reported malware in km extensions

whocares · 28. Apr 2010, 06:58 PM

they are all false positives, and that tends to happen with ahk and autoit compiled scripts. the reason is some inferior antiviruses will easily flag any packed binary without actually scanning its functions or contents because it can't heuristically scan compressed binaries.

i know who you are, going around spreading lies about k-meleon extensions..please read what false positives are. ironically on that same site , he failed to read one important bit:
"Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware"

the thread was removed because he was ill-mannered and extremely vulgar in his post calling the devs the worst things like piles of dung and xxxx and other profanities and not because we are hiding something.

he came and posted again in a better docile language and the post- even though containing false lies about the browser- was not removed.

all extensions in ahk or autoit come with their full sourcecode..if in doubt, you can always examine the code and compile it yourself. i find it really appalling that someone might accuse me or any developer or such codswallop without any facts.

kmeleon developers code without any financial gain and it's one of the few browsers without any search revenue deals with the giant search engines.. if we really wanted to make money, we could have easily signed a revenue deal with google or yahoo, yet we get accused of writing malicious code.

one of the dumb scanners flagged several extensions as 'trojans' ..if you check the code, you'll see they are strictly for k-meleon and they don't even establish any connection which is the first rule of thumb for a virus or a trojan is to send data to a server.

i'm very disappointed in you anupam, you should have known better. they are false positives and you should have quickly dismissed those false accusations. you do know that everything is supplied with the sourcecode for free.

false postives is a common problem with mediocre antiviruses because more and more they are failing in detecting new and very sophisticated viruses so it seems easier for their devs to flag anything they just don't know of. recently mcafee had a huge scandal when it rendered millions of xp based machines useless and sent them into an endless reboot loop when it identified a crucial system file 'svchost.exe' as a virus and quarantined and deleted it.

i'd like to send a message to people like 'anonymous':
in the future, do not dare accuse decent developers of planting malicious code before examining the code and have valid grounds for your accusations.

i advise everyone to read those links
http://www.scmagazineuk.com/mcafee-m...rticle/168521/
http://en.wikipedia.org/wiki/Antivir...alse_positives
http://www.xxxxxxxxxxx/blog/archives/...irus-software/
http://www.securelist.com/en/glossar...gloss153654932
http://www.nirsoft.net/false_positive_report.html
http://blog.nirsoft.net/2009/05/17/a...ll-developers/
http://www.autohotkey.com/forum/viewtopic.php?t=31975

p.s. i tried posting my reply in the original thread but i kept getting spam trigger will not allow it

MidnightCowboy · 28. Apr 2010, 09:47 PM

I can appreciate your frustrations. A lot of the contributors here have to put up with "anonymous" accusations of one form or another on a daily basis themselves, despite putting in more hours on site than a doctor on overtime

To this extent then I guess your own response is measured enough but I don't understand the dig at Anupam who with this...

"You are right. Files for KM Extension Manager are being reported as malicious. I don't know if its a false positive or not"

..clearly states that he doesn't know.

Whilst myself, the mods and other back-room sleuths here try our best to define everything appearing there are limits to what we can achieve. Like you yourself suggest, we could go commercial and pay folks to research everything but it's never going to happen. Consequently our policy is always to respond in a manner we believe to be in the best interests of the site. Subsequent information is always used to re-classify or clarify previous comments if this ever becomes necessary.

Again, I appreciate the passions associated with having your efforts slagged off for no good reason or just downright malicious purposes, but please let's keep anything else appearing here civil and constructive.

Rest assured that nothing will be deleted here so long as it conforms to our content policy.

28. Apr 2010, 06:58 PM	#1 (permalink)
whocares Member Join Date: Oct 2009 Posts: 14	reported malware in km extensions they are all false positives, and that tends to happen with ahk and autoit compiled scripts. the reason is some inferior antiviruses will easily flag any packed binary without actually scanning its functions or contents because it can't heuristically scan compressed binaries. i know who you are, going around spreading lies about k-meleon extensions..please read what false positives are. ironically on that same site , he failed to read one important bit: "Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware" the thread was removed because he was ill-mannered and extremely vulgar in his post calling the devs the worst things like piles of dung and xxxx and other profanities and not because we are hiding something. he came and posted again in a better docile language and the post- even though containing false lies about the browser- was not removed. all extensions in ahk or autoit come with their full sourcecode..if in doubt, you can always examine the code and compile it yourself. i find it really appalling that someone might accuse me or any developer or such codswallop without any facts. kmeleon developers code without any financial gain and it's one of the few browsers without any search revenue deals with the giant search engines.. if we really wanted to make money, we could have easily signed a revenue deal with google or yahoo, yet we get accused of writing malicious code. one of the dumb scanners flagged several extensions as 'trojans' ..if you check the code, you'll see they are strictly for k-meleon and they don't even establish any connection which is the first rule of thumb for a virus or a trojan is to send data to a server. i'm very disappointed in you anupam, you should have known better. they are false positives and you should have quickly dismissed those false accusations. you do know that everything is supplied with the sourcecode for free. false postives is a common problem with mediocre antiviruses because more and more they are failing in detecting new and very sophisticated viruses so it seems easier for their devs to flag anything they just don't know of. recently mcafee had a huge scandal when it rendered millions of xp based machines useless and sent them into an endless reboot loop when it identified a crucial system file 'svchost.exe' as a virus and quarantined and deleted it. i'd like to send a message to people like 'anonymous': in the future, do not dare accuse decent developers of planting malicious code before examining the code and have valid grounds for your accusations. i advise everyone to read those links http://www.scmagazineuk.com/mcafee-m...rticle/168521/ http://en.wikipedia.org/wiki/Antivir...alse_positives http://www.xxxxxxxxxxx/blog/archives/...irus-software/ http://www.securelist.com/en/glossar...gloss153654932 http://www.nirsoft.net/false_positive_report.html http://blog.nirsoft.net/2009/05/17/a...ll-developers/ http://www.autohotkey.com/forum/viewtopic.php?t=31975 p.s. i tried posting my reply in the original thread but i kept getting spam trigger will not allow it

28. Apr 2010, 09:47 PM	#2 (permalink)
MidnightCowboy Site Manager Join Date: Aug 2008 Location: South American Banana Republic, third bunch from the left Posts: 9,250	I can appreciate your frustrations. A lot of the contributors here have to put up with "anonymous" accusations of one form or another on a daily basis themselves, despite putting in more hours on site than a doctor on overtime To this extent then I guess your own response is measured enough but I don't understand the dig at Anupam who with this... "You are right. Files for KM Extension Manager are being reported as malicious. I don't know if its a false positive or not" ..clearly states that he doesn't know. Whilst myself, the mods and other back-room sleuths here try our best to define everything appearing there are limits to what we can achieve. Like you yourself suggest, we could go commercial and pay folks to research everything but it's never going to happen. Consequently our policy is always to respond in a manner we believe to be in the best interests of the site. Subsequent information is always used to re-classify or clarify previous comments if this ever becomes necessary. Again, I appreciate the passions associated with having your efforts slagged off for no good reason or just downright malicious purposes, but please let's keep anything else appearing here civil and constructive. Rest assured that nothing will be deleted here so long as it conforms to our content policy. __________________ Knows nothing and cares even less

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode