2
Prove anti-virus software is paranoid by making a program that simply opens and alphabetically sorts a CSV file, that will get flagged as a virus (or malware/spyware/any threat really) when run.
You will be assessed by the following criteria:
Does the cross-platform anti-virus package ClamAV detect it as a threat?
Your code is not actually a virus (if the code looks fishy it will be deducted points)
- Conciseness of code
The specific target for this challenge is the following version of ClamAV with the following virus definitions (current as of the posting of this challenge). Your program must trigger this set of software/definitions to be eligible.
You may wish to use a virtual machine for testing your code.
Latest ClamAV® stable release is: 0.98.1
ClamAV Virus Databases:
main.cvd ver. 55 released on 17 Sep 2013 10:57 :0400 (sig count: 2424225)
daily.cvd ver. 18639 released on 19 Mar 2014 06:45 :0400 (sig count: 839186)
bytecode.cvd ver. 236 released on 05 Feb 2014 12:36 :0500 (sig count: 43)
safebrowsing.cvd ver. 41695 released on 19 Mar 2014 03:00 :0400 (sig count: 1147457)
Andy Rama
Posted 2014-03-19T06:32:00.253
Reputation: 83
1
I'm closing this question because, by community consensus, underhanded challenges are no longer welcome on the site.
– Alex A. – 2016-04-15T03:50:20.4904
Try answering a few questions first to gain a few rep, then post your questions as an answer in the sandbox.
– Justin – 2014-03-19T06:49:21.5772Hi Andy! Given the large number of different platforms and AV software out there, it's difficult to use "Does an anti-virus detect it as a threat" as an objective winning criterion. It would help to limit the target to a specific AV package with specific virus definitions. I've edited your post to use a specific free, cross-platform package. However, even with that clarification, it will help to decide clearly on what you want the winning condition for your question to be and tag it accordingly. Generally, popularity contests encourage creativity while code golf encourages conciseness. – Jonathan Van Matre – 2014-03-19T12:57:13.627
"if the code looks fishy it will be deducted points" The whole purpose of this challenge is to write code that looks fishy. – Kendall Frey – 2014-03-19T13:12:51.920
@JonathanVanMatre I think even with this clarification it doesn't make a good popularity contest. The challenge basically says: write some code which sorts csv (whatever that means) and then hide a malware signature inside this code. That is not very specific and interesting in the main task, namely inserting the signature. – Howard – 2014-03-19T13:15:35.867
@Howard Even so, I am doing my best to practice what I preach.
– Jonathan Van Matre – 2014-03-19T13:17:14.253@JonathanVanMatre It wasn't meant as criticism from my side but merely as a comment. In its current form it is imho no fit for a popularity contest. Currently I don't have an idea how to turn around this challenge and make it suitable. If this question was posted in the sandbox instead maybe someone would have posted an idea how to make it an ok question. – Howard – 2014-03-19T13:27:18.797
2I suggest retagging as code-golf. Shortest code to alphasort a .csv file, trigger ClamAV version <x>, and NOT cause any actual harm wins. This would allow for interesting solutions that mix the signature with the sorting algorithm just so save on bytes. – Rainbolt – 2014-03-19T16:06:50.737
Tag description on [tag:underhanded] says "...does one thing, but, in reality, does something else" - I don't think this meets the criteria of the tag – None – 2014-05-31T18:06:23.740
@professorfish I feel as though it may be a bit late to change parts of the question, considering it has already been answered – Andy Rama – 2014-06-01T15:18:22.350
@AndyRama I'm not asking for the question to be changed, I'm just suggesting that the tags be changed – None – 2014-06-01T16:18:11.473
@professorfish I still beleive it meets those criteria. The program looks like a virus but is not one. – Andy Rama – 2014-06-02T15:09:08.377