Antivirus programs are way too inaccurate to be used authoritatively, especially for developers. It’s not uncommon that some virus will use a well-known open source library or packaging tool, and then the antivirus decides that any binary with that same library or stub from that packaging tool must also be a virus. When your program depends on it, if you can’t turn the AV off or make an exception, you’re just fucked. Also, programming is an iterative process. Make a small change, test, repeat. Requiring that developers upload and wait for a scan from some third party for software that they compiled locally and have no intent to distribute is a giant waste of everybody’s time, especially the developer’s. It’s a huge drag on productivity for the sake of bureaucracy.
Nah, the heuristics shit picks up a shedload of nothing as dodgy sometimes. No-one submits work in progress stuff to be accepted with the antivirus providers to bypass that. Only final versions.
Don’t have a problem where I work. Likely the choice of antivirus, or they’re whitelisting our development folders automatically.
When apps have code obfuscation in use, injects into dlls, and has detection for when running in a vm when it has no business doing any of these things then yes I think I can complain to the devs about it.
Why is the antivirus software detecting my Cortex-M3 binaries as dangerous to an amd64 computer? Happens on Windows 7 through Windows 10, across 3 different employers.
And how do I submit my builds to Virus Total if they’re getting deleted as soon as they come out of the linker?
As a sysadmin I have so many devs asking me to set up antivirus exceptions for their apps, disable UAC, run the service as full admin, etc
Hell no. Submit your shit to virus total and learn how to program.
Antivirus programs are way too inaccurate to be used authoritatively, especially for developers. It’s not uncommon that some virus will use a well-known open source library or packaging tool, and then the antivirus decides that any binary with that same library or stub from that packaging tool must also be a virus. When your program depends on it, if you can’t turn the AV off or make an exception, you’re just fucked. Also, programming is an iterative process. Make a small change, test, repeat. Requiring that developers upload and wait for a scan from some third party for software that they compiled locally and have no intent to distribute is a giant waste of everybody’s time, especially the developer’s. It’s a huge drag on productivity for the sake of bureaucracy.
I’m quite sure the guy above is not talking about devtest environment, but production deployments…
Nah, the heuristics shit picks up a shedload of nothing as dodgy sometimes. No-one submits work in progress stuff to be accepted with the antivirus providers to bypass that. Only final versions.
Don’t have a problem where I work. Likely the choice of antivirus, or they’re whitelisting our development folders automatically.
Windows defender is a Little jumpy though when it comes to self compiled software other than Visual Studio‘s
You clearly don’t know how programming works. Or how idiotic most antivirus software is.
When apps have code obfuscation in use, injects into dlls, and has detection for when running in a vm when it has no business doing any of these things then yes I think I can complain to the devs about it.
Why is the antivirus software detecting my Cortex-M3 binaries as dangerous to an amd64 computer? Happens on Windows 7 through Windows 10, across 3 different employers.
And how do I submit my builds to Virus Total if they’re getting deleted as soon as they come out of the linker?