New centralized False Positive Reporting site

Discussion in 'other anti-virus software' started by qakbot, Oct 1, 2011.

Thread Status:
Not open for further replies.
Page 2 of 2
  1. jcollake

    jcollake Registered Member

    Joined:
    Dec 6, 2008
    Posts:
    114
    That was one of my better written answers, as I re-read it again and make last edits.

    Look, I just want to make it clear, this site was founded because I know what small software vendors have had to go through. I know the unintentional suffering due to these accidents. The speed of resolution is one thing, but avoidance is an even more important metric - and rewarding those companies who do the best at speed of resolution and avoidance is important. With transparency, consumers can see who cares the most about collateral damage, and who has the fewest false positives.

    A new monitoring service which will be announced soon will show you just how bad the issue is. For instance, check out this image of some older freeware and open source I uploaded to this new monitoring service (in beta) .. I was shocked at the number of existing false positives:

    http://falsepositivereport.org/forum/index.php/topic,172.0.html

    Now, remember, most of these were detected as clean by 40-42 of 43 scanners, indicating the absoluteness that they are false positives, if it was not immediately obvious.

    I thought, "holy cow!!!" - then had to remove most from my site for safety, as they are freeware and open source, so not contributing to putting food on the table, and I don't need 'risk factors'.

    I recently had an argument with a security vendor employee who felt that they had no moral obligation to monitor any feed for their mistakes. It is my opinion that it is their moral obligation to monitor for mistakes (false positives and mis-ratings). If that means setting up a Google Alert or two, or monitor a site feed, it is their responsibility that comes with their field. I monitor my software for bugs, shouldn't they monitor for false positives? Does every false positive need reporting to them before they will take action? Fortunately, several companies have agreed with my position and jumped right into FPR, helping victims.

    Our site has already helped to fix several false positives and/or mis-ratings that were not fixed through traditional reporting methods, I'm proud to say. So far, I have had to delete only one report that I considered invalid, though have denied several other 'complaints' about warnings and such. Our focus is narrow and on only the most egregious examples.
     
    Last edited: Nov 13, 2011
    jcollake, Nov 12, 2011
    #26
Page 2 of 2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...