Evaluating Software from the Internet

Recently I’ve been evaluating software for personal and client use

Today Operating Systems tend to have a severe level of distrust toward software downloaded from random locations and you have to explicitly bypass restrictions to allow this untrusted software to run

How do you get a level of confidence to run it? Do you rely simply on your local anti-virus software?

One way to gain confidence in order to run unknown software is to get the opinion of the files trustworthiness from multiple sources.

Checking Software against multiple Anti-Malware / Anti-Virus Engines

https://virustotal.com allows you to check a file or URL against a number of different Anti-Malware / Anti-Virus providers.

Interestingly this can cause some doubt as many will flag it as “Undetected” meaning it’s OK, and then there will be a random provider who will flag it as Malware

So in the end you have to make a judgement based on whether to believe the one vendor engine that marks the software as being malware or the majority who say that threats are undetected

What do you do if one A-M / A-V Vendor says a program is unsafe?

As an example I was using Virustotal to check installation executables and had one instance where the install program was flagged as Malware but after unpacking it and running the individual program files through the check it was happy. So you may need to do something similar also

Conclusion

When vendors don’t agree a particular program is safe it can cast some doubt. Which you will have to resolve for yourself as in my experience false positives do occur reasonably regularly.

But overall, running a check gives the ability to make a semi-informed decision before you commit to easing the default restrictions your operating system imposes on ‘unknown’ files