"Carbon Black Cloud", that's the reason.
No matter what compilation options I tried I never could manage to run my little innocent app in the client's server without this shitty "protection" software blocking it.
In the end I had to redo it in C#. Luckily it was mostly a line-by-line translation with the occasional workaround. Let's say I have now a better appreciation of UFCS, templates, strings as value types and terse syntax in general (but I still prefer block end delimiters)...
Anyway, is there any way to deal with confused "antimalware" software? Have the Nim team talked with them? Obviously they aren't looking in the right place in the binary to decide whether it is malware or not.
Hi and welcome to the forum (although I guess the message looks more like a bye-bye 😥)!
Unfortunately this is a known issue that presents occasionally and where we have struggled to find a solution. I do not think we were able to ever get in contact with anti malware software, the most decisive action that it was taken was to set up a virus checker which checks nim compiler and uploads binary to virus total, see annoucement: https://forum.nim-lang.org/t/9358 and repo: https://github.com/nim-lang/virus_checker
that is a partial solution and also it only takes into account compiler executables. in the repo above is linked a list to contact vendors (https://github.com/yaronelh/False-Positive-Center) but I do not see the one you mention.
I guess one option is to see if there is a way to whitelist or exclude your executable in your specific anti virus software. One possible helpful thread that I could find was this: https://community.carbonblack.com/t5/Knowledge-Base/EDR-Create-Windows-Exclusions/ta-p/111788
some previous threads:
it seems one option that was mentioned and not tested yet was to try and write a blogpost to attract a bit of attention and possibly establish a communication channel. I guess this is still something that we could try. The option to try and contact vendor directly I guess is also an option, although there seems to be quite a few... Anyway I think people should keep reporting these kind of issues, so thanks for caring enough to do that!
I did some research on this and found this article: https://www.hackercoolmagazine.com/category/hacking/bypass-anti-malware/
So the Nim compiler is flagged by AVs, but not the example malware written in Nim.
"Offensive Nim" is the most starred of any other Git repository on GitHub except the Nim project itself. https://github.com/search?q=nim
It was on the front page of HN last month.
I was also surprised by the number of similar repos further down the list.
It's great that Nim's many charms have found an appreciative audience. But it sucks that it's literally preventing adoption for other use. :(
Like there are feasible solutions for the Nim team. The virus scanners should learn to understand the Nim program. Even the mainstream language Golang hasn't had a good solution.
This is a common occurrence, especially on Windows machines, and is almost always a false positive. Commercial virus scanning programs are often confused by the structure of Go binaries, which they don't see as often as those compiled from other languages.
If you've just installed the Go distribution and the system reports it is infected, that's certainly a mistake. To be really thorough, you can verify the download by comparing the checksum with those on the downloads page.
In any case, if you believe the report is in error, please report a bug to the supplier of your virus scanner. Maybe in time virus scanners can learn to understand Go programs.
It's kind of you to report false positives to your virus scanners or write an article to roast them. Not like we don't solve this problem. We simply need more help from affected users.
Like there are feasible solutions for the Nim team. The virus scanners should learn to understand the Nim program. Even the mainstream language Golang hasn't had a good solution.
This is a common occurrence, especially on Windows machines, and is almost always a false positive. Commercial virus scanning programs are often confused by the structure of Go binaries, which they don't see as often as those compiled from other languages.
If you've just installed the Go distribution and the system reports it is infected, that's certainly a mistake. To be really thorough, you can verify the download by comparing the checksum with those on the downloads page.
In any case, if you believe the report is in error, please report a bug to the supplier of your virus scanner. Maybe in time virus scanners can learn to understand Go programs.
It's kind of you to report false positives to your virus scanners or write an article to roast them. Not like we don't solve this problem. But we need more help from affected users.
it is tricky to really get nim repos by star, but using this other search you can see that nitter and vim cubed are actually on the podium. You do still get OffensiveNim at 4th place, 2 other "offensive" repos in the top 30 and many others in the 192 repos with more than 100 stars and marked as done with nim language.
on a funny note I discovered this repo that I did not know about: https://github.com/adeemm/WinAPI-Fun
About antivirus on Windows, as a person who has shipped a commercial windows app that was regularly hit by anti virus. There is almost nothing you can do except wait. Windows antivirus companies mark your program as a virus when you .exe looks different from anything it saw before. The reports do come down after your .exe is shipped to thousands of computers and users unquarantine it manually. Signing the exe with windows keys or uploading your exe to special white lists does not work! We tried. It's just time and install base. Every update changes the exe and AV would flare up again.
Windows antivirus companies are basically a scam and are worse than the protection it offers. They are more likely to mine Bitcoin ( https://www.theverge.com/2022/1/7/22869528/norton-crypto-miner-security-software-reaction ) or man-in-the-middle ( https://www.thesafemac.com/avasts-man-in-the-middle/ ). Antivirus companies have become the bad actors they tried but failed to stop. (https://www.cbc.ca/news/science/antivirus-software-1.3668746 )
I recommend Nim does nothing with regards with AV as there is nothing it can do but wait...
I don't think having the Nim core team spend time on that wild goose chase is a good way to spend their limited resources when even the Go devs at Google can't solve that.
This is really good new: https://github.com/nim-lang/Nim/pull/19767 but unless there are other low-hanging fruits like that, putting your hand in AV vendors bureaucracy and "support tickets" is likely the best way to make mincemeat.
Can users stop writing generic, provocative titles for forum posts like this one ?
He only talks about one script, not about programming in Nim in general. There is about no other arguments or interesting facts about limitations of the language whatsoever.
We made our best for Windows support which doesn't support well the programming community in general and AV circumventing.