Question

Dear moderators from ESET,

is there a way to get little presents for adding signatures to the database? I often send undetectable trojans and viruses to the database for analysing...Like for every 100 undetectable virus I or someone else gets a present...is it possible?


of course i'll keep on adding, this is just a small question btw

 

I'm not sure that when you send something via threatsense submission that personally identifiable information is sent along with the sample - but that's a reasonable idea - perhaps an Eset representative could comment.

 

so any comments on this?

 

well, did you send them via e-mail? ...otherwise you won't get a piece of cake.

 

hmm...i prefer apple pies, but whatever, I'll try to contact them

 

We do not provide any gratuity for samples submitted.

 

If every AV vendor did this, imagine the amount of gifts (and the cost of the same) they'd have to send out every day...

 

well, there are many sending perhaps 2-3...10 samples but those sending more than 1-200 samples should be gratuited in a way or another....at least free licenses, no?

 

rewarding people for submitting samples could get dangerous though, it may encourage people to go off to dangerous sites in search of malware.

 

Hello,

The problem with providing any sort of gratuity in exchange for a malware sample submission for a security vendor is that as soon as they do that, they are technically renumerating (paying) someone for giving them malicious software, which opens a whole host of ethical issues.

At a previous employer (an anti-virus vendor) we had a policy of providing anyone who submitted a new, undetected sample of a virus to us with an updated version of our software to detect it and an evaluation license for their computers, but even that is really no longer required since anti-virus companies provide updates several times a day (or, at least, ESET does) as opposed to weekly (or even monthly) updates.

I think that is about the limit of what an anti-virus vendor could responsibly (and ethically) provide to someone who submitted an unknown sample. These days, though, I think one is likely enough to get very quick turn-around so that is less of an issue.

Regards,

Aryeh Goretsky