Monday, July 23, 2012

Anti-Malware Vendors - here we go again with another round of FUD...

Over the years, I've been periodically plagued by false positives reported for AxCrypt by various anti-malware vendors. These small-time, opportunistic, shady vendors like Microsoft, ESET, McAfee, Avast et. al. have a long history of just flagging anything they please as malware, and be damned the consequenses.

I am a small one-person operation providing free strong encryption software for personal privacy and security. I have over a decade and perhaps 20 million downloads of faultless operation on record. Nevertheless, at least once a year, these companies start reporting my software as malicious, causing me and my users no end of grief.

Why will not a single one of them just for once take repsonsibility for their actions? I have not received as much as one single communcation from them. Not once. Not when they flag my software falsely as malicious. Not when they rescind that flagging, as they inevitably do when enough users get suspicous and start questioning the reports.

Now, in 2012, it's starting again. This time because I'm trying to make some small revenue using bundled advertisments for other software with the installer in order to be able to spend some more thousands of hours developing free software. For more specifics about that particular choice read here.

As a current example, a recent report from Microsoft concerning the adware bundle AxCrypt uses that is at the time of writing actually a disclaimer of a recent false positive may serve. This causes uncertainty and fear for my users, but what does Microsoft care? Did they ask before flagging? Did they report when they removed the flag?

A different example are some recent reports about my site and my software  from virustotal.com which is even worse, because these guys hide behind the additional screen of being an aggregator - so they don't even have to take any responsibility at all, they're just forwarding information uncritically. This is a free service, so you can't even complain.

What can you as a user do? I don't really know, miss out on great, safe and free software because of fear, uncertainty and doubt seems the most likely case. Or, you may start to at least make your voice heard when these situations arise.

When your Anti-Malware software reports a false positive - demand your money back!

What can I do? I don't know that either. If you have any ideas on how I can protect my reputation and continue to provide free, safe security software - do let me know.

I'm getting tired of this. How much cr*p must I take to write and publish free software for your security and integrity?

3 comments:

  1. I've been using AxCrypt for about one year, and I think the program is great. Thanks for offering it as a freebie.

    I stumbled upon some negative comments regarding your inclusion of OpenCandy with the installer, so I decided to come here for the straight scoop.

    After reading this blog entry, I'm not sure what all the outrage is about.

    Clearly, you offer ways to opt-out of OpenCandy, as well as options to obtain code and installers without OpenCandy. Will some people install OpenCandy either on purpose or by accident? Sure. But as you said, AxCrypt is FREE. There is no harm in trying to earn a little revenue from advertisers.

    The people complaining need to come here to get the full story.

    ReplyDelete
  2. Manda esses caras pra merda. Só querem nos observar.

    Parabéns! O programa é nota10

    ReplyDelete
  3. This comment has been removed by a blog administrator.

    ReplyDelete