• 0 Posts
  • 5 Comments
Joined 1 year ago
Cake day: September 3rd, 2023
  • lol@discuss.tchncs.detoPiracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ@lemmy.dbzer0.comBlockTheSpot compromised or false positive?English
    0·
    3 months ago

    Not the whole code but only the part that triggers those flags. Not everyone is versed in C to “verify the code” himself…

    You don’t say. And the developer they don’t trust pointing to some piece of code and telling those people who cannot understand it themselves that it’s not malicious achieves anything?

    If it’s a false positive there isn’t even anything to show in the first place. Nobody but the antivirus vendors know for sure why something triggers a false positive.

    That’s a stupid take, It’s like saying to a toddler to change his diapers on his own when it’s dirty.

    It’s like a toddler telling you you’re changing their diapers wrong and expecting you to explain to them what you did wrong even though you did everything correctly and the toddler doesn’t know anything about changing diapers in the first place.

  • lol@discuss.tchncs.detoPiracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ@lemmy.dbzer0.comBlockTheSpot compromised or false positive?English
    0·
    3 months ago

    Seems strange that the dev seems to be keeping quiet on this, no?

    It’s only been a few hours since the issue (I assume you’re referring to) was opened. The developer could be in a different time zone or on a vacation and not respond for a few weeks. People are not entitled to a (quick) response.

    Though I haven’t followed this project long enough to tell if this is just the way they normally behave.

    Looks completely normal to me. The tool works by pretending to be some DLL loaded by Spotify, providing the same functionality as the original library, but also modifying Spotify’s behavior to block ads. It’s easy to see why anti virus software would flag a modified DLL, injecting unknown code as suspicious, especially if the same DLL might have previously been used by some malware to inject malicious code.