[tyingq]

It's not clear to me what they could do. In the thread you linked, it's not just the binaries of the various nim executables, but also user generated binaries. And it appears that even signed binaries are getting flagged by some vendors.

I'm guessing the issue is that some malware writers started using nim, and the antivirus vendors then decided to make heuristics that detect nim generated binaries and call it malware.

[PMunch]

This is pretty much it, malware was written in Nim, vendors started fingerprinting those binaries but didn't include any/enough non-malware binaries. This means that the fingerprint is more "this program is written in Nim" and less "this is malware written in Nim".

[GordonS]

Yikes, does that mean scumbags could effectively torpedo any new language, like Zig and Hare, for example?

[snowcorn]

Yes, but it's not like this only happens with small/new languages. Even today, Go-lang binaries will often get detected by various Windows anti-malware software. They even have a section in their FAQ about it [0].

Also, in Hare's specific case, it doesn't _really_ matter as they will never support Windows or MacOS [1], and there isn't a significant presence of anti-malware software on linux distros.

[0]: https://go.dev/doc/faq#virus

[1]: https://harelang.org/platforms/

[maleldil]

Not supporting Mac is a big shot in the foot from Hare. Is this a case of ideology getting in the way of pragmatism, or do they have technical reasons? Singling out proprietary platforms sounds ideological.

[tyingq]

"As other commenters alluded to, it's an ideological and practical decision. We simply prefer free software operating systems. We do not care to legitimize nonfree platforms, and we prefer to be able to read (and patch) the code to understand the tools we depend on. If that's a deal-breaker for you, no worries - Hare does not have to appeal to everyone to achieve its goals."

https://news.ycombinator.com/item?id=31158576

[tyingq]

Hard to say, since we have no idea how the antivirus vendors are identifying nim. Maybe there's something about the fact that nim compiles to C which is then usually compiled by mingw? (You can use compilers other than mingw, but it's the default).

Mingw might have a higher weight for "this is malware". Then you combine that with nim generating code that's common across most nim binaries (the GC, boilerplate symbols, etc).

Then there's perhaps not enough positive signals to offset that, since there's not yet a wildly popular windows app written in nim.

[styeco]

I hope I didn't come off as too aggressive in my original post, I'm not trying to demand anything, or trying to act like I know anything they don't, I most certainly do not. I just love the language so much, I wish I could use it more. The linked issue doesn't show any traction, and other languages used for malware don't have this problem, so I (probably incorrectly) presumed there was a lack of interest to solve this. I apologize if I came off as demanding.

[Tozen]

They have to work with and stay on antivirus vendors more aggressively. You can take new releases and submit them to the antivirus companies to get white-listed. They each have their own processes, but a lot of them allow going to their website and submitting as false-positives, then you can do follow up e-mails.

Probably best to select the top 10 AV companies, to keep the workload down. Per each release, shouldn't be too bad, though likely someone or a group needs to be designated for the task.