
Google has finally killed TinyTask - Claudus
https://tinytask.net/
======
Lx1oG-AWb6h_ZG0
Wow, this is fascinating, and extremely disturbing:

“Nobody programs in low-level C anymore, and nobody creates new PC automation
apps. TinyTask is both....so it must be malicious, apparently? To confirm this
theory, here's a simple "Hello World" app written in C, all optimizations
deactivated and zero functionality, and definitely not malware, evaluated by
Google-owned VirusTotal. Yup, multiple warnings”

I can definitely see how heuristics would target programs that weren’t written
on well-known frameworks, so in the goal of protecting people, we’ve
effectively denied ourselves the ability to write programs on the entire
substrate.

I wonder if eventually Explorer.exe and all the other windows core programs
would be considered malware since hey, they’re all written in C/C++ and only
nasty hackers use that, right?

~~~
Gravityloss
Hell, I've seen F-Secure classify Firefox on OSX as malware. I would assume
such common software binaries would have their hashes whitelisted or
something.

------
techdragon
Well this seems to be quite the disappointing outcome. Since the tool looks
like a good complement to AutoHotkey, it’s a shame that it’s going away due to
Google’s automated indifference.

~~~
RMPR
I built something very similar to tinytask
[https://github.com/rmpr/atbswp](https://github.com/rmpr/atbswp)

------
RMPR
Shameless plug, I'm building an open source multiplatforn clone for tinytask
(not as lightweight though)
[https://github.com/rmpr/atbswp](https://github.com/rmpr/atbswp)

------
evilDagmar
This seems a bit histrionic. The antivirus industry has for a /very/ long time
been a hotbed of stupidity. That's not something Google developed. It also
looks like that's where all this nonsense is coming from. Trying to correct it
by just calling out Google will get you nowhere. Google bought the company
that runs VirusTotal in 2014, but they definitely did not build that
monstrosity.

Also, expecting problems of that nature to get wrapped up in just a week is
well... "unreasonably optimistic".

You're going to have to start threatening to sue people, because that system
is more than a little bit incestuous and definitely does not care. Each
antivirus company cares about making the number of detections they can show on
their website larger than everyone elses, and that's it.

A few years back a friend of mine put a keygen (from Adobe, no less) and a
crack (which was a fix for some incompatibilty I forget) up on his non-SEOd "I
don't care" web server so he could more easily get at the files while at work,
because he needed them for work. This wasn't piracy, because these were for a
couple of long out-of-support products running on hardware you'd be shocked to
still see people using (who definitely had the licences but good luck keeping
paperwork in order at a rural public school) but he still had to support these
museum pieces. Fast forward a couple _years_ and Google eventually indexed his
webserver because it was open and someone mentioned it over IRC or something,
and then the antivirus engines looked at it, and that's where things went
sideways.

The antivirus companies are all in a big rush to show they detect eleventy
bajillion more things than the other guy, so several have categories for
anything even remotely bad, like keygens and cracks. Most of these are very
widely known (especially the keygens that have been around for over a decade)
and known to do nothing but spew out a code. The problem here is that since a
couple of the antivirus engines now declared these files to be possibly
verboten because they might be used for piracy (if you were so cursed as to
need decade-old desktop publishing), other, less-granular anti-virus engines
now _also_ return a false positive for "malicious software" because they don't
distinguish (or care) between the different types of "possibly evil" software.
Adding to the confusion is that since a few of these companies use
"heuristics" which amount to "If other engines decided this file was evil,
then we'll just add it to the Big List o' Evil and call it done." Multiple
vendors do this, so over the course of days you'll see more and more engines
"decide" the file is evil, and if they know where it came from it gets even
worse...

Because now there's more and more "professional" engines reporting "eek! A
malware!" of these two fairly innocuous files on this utterly boring dump site
running on a BSD server with all of two user accounts, no offsite passworded
logins allowed, and a deeply paranoid admin, so the algorithms that are used
to determine if a site itself is safe start to drop their ratings... because
_drumroll please_ multiple antivirus vendors have begun detecting malware on
the site.

Now there's other engines apparently decide that this this site has been
getting more and more attention (don't even ask me how the hell this happens
other than some people were really bad at copying homework as kids) and the
number of virus engines that are "finding malware" on it keeps growing, that
it must have been _compromised_. They promptly begin to blacklisting the IP
address_it uses, which also happens to vhost a dozen dinky little websites
used by church groups and reading circles in a relatively rural community. The
idea that it would be compromised is almost laughable because it's barely
being allowed to do anything to begin with.

Yet other people going to different vhosts on the same IP address to find out
the details about their upcoming church picnic or whatever are now getting
dire warnings that the site may have been compromised and it is being used to
ship malware so they should turn back for their own safety. This is also about
the time anything even attempted to contact the actual admin about the
problem, but he's already getting emails from freaked out grandmotherly-types.
He's also getting bounce mail reports because some of those anti-virus engines
will also declare an email to be malicious just because it came from a
"malicious site". This is a pretty spectacular form of madness when you can
see that the email which was rejected for "containing malware" was 100%
plaintext with no attachments, and written by Mutt and doesn't even have the
block of base64 MIME nonsense other HTML-obsessed mail clients do.

So, in short, get some boilerplate together, hit up VirusTotal, and then start
tracking down where these idiot antivirus companies are and begin sending your
own angry emails to _every single one of them that's reporting a false
positive_, because this problem is otherwise _never_ going to go away. The
longer they get to sit with bad signatures matching your binaries in your
database the further that madness will spread.

~~~
scott0129
Both this article and your comment are interesting to hear because in my
experience of talking to those in anti-malware detection companies, the number
that they care about more than anything is reducing their false positive
detection.

This is completely anecdotal, of course, but "The first time you prevent an
executive from sending e-mails because you think Outlook is malware, is the
last time they run your software."

------
adrianmsmith
What is (was) TinyTask?

~~~
Claudus
It’s a very minimal keyboard/mouse macro recorder that always seems to work.
The latest version available is 1.77 which you can still find.

~~~
RMPR
I am building a clone though
[https://github.com/rmpr/atbswp](https://github.com/rmpr/atbswp)

