Monday, June 15, 2015

Stick To Detecting Malware And Leave The Keygens To Me

from here

I understand why AV companies detect cracks and keygens as potentially unwanted programs but they really aren't serving home user interests by doing so. The entire "potentially unwanted application" classification seems designed to help enterprises protect themselves from liability. One wonders, then, why that feature isn't exclusive to the enterprise AV products.

2 comments:

Anonymous said...

Working in AV, I can tell you that at least we've never ever even considered spending any effort on detecting cracks or keygens. The thing is, those executables often are crafted in such funky and flamboyant ways that they often end up caught by malware heuristics or even more specific malware family detections.

Naturally we've similarly never considered spending any effort on fixing crack false positives. "John, we've just been informed that we detect the new CoD keygen as malware. Stop whatever you're working on and fix that ASAP!"

kurt wismer said...

well, it's nice to hear that your company (whatever it is) doesn't detect cracks and keygens, but it's trivial to see by searching vgrep that many do and based on the fact that crack and/or keygen appears in the names they're given it's clear that detection of them is not merely by accident due to heuristics.