Feeds

Articles about False Positives

The zone where Australian planes are searching for MH370 debris

MH370 'pings' dismissed as false positives

A US Navy official has gone on the record as saying that the “pings” first thought to have come from missing Malaysian Airlines flight MH370 probably weren't from the aircraft's black box – and has almost immediately been spurned by his bosses. Back in April, Australian prime minister Tony Abbott held a press conference in which …
Artist's impression of an exoplanet orbiting a star in the cluster Messier 67

Exoplanets' chemicals may give false-positives for life, boffins say

Astronomers and exobiologists looking for spectral signatures as indicators of life might be chasing a chimera. That's the gloomy conclusion of a study published at PNAS, which says inferring the existence of biospheres on exoplanets “might be beyond our reach in the foreseeable future”. Since all we know about exoplanets is …
Spam

Security rEsrchRs find nu way 2 spot TXT spam

Symantec boffins reckon it's no longer enough to shield e-mail users from malicious email and that spam and phishing over SMS are now worthy of some decent defences. They've even penned a study to back up the proposition, suggesting that SMS spam could be 97 per cent detectable with a false positive rate as low as 0.02 per cent …
The Register breaking news

Avast false alarm hits Steam's weekend gamers

Freebie anti-virus scanner Avast falsely identified an executable associated with the popular Steam gaming platform as a Trojan on Sunday. The snafu, which persisted for around 90 minutes, meant that SteamService.exe was wrongly identified as a Trojan (specifically Trojan-gen) and sent to quarantine. Judging by posts on Steam …
John Leyden, 06 Feb 2012

Check your Clungene, Irish women warned

Ireland's Health Products Regulatory Authority (HPRA) has advised any woman who's trying to get pregnant to check her Clungene, if indeed she's using the Chinese pregnancy test kit to confirm she's up the duff. In some cases, the product has been providing false positives, so just when you think your Clungene is telling you …
Lester Haines, 07 Aug 2014

IEEE expands malware initiatives

Standards body the IEEE has launched two new anti-malware initiatives designed to help software and security vendors spot malware that's been inserted into other software, and improve the performance of malware detection by cutting down on false positives. The organisation's Anti-Malware Support Service (AMSS) is designed to …
Mozilla Firefox

Lazy sysadmins rooted in looming Mozilla cert wipeout

Mozilla is about to revoke some weak X.509 PKI certs, and has warned sysadmins that it will affect the Firefox browser and they'll need to assess their infrastructure. The four affected root certificates from Entrust and ValiCert are marked for removal because they contained weak keys. A further seven from CyberTrust, Thawte …
Darren Pauli, 20 Aug 2014
apple mac malware vxer

Mac security packages range from peachy to rancid – antivirus tests

Independent tests of Mac antivirus products have discovered that the effectiveness of these security packages runs from a risible 20 per cent to an unimpeachable 100 per cent. German security lab AV-TEST.org put 18 free and paid-for Mac OS X security products and services to the test, discovering widely differing performances in …
John Leyden, 04 Sep 2014
The Register breaking news

Sophos says sorry over Google Analytics false alarm

Sophos has apologised after its security screening technology went awry and began falsely warning users when they visited websites running Google Analytics. The false positive - which identified web content served up from google-analytics.com as malicious code (specifically HTMLGen-A) - kicked in at around 05:15 GMT and …
John Leyden, 10 Jun 2011

FireEye enters crowded IPS market

Late last week, FireEye took something of a plunge, throwing its hat into the ring of the crowded intrusion prevention system (IPS) market, with a beta of software that adds IPS capability to its virtualised MVX environment. With the IPS to be made available as a license add-on for the company's NX network threat prevention …
Our happy travellers surrounded by armed police at LAX

New BOMB detect-o-tech 'could give sniffer dogs competition': TRUE

Researchers working on a new type of bomb detector technology have made the rather underwhelming boast that their kit "could soon give bomb-sniffing dogs some serious competition". “Bomb-sniffing dogs are expensive to train, and they can become tired,” said study co-lead author Ren-Min Ma, one of the boffins who came up with the …
Lewis Page, 21 Jul 2014
windows 7 image

Redmond is patching Windows 8 but NOT Windows 7, say security bods

Microsoft has left Windows 7 exposed by only applying patches to its newest operating systems. Researchers found the gaps after they scanned 900 Windows libraries and uncovered a variety of security functions that were updated in Windows 8 but not in 7. They said the shortcoming could lead to the discovery of zero day …
Darren Pauli, 06 Jun 2014

Zoom out for a view of malware, say boffins

One of the reasons malware gets past corporate defences is that a single HTTP request can look perfectly innocent. However, according to research to be presented at a security conference next week, those requests reveal themselves if the defender takes a “big picture” view. According to research to be presented at the Internet …
Artist's conception showing the inner four planets of the Gliese 581 system. GJ 581g, potentially habitable, is in the foreground. Credit: Lynette Cook/NSF

ANGRY ALIENS hit by BEBO SPAMGASM probably don't exist

The world is breathing a collective sigh of relief today as interstellar war with aliens from the well-known prospective "Goldilocks" worlds orbiting the star Gliese 581 has been averted – because the planets don't actually exist. Youtube video of the planets orbiting Gliese 581 In the heady early days of the search for planets …
The Register breaking news

Avira owns up to BitDefender Trojan false alarm

German security firm Avira has admitted it falsely warned that a beta version of an upcoming security package from its Romanian rival was contaminated with a Trojan. Few users outside the testing community would be running Avira and BitDefender 2011 beta 4 at the same time, so the incident is notable only as providing an …
John Leyden, 10 Aug 2010

False positives run amok in Vista anti-virus tests

The first independent tests of anti-malware products on 64-bit Windows Vista revealed a rash of false positives. Of the 20 products submitted for testing to independent security certification body Virus Bulletin, six generated false positives when scanning a set of known clean files. As a result, the product failed to earn …
John Leyden, 03 Aug 2007
The Register breaking news

Security firms plot revamp to minimise false alarms

Increased incidents of false positives have encouraged anti-virus firms to re-evaluate their signature update process. Last week, misfiring updates from Symantec falsely categorised Spotify and Adobe Flash as malicious in two separate incidents. The week before a ropey update from Kaspersky Lab falsely flogged Google AdWords as …
John Leyden, 02 Feb 2010
BBC logo 2012

Heavy VPN users are probably pirates, says BBC

BBC Worldwide, the commercial arm of the BBC that markets its products around the world, has told Australia's government that heavy users of “IP obfuscation tools” are so suspicious that internet service providers (ISPs) should consider them as likely content pirates. The organisation states that case in a submission (PDF) to …
Simon Sharwood, 09 Sep 2014

OpenSSL Heartbleed bug sniff tools are 'BUGGY' – what becomes of the broken hearted?

Software that claims to detect the presence of OpenSSL's Heartbleed bug in servers, PCs and other gear may falsely report a system to be safe when users are actually in danger, according to a security consultancy. This finding is disputed by developers publishing tools that test for the vulnerability. The teams behind Nessus, …
John Leyden, 17 Apr 2014
snowden insider theft security

350 DBAs stare blankly when reminded super-users can pinch data

Enterprises are ripe picking grounds for would-be Ed Snowdens, according to a survey conducted by the Ponemon Institute for Raytheon that found hundreds of organisations did not have policies to limit the amount of sensitive data staff can access. The survey of 700 techies found Snowdens-in-waiting were typically database …
Darren Pauli, 21 May 2014
bug on keyboard

Infosec bods try Big Data in search for better anti-virus mousetrap

Infosec house Panda Security is looking to Big Data and application monitoring as a means to achieve better malware detection. The launch of Panda Advanced Protection Service (PAPS) is a response to the widely known shortcomings of signature-based anti-virus detection as well as a means for Panda to sell extra services. The …
John Leyden, 20 Jun 2014
The Register breaking news

Symantec fires off false alarm on WoW update

World of Warcraft denizens are complaining that an anti-virus update published by Symantec over the weekend falsely labelled a component of the game as potentially malign. Instead of throwing spells or wielding axes, fans of the role-playing game who choose Symantec for their security protection complain that the firms is …
John Leyden, 17 May 2010
Bounty hunters

How much is a security bug report worth to Facebook? About $2,100

Facebook wasn't the first to offer security researchers bounties for reporting vulnerabilities – but the social network reports it paid out $1.5m in 2013 for bug reports, and says it is increasing the amount of cash on offer in the coming year. According to the advertising giant, it received 14,763 reports of suspected flaws …
Iain Thomson, 03 Apr 2014
The Tardis in a field

Time travellers outsmart the NSA

If there are time travellers around, they're being careful not to leave their fingerprints on the Internet. That's the conclusion in a paper published at Arxiv, put together by Michigan Technical University physics professor Robert Nemiroff and PhD candidate Teresa Wilson. They searched the Internet for “prescient” signatures – …

Dodgy Kaspersky update borks THOUSANDS of NHS computers

A misfiring antivirus update from Kaspersky Lab "effectively levelled several networks" last months including systems at Britain's NHS, The Register has learned. A Kaspersky update released on 25 October falsely classified a Windows system file, specifically tcpip.sys, as malign and quarantined it. The procedure left Windows PCs …
John Leyden, 07 Nov 2013
DNA

Bad genes? US watchdog halts 23andMe's handy home DNA test kits

Vanity DNA testing company 23andMe has hit a major roadblock, having been told by the US Food and Drug Administration (FDA) that it must stop selling its personal genome testing kits. Backed by Google and run by Anne Wojcicki, the estranged wife of Google cofounder Sergey Brin, 23andMe has marketed its Saliva Testing Kit and …
Neil McAllister, 25 Nov 2013
The Register breaking news

HSBC Trojan warning tracked down as false alarm

A false alert left users of Kaspersky's internet security software fearing there was malware on HSBC's website last weekend. Users of Kaspersky Internet Security logging onto HSBC's Personal Internet Banking site were incorrectly informed that a malicious file containing the HTLM-Agent-CE Trojan had been loaded onto their …
John Leyden, 17 Aug 2009
Skype iPad

Redmond researchers profile Skype scammers

A group of Microsoft researchers has used supervised machine learning to try and improve detection of fraudulent user accounts. With Skype as their test platform, the group says it was able to achieve 68 per cent successful detection of fake accounts within four months of activity, while keeping false positives down to 5 per …

NASA to programmers: Save the Earth and fatten your wallet

NASA is teaming up with the asteroid-mining wannabes at Planetary Resources to offer $35,000 in prizes in a contest to develop algorithms to detect Near-Earth Objects (NEOs) – asteroids – with the goal of spotting those that might threaten the Earth. Actually, saving our planet from destruction is but one goal of the Asteroid …
Rik Myslewski, 11 Mar 2014
The Register breaking news

New research cuts Kepler's exoplanet count by one third

A new study has shown that the number of exoplanets – planets outside of our solar system – discovered by NASA's Kepler may be inflated by over a third. The Kepler team's "Table of confirmed planets" (their emphasis) in that spacecraft's slice of the sky now stands at 105. According to the criteria used by NASA's Exoplanet …
Rik Myslewski, 07 Dec 2012
The Register breaking news

Malwarebytes declares Windows 'malicious', nukes 1,000s of PCs

A dodgy software update for virus-killer Malwarebytes disabled thousands of PCs before a fix was issued this week. Malwarebytes' database version v2013.04.15.12 erroneously flagged core Windows system files as malicious, resulting in unstable - and in some cases unbootable - machines. Windows system files were wrongly identified …
John Leyden, 19 Apr 2013
Homer Simpson reading on PC

How I poured a client's emails straight into the spam bin – with one Friday evening change

By misunderstanding how a single word was being used, I caused a boo-boo that counts as "really stepped in it this time". After a lot of research and testing, I thought that months of "the spam filter is crap, make all the spam go away" warring with "the spam filter is too restrictive because $client can't send me his JavaScript …
Trevor Pott, 04 Jun 2014
The Register breaking news

Kaspersky defends false detection experiment

Kaspersky Lab has defended its handling of a controversial experiment criticised by some as a marketing exercise of questionable technical value. The Russian anti-virus firm created 20 innocent executable files, adding fake malware detections for ten of the sample, before uploading the files to online online malware scanning …
John Leyden, 10 Feb 2010
Microsoft Security Essentials

Microsoft Security Essentials loses AV-TEST certification

Microsoft Security Essentials, Redmond’s free antivirus tool for home users and business with up to ten PCs, can detect just 64 per cent of zero-day threats when running under Windows 7. That low detection rate has cost it the AV-TEST Institute’s seal of approval, a certification it hands out to products that meet 11 of 18 …
Simon Sharwood, 30 Nov 2012
channel

Review site furious over McAfee SiteAdvisor 'false alert'

A UK business had to fight for two weeks to clear its name after falsely being accused of harbouring malware by McAfee's SiteAdvisor service. SiteAdvisor issued a red alert against software review site tech-pro.net at the start of July. It wrongly claimed the site contained a dangerous download. SiteAdvisor uses a mixture of …
John Leyden, 17 Jul 2008
The Register breaking news

Eset false alarm puts system files on remand

Slovakian anti-virus firm Eset has confirmed that a misfiring virus definition update wrongly labelled Windows system files as infected with malware. As a result of the dodgy definition key files were identified as a virus and shuffled off into quarantine. Eset said it spotted the problem within minutes and released a new update …
John Leyden, 10 Mar 2009
Beached whale

Beached whale Symantec watches revenues recede 7%

Symantec’s latest results show that you can wring more profit out of declining revenues by slashing costs but its not enough to bring you back to growth. Revenues in its fourth fiscal quarter of 2014 ended 28 March were $1.63bn, seven per cent down year-on-year, but net profit jumped 14 per cent to $217m. The full year numbers …
Chris Mellor, 09 May 2014
padlock

Didn't have time to ask about it in our security Regcast? No problem

Our Regcast Security: Knowing what you don't know - and what you can do about it (on demand version here) brought together Raimund Genes, CTO of Trend Micro, and Freeform Dynamics' Tony Lock, chief security nagging officer of the analyst community. They gave us a fascinating insight into how the security landscape has changed …
Tim Phillips, 11 Apr 2014

Google study finds users ignore Chrome security warnings

You're surfing the 'net when Chrome decides not to bring you the web site of your choice, but instead a page warning that the site you'd hoped to visit might be bogus or contain malware. Do you: (a) Click on “Proceed anyway” because you really want to see the cat picture someone Tweeted to you; (b) Click “Back to safety” …
Simon Sharwood, 15 Jul 2013

Admins warned: Drill SSL knowledge into your Chrome users

Admins of Chrome shops unite – your users are dabbling with dodgy SSL, and you must teach them how to be safer online until Google updates its browser. That's the gist of a new report from Google researcher Adrienne Porter Felt and University of California, Berkeley graduate student Devdatta Akhawe, who trawled some 25 million …
Jack Clark, 10 Aug 2013
Professor Eryk Dutkiewicz, Macquarie University

All those new '5G standards'? Here's the science they rely on

The 5G arms race has commenced, but beneath the duelling “my 5G is faster than your 5G” demos, there's serious work going on – and whatever the future of 5G, that work will change the future of mobility one way or the other. With that in mind, The Register spoke to Professor Eryk Dutkiewicz of Macquarie University. In May, …
The Register breaking news

Bank whips out palm-recognition kit - and a severed hand won't work

Italian banking group UniCredit has developed a commercial biometric payment system based on Fujitsu PalmSecure palm vein reader technology. UniCredit selected palm vein reader technology instead of more widely touted biometric technologies, such as fingerprint readers and retina scanners, to underpin a prototype mobile payment …
John Leyden, 06 Mar 2013
Evil Android

Android antivirus apps CAN'T kill nasties on sight like normal AV - and that's Google's fault

Android users expecting Windows levels of performance from Android-specific antivirus packages are likely to be disappointed because only Google can automatically delete dodgy apps on Android devices, say malware experts. Anti-malware bods agree that antivirus programs on Android can’t remove viruses automatically, meaning that …
John Leyden, 17 Dec 2013
The Register breaking news

Sophos antivirus classifies its own update kit as malware

Sophos users woke up to mayhem on Thursday after the business-focussed antivirus firm released an update that classified itself and any other update utility as a virus. As a result enterprise PCs running the application went haywire, generating false positives reporting SSH/Updater-B malware. Sysadmins were bombarded with …
John Leyden, 20 Sep 2012
The Register breaking news

Bonkers MS security update flags Google.com as malign

A dodgy update to Microsoft's anti-virus software on Tuesday meant users of the software were wrongly warned that Google's homepage was infected with the infamous Blackhole Exploit Kit. Users of Microsoft's Forefront corporate security products (here) and freebie Security Essentials scanner software (here) were both affected by …
John Leyden, 15 Feb 2012
The Register breaking news

Avira anti-virus labels itself as spyware

Avira anti-virus detected components of its own application as potentially malign on Wednesday following a dodgy signature update. Avira detected its own AESCRIPT.DLL library file as the previously obscure "TR/Spy.463227" strain of malware. The dodgy AntiVir virus definition file was quickly pulled and replaced with a new …
John Leyden, 26 Oct 2011

Microsoft's security apps still trip up on Windows 8

German independent security firm AV-Test has released evaluations of security software for Windows 8 for the first time, and – not entirely surprisingly – it once again found Microsoft's own products were among the weaker performers. The firm tested its usual batch of 25 antivirus products for consumers, plus eight aimed at …
Neil McAllister, 09 Apr 2013
The Register breaking news

DARPA demos cyborg binoculars to spot the enemy

The US Defense Advanced Research Project Agency (DARPA) reports that field trials of a new threat detection system, which augments cameras with a human operator's brainwaves, has shown remarkable success in spotting potential threats. DARPAs been working on the snappily titled Cognitive Technology Threat Warning System (CT2WS) …
Iain Thomson, 20 Sep 2012

Bit9 wants to bin 'broken' antivirus, install whitelisting tech

Bit9 is using the Infosec show as a launchpad for its move into Europe as part of its wider ambitions to displace traditional antivirus technologies from corporate desktops and data centres. The firm is marketing its brand of trust-based application control and whitelisting as a better way of tackling the growing malware menace …
John Leyden, 24 Apr 2012
The Register breaking news

NASA: There are 17 BEEELLION Earth-sized worlds in Milky Way

Scientists scrubbing up data about starlight from NASA's Kepler telescope have used it to estimate that there are 17 billion other Earths in our galaxy, the Milky Way. Artist's impression of the the variety of planets being detected by NASA's Kepler spacecraft, Credit: C. Pulliam & D. Aguilar (CfA) Artist's impression of the …
Anna Leach, 08 Jan 2013