Mirror of forum.nim-lang.org

9358 :: The Nim team's latest efforts in mitigating the false postives on the Nim binaries

• DeletedUser (orginal) [2022-08-10T14:02:12+02:00] view original

  The false positives are known problems for the Nim language. As discussed on https://github.com/nim-lang/Nim/issues/17820 which proposes to check the Nim's binaries using CI. https://github.com/nim-lang/virus_checker achieves the goal mentioned by the former request.

  Finished tasks:

  • Scan the latest nightlies release using windows defender
  • Upload the latest nightlies release to virusTotal

  Potiential goals:

  • Scan important packages and upload the binaries to virusTotal
  • Scan open source malwares written in Nim and upload the binaries to virusTotal

  The Nim team has been doing its best. The blame is all on the antivirus vendors and malware writters. Last but not least, contributions are always welcome!

---

• dom96 (orginal) [2022-08-10T14:28:25+02:00] view original

  This is a great start! Thank you for setting this up.

  I think another avenue to pursue here is writing a blog post on nim-lang.org calling out the AV vendors for their poor detection. If we can get that on to Reddit/Hacker News then we stand a good chance of the employees of those vendors to read the blog post and do something about it (or at least tell us how we can resolve this ourselves). Happy to help review/edit such an article.

---