back to article ESET rushes to defend rival Malwarebytes in legal war sparked by vendor upset at 'unwanted program' labeling

Last week, fourteen cybersecurity experts, infosec biz ESET, and tech advocacy groups the Internet Association and TechFreedom filed friend-of-the-court briefs urging the US Supreme Court to review a 2019 appeals court ruling against antivirus maker Malwarebytes. The flurry of legal arguments represents an effort to ensure …

  1. Anonymous Coward
    Anonymous Coward

    It's time to break out the popcorn

    See above

  2. HildyJ Silver badge
    Megaphone

    Enigma

    Enigma is known as a company that throws sueballs at sites publishing negative reviews (of which there are many) and Malwarebytes is not the first victim.

  3. ThatOne Silver badge
    WTF?

    Bully protection

    So if I do something objectionable I just have to sue anybody who reveals it? Good to know.

  4. eldakka Silver badge
    Coat

    Only 2016?

    competing anti-threat software can itself be a genuine threat if it contains bugs (e.g. Symantec's Norton Antivirus in 2016)
    FTFY

    1. iron Silver badge

      Re: Only 2016?

      I was surprised they didn't add McAfee to the list.

      1. DavCrav Silver badge

        Re: Only 2016?

        "I was surprised they didn't add McAfee to the list."

        The software or the man?

        1. Anonymous Coward
          Anonymous Coward

          Re: Only 2016?

          Depends... do you live in Belize?

      2. JCitizen Bronze badge
        Megaphone

        Re: Only 2016?

        That is exactly what I was thinking! I finally had to tell my clients that if they insisted on continuing using McCr@py products, then they were just going to have to do without my services!

  5. earl grey Silver badge
    Happy

    i like ESET

    long ago in a far away galaxy, i had a crappy computer with crappier software and downloaded a free ESET to try. Had a question for them and they actually emailed me back within 24 hours. try to get that from just about anyone else unless you are a big $$$ business.

    1. Anonymous Coward
      Anonymous Coward

      Re: i like ESET

      Conversely, I once tried Panda AV.

      The download trial came with out of date signatures that wouldnt update, I emailed them to ask how to update, they said "buy the product".

      Some companies might as well make trial software that only detects the eicar test virus.

      1. JCitizen Bronze badge
        Happy

        Re: i like ESET

        Thank you for that - Panda is the only major AV I haven't tried (I think), besides SOPHOS I suppose.

  6. onebignerd

    Malwarebytes gives a PUP to the command prompt being disabled in gpedit. Granted, it is a tactic used for hacking and infection.

  7. very angry man
    Coffee/keyboard

    the orange one rules

    Try running any software from China!

    i use the iobit package, it works OK,

    malawarebytes sees it as a pup, add it to allow list by folder,

    sees each process as a pup.

    add each process to allow list.

    sees each operation as a pup.

    result

    just ignore results as it pisses me off

    further result, UNTICK AUTO RENEWAL.

    it will expire eventually and no more frustration.

    pity otherwise i like this software.

    1. Anonymous Coward
      Anonymous Coward

      Re: the orange one rules

      very angry man,

      I agree with malwarebytes !!!

      It is doing its job as far as I can see.

      If I had to throw one of the two s/w packages away, I know which one I would choose !!! :)

  8. Harry Stottle

    If only they did something about reports of False Positives

    bit late to this party but I thought I'd put my beef on record.

    I agree, in general, with the overall security brief, that malware detection is one of the vital layers of protection (against known threats). But the bastards are often clearly and egregiously guilty of abusing their position.

    The classic example of abuse by the anti malware crowd is their failure to respond or react to reports of false positives.

    Process Hacker is the instance which riles me most of all. As we speak Virustotal reports that 20 detectors identify it as a threat. This is bollocks, as I suspect a fair smattering of Reg readers are fully aware.

    a) it's open source and has been around since 2008. That makes it instantly more trustworthy than most of the alleged malware detectors

    b) it is in constant use by several thousand, possibly million, reasonably experienced users; a community who would have identified real threats well before the malware detectors got around to it

    Some argue that the Malware hypers are targeting PH because it is better, and certainly more transparent, at detecting illicit hidden processes than they are and thus threatens their own credibility and bottom line. While this is true, it doesn't make much sense. Nobody has the time (regularly) to sweep their system manually, using PH, to find the occasional threat. And users of PH are the least likely netizens to have exposed themselves to such threats in the first place.

    What is really happening, in my view, is that the Malware hypers are - deliberately - conflating dangerous tools (which PH certainly can be, in inexperienced or malicious hands) with actual malicious software. PH CAN be used to damage stuff, (as can hundreds of other software tools) but isn't intended for that purpose. And it's ONLY stuff whose intentions are malicious (or whose code is obviously faulty, like the Norton 2016 example) that should be in their crosshairs.

    The real kicker, though, is that it doesn't matter how many of us ( and I know there are many thousands) report PH as a false positive, NONE of the malware hypers ever acknowledge or react to such notifications.

    For those who have become thoroughly pissed off by the automatic disabling of PH (especially when it's set to replace Task Manager), the way to prevent that is to activate the Admin account and install it as admin. That usually prevents the bastards from mucking about with it. Otherwise you'll find yourself in a constant round of "permitting" or "excluding" it from their overactive and knowingly dishonest "protection"

    And the most dangerous result of this deliberate deceit by the anti-malware crowd is that a sizable portion of the community they should most value (the likes of us) have learned not to trust them. After all, if they can consistently report, as a threat, something we know to be safe, why should we trust any of their other reports?

  9. Anonymous Coward
    Anonymous Coward

    Eset is good and very underrated, and is the only AV that doesn't shove browser add ons up your wazoo.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020