Comment by quantummagic
13 hours ago
> after the download my Windows Defender instantly detecting a virus.
> (because i am often working with programms which triggering the defender i just ignored that)
This again shows the unfortunate corrosive effect of false-positives. Probably impossible to solve while aggressively detecting viruses though.
I think to an extent Microsoft is the guilty party here. For may cracks Windows Defender will trip saying "Win32/Keygen" even if there's no actual malware
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclo...
This trains people that do a lot of piracy to be used to turning off their antivirus to let something through, which is fine until it's not. It's like drugs, if we know a subset of the population will do them no matter what, we should make it safe for them to the extent we can. False positives, causing people to ignore actual positives, creates a market for these things.
Software is the one thing I won't pirate since the risk of installing malware is extremely high. For media files, unless you are incredibly unlucky and someone is exploiting a bug in the media player, you are entirely safe. But for software you have no way of knowing how the software has been tampered with, and often there actually is malware in it.
I mean this is by design? It makes pirates more likely to get malware, and thus normal people more likely to pay for MS products rather than pirate? You may think its immoral but the incentives line up.
But sorta possible to solve with source-based distribution and totally possible to solve with pure reproducible builds.
It's entirely possible to ship malware in source form... Just look at the numerous supply chain attacks. Nix is a cute project but entirely irrelevant here.
It is possible but visible, and it means burning an identity, so it's not irrelevant
What systems have pure reproducible builds? Does Nix? Any others? From what I understand, it is a very difficult problem.
https://stal-ix.github.io/ and Guix, but the definitions of purity are different for them.
Yes, a very difficult problem, compilers must be pure functions with thin effectful wrappers.
If only there were a great Windows app store or a package manager to help with the impossible...