you have a dart board with Marcin Kleczynski's face in your office? (just kidding).

-{ Quote: "
It really is interesting that anytime anyone, including myself, brings up the potential that IOBit may not be the direct theives that MalwareBytes has accused them of publicly, you all revolt - is it not possible people can be wrong?

No matter what now, IOBit will never recover from this and MalwareBytes as forced out a competitor who received higher reviews." }-

I think that it is interesting, that you, a fellow American of Klezinsky, instead of worrying more about the possibility that your fellow MBAM (which you care for and you 'd be ready to help into uncovering this act) did fall victim of chinese reverse engineering and that you could be next, instead, all you do is to try to come up with all kind of possible theories and advice about "how i 'd do it", which always involve MBAM setting up someone and worrying that actually MBAM will get you too instead of the Chinese!

How normal is that? ;D

If you were Iobit, wouldn't you sue by the way? (Cause you 've told us all about on what you 'd do if you were MBAM. Why don't you tell us what you 'd do if you were Iobit? Would you reply to Softpedia "i 've other things to do", cleanup your database and go on?.

Fuzzfas

November 8th, 2009, 05:38 PM

The mob is growing... Softpedia, Download.com, Major Geeks, Bill Pitlovany, Alex Eckelberry, hphosts (http://hphosts.blogspot.com/2009/11/iobit-steals-malwarebytes-intellectual.html), etc.

All these are the part of the "mob", because apparently they see more probable that MBAM is telling the truth...

You have a US small vendor, which under US law if lying risks total destruction making a claim. The majority of people around, after hearing the Iobit version, tend to think that the US vendor is telling the truth.

The other side is also chinese, which makes him more fortunate under his country laws as far as severity goes and has even links to live porn in his domain. It is also well known that the issue of copyright infringement there is rampant, exactly because the laws are loose or not applied in practice.

Then, you have another American vendor, who all that he can think of , is ways that MBAM has set up the chinese to make them fall into a trap, in order to gain pubblicity and worries that he can be next.

I know i am not objective, but i find all this weird. If i were another American vendor, i 'd be less prone to propose so many theories that only presume MBAM seting up someone and instead i would think first "What if the chinese did that and they get me after MBAM too?!".

But that's just me.

SUPERAntiSpy

November 8th, 2009, 06:04 PM

See, typical mob - you are turning this into American vs China. At no point did I say, nor indicate, I was for IOBit or am anti-american - that's how this stuff starts - I won't tolerate that at all. I am an American, and also respect those from other countries. If someone stole from me, it would not matter to me what country they were from and I won't stand beside someone just because they are from America if they are in the wrong. Are you going to start taking a race pole now as well so you can further the mob mentality?

As for the comments above regarding Marcin, why would I have a picture of a fellow businessperson as a dart board? You keep trying to turn this into "us vs them" - it's not. I have always had polite communication with Marcin and other members of the team and will continue to do so - I respect them as a busines in the global internet world.

The points I have been bringing up are not related to who IOBit is or who MBAM is - it is an observation of how the "situation" was handled and how if a non-guilty person was on the receiving end how their lives would be destroyed - for some reason, some of you can't seem to grasp that is all and keep trying to turn this into a "us vs them" situation.

I guess it's pointless to try to get anyone to look at the situation vs the parties involved. It's all based upon opinion - you can't back down on your initial stance now - I get it.

Baserk

November 8th, 2009, 06:16 PM

-{ Quote: "
It really is interesting that anytime anyone, including myself, brings up the potential that IOBit may not be the direct theives that MalwareBytes has accused them of publicly, you all revolt - is it not possible people can be wrong?
" }-

Hi Nick,
To answer your question, yes sure, folks at MBAM could be wrong.
I guess it would require a sort of 'man-in-the-middle' scenario where MBAM and IOBit would have been duped.
MBAM seeing it's intellectual property stolen (and blaming the wrong person/entity) and IOBit unknowingly tarnishing it's own reputation (by acquiring stolen data).

But don't you think that MBAM would have taken such a scenario into account before placing IOBit publicly on a scaffold.
And that they have excluded that scenario from all (likely) options considered?
What would be the point for MBAM to go public (like they did) if they didn't feel very, very sure about their accusations?
Being an American company they can be sued into oblivion by IOBit if they were found to be mistaken.

Still, I can appreciate your POV, that a mere accusation on the internets can be enough to completely destroy someones reputation and therefore one must be able to discuss the needed level of restraint.
Also, taking part in the discussion in this thread requires courage because you can easily be accused of trying to profit from all this.

(Are you by any chance the man-in-the-middle perhaps, like with a 'Spectre Kink So'-nickname? j/k of course ;))

Fuzzfas

November 8th, 2009, 06:21 PM

-{ Quote: "See, typical mob - you are turning this into American vs China. At no point did I say, nor indicate, I was for IOBit or am anti-american - that's how this stuff starts - I won't tolerate that at all. I am an American, and also respect those from other countries. If someone stole from me, it would not matter to me what country they were from and I won't stand beside someone just because they are from America if they are in the wrong. Are you going to start taking a race pole now as well so you can further the mob mentality? " }-

Bravo! Bravo! Great performance. After the evocation of Witch hunt, the mob, now we have "anti-american" and "racism". All very colourful and sentimental. Throwing the race thing was a very nice touch.

I am not turning that at all in USA vs China. I am using FACTS, in a chain, which explain while the majority of people end up in the "mob" and not in your "absolution" or "MBAM is seting up" mob. Amongst these FACTs, is also the FACT that US law will come up on you heavily if you are destroying a reputation, while chinese law isn't exactly pursuing copyright like mad. It is also a FACT, that reverse engineering is much more widespread in China than in USA.

The above, ADDED to the way the 2 companies presented their thesis, is what makes more plausible the one version over the other. I tell you that, so that you can stop asking yourself in vain "Why is the wrong mob winning and not mine!".

-{ Quote: "
As for the comments above regarding Marcin, why would I have a picture of a fellow businessperson as a dart board? " }-

Why would i have a secret handshake with "them" (them is MBAM?). We were joking, remember? ;D

-{ Quote: "
You keep trying to turn this into "us vs them" - it's not. I have always had polite communication with Marcin and other members of the team and will continue to do so - I respect them as a busines in the global internet world. " }-

I keep trying to turn this? It's you that came in with the "pubblicity stunt theory" and keep repeating that they took down a better product than themselves and that you worry you may be the next on the list! ;D +

If you don't believe me, go to the poll section and start a poll : " I am Nick, after reading this thread, do you think that i like MBAM"?

See the results on your own. Or do you want me to start it? No, because either I am trying to make you appear having an issue with MBAM or it's you that really gives that impression.

-{ Quote: "
The points I have been bringing up are not related to who IOBit is or who MBAM is - it is an observation of how the "situation" was handled and how if a non-guilty person was on the receiving end how their lives would be destroyed - for some reason, some of you can't seem to grasp that is all and keep trying to turn this into a "us vs them" situation.

I guess it's pointless to try to get anyone to look at the situation vs the parties involved. It's all based upon opinion - you can't back down on your initial stance now - I get it." }-

Yes, it's all based on opinion. Opinion unfortunately, is something you can't take away from any thinking person. Be it right or be it wrong, that's how it is. If you don't like the opinion others form about you and you want to show them they 're wrong, you go to court, because the law is not an opinion. (well, technically it is, because a judge interprets a law and 2 judges can give 2 different judgments, but as far as public opinion goes, you are covered).

P.S: I am proud to be in the same mob mentality with Bill Pitlovany, a man of the software world that i admire for his moral integrity.