Should the rule even apply for non-malware?

Discussion in 'malware problems & news' started by Videogamer555, Jan 11, 2012.

Thread Status:
Not open for further replies.
  1. Videogamer555

    Videogamer555 Registered Member

    Joined:
    Jan 11, 2012
    Posts:
    5
    Location:
    USA
    First what rule? I mean this one. https://www.wilderssecurity.com/showpost.php?p=1915286
    What do I mean by non-malware? I mean any program that is NOT malware in the sense that common people use the word, even if those big AV companies have it on their list of programs that their AV software detects as malware. Non-malware means software that absolutely does NOT cause any damage to your computer or files, and absolutely does NOT steal any personal info or crack your login password, etc.

    Joke programs such as joke.train are non-malware. The big AV companies add these programs to their list of software that their AV software removes, just so they can use an advertising pitch involving how much stuff their AV software can remove. Maybe it would be 10000 known TRUE malwares can be gotten rid of with their AV software, and 100 joke programs are removed which means that they can claim their software can remove 10100 different malwares. This means that they can use this ARTIFICIALLY INFLATED number to boost their sales and earn themselves a few extra bucks!!!!

    This is a DISHONEST business practice, and I'm surprised that any legit security advising forum like Wilders Security Forums is actually SO GULLIBLE about this that even WSF here includes joke programs in their own definition of what makes a program malware. How do I know that Wilders forums includes joke programs in their definition of malware? Because when enforcing rules regarding malware discussion on the forums, joke programs get treated as if they were actually malware (even though they are NOT actually malware). The proof that what I'm saying about WSF's rules is true is the fact that my thread here asking for a joke program to be sent to me https://www.wilderssecurity.com/showthread.php?p=2001605 got locked!!!!! This is ridiculous!!!!!

    If anyone on here thinks that treating joke programs as malware is ridiculous (even to the point of enforcing the "you can't distribute malware" rule when it comes to joke programs), PLEASE SAY SO!!!!! It's important that the people in charge here at the forums get to hear what the general public thinks about this phony designation of joke programs being called malware! So all users here who think that joke programs should be released from the same tight restrictions regarding of REAL malware, PLEASE SPEAK UP! The people in charge won't change anything until those who are under their authority SPEAK UP!!!!!!!!!!
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I don't see why joke programs should be blocked. Even if a program does something nefarious like closes all of your windows and puts up another one of its own as long as it's not persistent and can be removed by simply deleted the file what's the harm? The intent isn't to hurt the user so much as to mess with them for 5 seconds.
     
  3. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Wait..what exactly is this about? You planning an April Fools joke a few months ahead or what? The rule is in place so some doofus doesn't get people in an uproar and, inevitably, point their fingers at Wilders. You get some person, who has no idea what's just silly and what is really a threat, and have their windows close up for no reason, you're gonna scare or really tick them off. Also, people in general have for some odd reason become more sensitive these days, and they'll get upset at any little thing.

    Besides, what exactly is the point of posting "jokeware" (if that's a new term, stay away until I get back from the Copyright office, lol).? You saw a LOT of it in the 90s. I can't count how many times my cd-rom tray magically opened, among other funky stuff. But, for a place like this? No. As far as AV companies, it's called covering your butt. That's why so many system tools and harmless keygen/cracks are blocked. They'd rather be safe than sorry, and so should anyone.
     
  4. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    The anti distribution rule you quoted is here for a good reason and it is there to stay. Do not make it a subject of this thread. You are, however, welcome to discuss whether some program should be classified as malware or not. Who knows, AV industry might listen
     
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    His point is that it wouldn't be against the rules for me to post a link to some portable application that does no harm but that there's this disconnect where AVs are labeling "joke" applications as malicious and therefor they should not be against the rules here - they're mislabeled.
     
  6. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    I sorta get that, but again, and especially for Wilders, it's a CYA issue.
     
  7. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    This isn't exactly about jokeware, but it certainly is a joke. Today, I downloaded a tool from Nirsoft, and I performed a scan (using an on-line service). One antimalware application flagged as Nirsoft. o_O This has got to be a joke, right? :thumbd:

    I'd totally understand false positives, but flagging something as NirSoft? Seriously? o_O

    These security vendors should considered jokeware their own antimalware applications as jokeware.

    -edit-

    If these helpful tools from NirSoft ever were bought by Microsoft, for example (at the image of Sysinternals), I'd imagine these situations not to happen (at the image of Sysinternals). Crazy world. But, why not massacre small software, right? It increases detection %. At least they detect something. lol
     
  8. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    The OP was specifically mentioning joke programs though. But as for your issue, like I said, system tools have been an issue with AV programs for a long time. I use Daemon Tools Lite, and if you don't watch it, it installs a toolbar from some unknown company and changes your browser...yet neither my AV nor even MBAM said a word. Try to install a networking tool or something, and WW3 sirens come on. Even I will admit that's a little screwed up.
     
  9. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    If it doesn't have malicious intent, doesn't embed itself into the system, doesn't trick the user into believing its something it isn't, doesn't reproduce on its own... but it's somehow still called malware... why is it against the rules?
     
  10. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    It is apps like nirsoft utilities that are often flagged that is annoying.
     
  11. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Yeah, it does suck. But, I still think it's just them playing the safe side. I don't know, maybe I'm completely wrong. Not all of us are meant to play with tools like these, so blocking them doesn't seem so bad. Those in the know like us, well, we just bypass the warning and place the file/program in the "ignore" section.
     
  12. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I would assume that it's the heuristics picking them up.

    Though I know sometimes they'll label them as "Hack tools" - same goes with software cracks.

    I think it's ridiculous. It's a great way for users to not be able to tell what's malware and what's just illegal.
     
  13. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    For me, that is a huge problem when it comes to the IP blocker in MBAM. MBAM absolutely hates anything system related or might be construed as "shady" (try just surfing to a P2P news website with that thing turned on). That's why I rarely have it enabled anymore.
     
  14. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    says who it is not? Prove it, etc etc. See it is not easy to trust on the net because we cannot check for sure. I know I can trust nirsoft but I don't expect others to take my word for it.
     
  15. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,772
    Location:
    Texas
    Businesses probably don't appreciate joke programs.
     
  16. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    If they were playing the safe side, then pretty much all of them would be flagging Sysinternals tools. They don't. Sysinternals acquisition by Microsoft did wonders. It isn't the same attacking the old Sysinternals, as it is attacking Microsoft. Lawsuits... lawsuits... :D *edit* I stand corrected. One of them detects PsExec as being PsExec!! and another calls the full package (all sysinternals tools) a trojan lol (the latter one, clearly a false positive from the most FP prone antimalware application I've ever seen. *end of edit*

    If your reasoning is/were correct, we'd see detections for Sysinternals as well, as they happened in the past. Nothing has changed in the way those tools work; only who owns them. ;) Only the security vendors themselves know why they don't flag Sysinternals anymore ;), and why they'll keep flagging NirSoft.

    And, to flag NirSoft, just because it's NirSoft o_O, then they should flag each other, considering many of them are what should be considered adware. :D
     
    Last edited: Jan 11, 2012
  17. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I wouldn't. :eek: A call to the IT staff: Hey... the CD drive is opening and closing like crazy! :D
     
  18. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,772
    Location:
    Texas
    While it may be humorous, in this day and age there is really no room for "joke" programs.

    It's hard enough for the anti-malware companies to keep up with the real threats.
     
  19. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    Well, exactly. So, supplying people with copies of "joke malware" which they could then use to fool their friends and coworkers, would be nearly as irresponsible as allowing the trading of real malware.

    A few years ago, a guy in the AV industry had a "joke" that he posted here. It was a simple image that he had changed with a hex editer to add a few signatures that he knew most AV products would alert on. He set the image as his avatar and then all heck broke loose as many members wrote in that the forum must have been hacked because their AV products were alerting them. Yeah, it was real funny.

    So, yes, the rule about trading malware samples will apply to trading "joke malware" that can be used to incite panic and FUD among those who don't know better.
     
  20. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    The one sending it might call it a joke. The recipient might think otherwise. I have an old screensaver that makes your desktop, the webpage, or whatever is displayed at the time melt into a twisted blob at the bottom of the screen. One client asked me for some clean screen savers when I serviced their PC. Not thinking about their potential reaction, I put it in and set it for 5 minutes. The panic call I got that evening convinced me not to give that one away again. Jokes like that are fun for the sender but seldom fun for the target of the joke.
     
  21. Videogamer555

    Videogamer555 Registered Member

    Joined:
    Jan 11, 2012
    Posts:
    5
    Location:
    USA
    The problem with this analysis is that assumes that it's being sent AS A JOKE (rather than as a direct response to a previously made request). If it's REQUESTED by another member, AND it is only joke program not real malware, AND the transfer is made via Private Message containing a Megaupload link (so no other members see it), then there should be no problem. That in fact is what happened in a previous post I made, no problem right? WRONG! A moderator locked my post! That was the MOST AGREGIOUS abuse of power over a JOKE PROGRAM I have ever seen. It's one thing that big AV companies block them, but it's even worse when community groups/forums (who should know better) act as if they really are malware! There were 3 factors in my post that should have meant that combined these factors would make my post perfectly ok:
    1 It was a just a request for software (not me posting something sneaky onto the forum).
    2 The type of software requested was a joke program, NOT malware.
    3 I requested that a link be sent to me over the PM system, so that other members wouldn't see the link, download the program, and then panic (and mistakenly think it's malware) when they ran it.

    I was VERY RESPONSIBLE in how I wanted the transfer handles. Just the mods here (who seem to be in league with the dumb big AV software companies) locked the thread! THEY (the mods here, and the big AV companies who the mods seem to be beholden to) are the ones being irresponsible by BLOCKING and CENSORING what is actually a REASONABLE POST!



    The only type of non-malware that makes sense to flag are keygens/cracks and malware controllers (the software the hacker uses to control malware compromised victim computers). Keygens/cracks are illegal because they let you get commercial software and use it for free. Malware controllers are illegal because (together with the malware they control) they let you cause damage (delete files on) the target computer or intercept personal communications/passwords/private info (via keylogger), which of course is also an illegal activity. If a person who doesn't know what they are doing sees their keygen/crack or malware controller marked as actual malware by their AV software then they will panic and delete their illegal software, preventing them from breaking the law. So it's just a trick used by AV companies to keep people from committing actual cyber crimes.
     
    Last edited: Jan 11, 2012
  22. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    I guess I could answer all of your post with these simple words..it's their forum.
     
  23. Videogamer555

    Videogamer555 Registered Member

    Joined:
    Jan 11, 2012
    Posts:
    5
    Location:
    USA
    I'm pretty sure they can't regulate what gets sent through PMs though.
     
  24. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    I assume it is clear to a casual reader that on the net he/she should always be wary. In majority of the cases the claims how something is good or safe to use are correct and well intended but as we all know there is a minority out there whose intent is less honorary. Thanks to the participants for their comments and as this thread has exhausted its purpose it is closed.
     
Loading...
Thread Status:
Not open for further replies.