Post by SOTE » 12 Mar 2019, 15:49
gwarble wrote: ↑12 Mar 2019, 11:52
Are you sure?
Because antivirus company's main goal is to make money not find known patterns, so they would have an incentive to not flag legitimate software and drive away customers.
This is only speculation, but i hope to some day test it specifically.
My understanding of it, is that a code signing certificate and digital certificate helps with the UAC, not necessarily whether or not an Anti-Virus company will flag it as malware. Without it, the UAC will give the unknown publisher alert, but the Anti-Virus software is not directly tied to UAC alerts.
Since the user has to manually decide if they will proceed with the installation, after the UAC alert, then it's arguably on them. This trust from the user, also has other factors involved. For instance the reputation or trust in the website they are downloading it from or if the company/author of the software is known, not just if the software has a certificate.
Though if your executable has no product name nor file description, it's more likely to be flagged as malware. The UAC alert is not based on what you put for product name and description, but rather if you have a certificate, so these are not related.
Various websites that specialize in software can have their own testing programs, such as Softpedia. They can review and certify that your software is safe. It's not clear to what extent this has pull among the top Anti-Virus vendors, and avoids the software being flagged as malware in the future, but it's likely the website distributing your software will inform you of any problems at the time of their certifying process. But the flip side of this for a software developer is getting bad or lower than expected reviews/ratings from users (or even sly competitors) on that website, to include staff of the website reviewing the software, or their software being lumped in with their competitors versus being displayed solely on your own website without any competition or comparison.
[quote=gwarble post_id=267468 time=1552409531 user_id=106]
Are you sure?
Because antivirus company's main goal is to make money not find known patterns, so they would have an incentive to not flag legitimate software and drive away customers.
This is only speculation, but i hope to some day test it specifically.
[/quote]
My understanding of it, is that a code signing certificate and digital certificate helps with the UAC, not necessarily whether or not an Anti-Virus company will flag it as malware. Without it, the UAC will give the unknown publisher alert, but the Anti-Virus software is not directly tied to UAC alerts.
Since the user has to manually decide if they will proceed with the installation, after the UAC alert, then it's arguably on them. This trust from the user, also has other factors involved. For instance the reputation or trust in the website they are downloading it from or if the company/author of the software is known, not just if the software has a certificate.
Though if your executable has no product name nor file description, it's more likely to be flagged as malware. The UAC alert is not based on what you put for product name and description, but rather if you have a certificate, so these are not related.
Various websites that specialize in software can have their own testing programs, such as Softpedia. They can review and certify that your software is safe. It's not clear to what extent this has pull among the top Anti-Virus vendors, and avoids the software being flagged as malware in the future, but it's likely the website distributing your software will inform you of any problems at the time of their certifying process. But the flip side of this for a software developer is getting bad or lower than expected reviews/ratings from users (or even sly competitors) on that website, to include staff of the website reviewing the software, or their software being lumped in with their competitors versus being displayed solely on your own website without any competition or comparison.