Sign in

Researcher’s footnote: Pinky promise our software is safe, allow us past your antivirus please?

An all too common line for all sorts of software.

Here’s an interesting thing I’ve noted on between my headaches, FAQ’s and service desk interactions. I stumbled onto this all too common line and thought for a moment. “Permit our software to bypass your A/V software please.”

Well sure thing. It’s probably a false positive right? The software is just there to be annoying right? What is this actually teaching people about their AV software’s effectiveness? It’s teaching them to throw it in the trash, because our use case testing is for wankers.

This I feel is part lazy and part misleading about software downloaded from the internet, especially software that comes from places where cheat engine, piracy and other MD5 hash repeating exploits can linger. If you tell people that your software package is safe no matter where it comes from, you’re not just saying they don’t need to worry about it, but they also don’t need to worry about where it came from.

The ethics involved about giving pirates access to the tools isn’t what I’m discussing here, rather that the presence of so many mobile app stores that proposed being the best like “apkpure” are just front ends for “Nuked warez.” The term is quite dated, but the problems are still quite real. Legitimate software, manipulated, re-hosted and teeming with malicious code.

In short, the problem is

1. The myth that AV software/endpoint protection is a nuisance that serves no purpose.

2. Users won’t know the risks involved with downloading ‘Nuked Warez’ software from untrusted sources.

Over the years this risk has been offset to every other party, from chrome’s warnings on unknown software to google’s developer source option. This kind of instruction may in fact give people a green light to ignore all of that. It’s frankly embarrassing. So what do we do?

A shift from “trust this thing always” to “make sure it came from the app store/this webpage/our trusted vendors” is all that needs to be said. This small tweak can change people’s minds in a big way.

Web security blogger, Lifelong IT learner, Community first