Hacker News new | past | comments | ask | show | jobs | submit login

'For the vast, vast majority of its customers, keygen files are going to be malware.'

That's just not true though. They have the ability to detect malware. What they are doing is blindly labeling anything reslembling a keygen as malware , for no valid reason. This also doesn't just apply to Defender.




> What they are doing is blindly labeling anything reslembling a keygen as malware

First of all, that's not true. You can test it: create an empty file and name it keygen.exe. It won't get deleted.

The code inside the file has some similarly to one of the hundreds of thousands of malware used to train Defender, and there's a false positive.

None of that matters, though, because you can just not use it if it causes problems for you.


The problem is that "the hundreds of thousands of malware used to train Defender" include keygen files that do not have any malicious behavior and just generate keys, mixing them together with actually malicious keygens that e.g. try to install some rootkits. It's not a false positive mistake, it's a whole class of intentionally misleading false positives, censoring a type of not-malware that is not wanted by Microsoft but potentially desired by users.


Found the Windows Defender dev




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: