Logging, Part 3: The Tao of Flow Testing

Of course, unit testing won’t work for every situation. In a bot, sometimes we need to perform actions that we don’t want to run over and over every time we want to run our tests. For instance, if your bot creates accounts on some website, you probably don’t want to create a bunch of accounts just for testing purposes. Don’t worry, UBot Studio still has you covered.

The Tao of Flow Testing

Flow testing has a similar purpose to unit testing, but it differs in execution. Flow tests will
occur in the main flow of your script. instead of running them separately, flow tests will run while your bot is running. Let me demonstrate.

We’ll start with our boilerplate code, including our purpose.

F1

Read More

Logging, Part 2: The Art of Unit Testing

In the previous blog post, we discussed UBot Studio’s new logging commands. I’d now like to explain further implications of the new logging commands, especially the power they give you to automatically test your code.

Writing automated tests is a practice used by the best coders in the world. But even if you’re not a coder at all, tests will make your bots able to withstand anything the internet throws at them. Automated testing is one of the single best practices you can do for keeping bots from breaking, especially when those bots are very large. There are two types of automated tests that we will look at: Unit Tests, and Flow Tests.

The Art of Unit Testing

Another important implication of the changes is that it is now very simple to write unit tests. What is a unit test, you ask? Only one of the most important ideas to come from computer science in the last 20 years or so.

A unit test is a short piece of code that has no purpose other than to ensure some other piece of code is working correctly. By putting a robust suite of unit tests into your code, you can always rest assured that your bot will be as stable and bug-free as possible. This is especially useful for those of us who have created large, complex bots. Trying to make a change in complex code can cause a ripple effect, where one change affects some other bit of code down the line, causing headaches every step of the way. But if you have a good test suite in place, you’ll know right away if something is ever out of place, and you can fix it before it becomes a big mess.

It’s a good idea to keep unit tests out of the main script. The best way to do this is to create a separate tab. Set it to invisible if you need to compile.

Let’s look at what unit testing looks like in UBot Studio. Say we have a simple function:

s1

Read More

Logging, Part 1: Introduction to Logging in UBot Studio

Over the years, the UBot team has watched in awe as the scripts our users created went from small, specific tools, to enormous, complex, multifaceted uBots. As software developers, this left us with an interesting problem: How should large scripts be organized in a way that allows UBotters to keep their sanity? In the latest update to UBot Studio, 5.5.12, we’ve taken a novel approach to begin addressing this question – by turning your scripts into a story.

The human brain is extremely good at managing stories. Our brains are notoriously bad at handling complex mathematical logic and data. So guess which path computer scientists decided to model programming after? The latter, of course.

At UBot Studio, our goal has been to make building applications easier for non-programmers, and also to create smarter ways to understand building programs overall. By introducing a set of smart logging commands, establish, purpose, activity, log, and ui log view, UBot Studio makes building your uBots less like math and more like a good book.

Read More

Who’s Building The Future of UBot? Pt 1

You might have noticed a new release of UBot Studio today – 5.5.13, which introduces some cool new concepts that make testing UBot Studio code a snap (more on those in a blog post later this week). I thought this would be a great time to thank the newest member of the UBot Studio team for working on this, and to introduce him to the UBot community: Say hello to Adam, our new lead developer.

Adam

Adam has been programming since he stopped wearing diapers. Forced to type the code of the games that he wanted to play into his Apple2E from magazines because hard drives weren’t mainstream, he naturally started fiddling to make the games do other things. After choosing to go to computer camp in 3rd grade instead of doing team sports, Adam’s nerd cred was thoroughly established.

 

Before joining the development team taking over development at UBot Studio, Adam was a Senior Engineer at a game development company that built some of the most popular games on the web. You know that facebook game that you get all those super annoying invites from? Adam worked on that. After a brief stint at an online education startup, he decided to go freelance and travel the world a bit. After completing several freelance projects with the UBot Studio team, he is now working closely with me to lead development of future updates to UBot Studio and our future projects. Adam’s enthusiasm, entrepreneurial spirit, and strong insight into programming theories make him a perfect fit for the team.

Seth

Why Your Bot Is Showing Up As A Virus (And What To Do About It)

Over the years, we’ve changed our mind about antivirus software.

Everyone used to need it. Back when the internet was filled with trojan horses, logic bombs, viruses, and malware, virus scanners used to be necessary. Back when you downloaded software willy-nilly and Google didn’t pre-label sites as potentially dangerous, it seemed like within no time at all you could pick up a virus, just by browsing the web.

But since then the need for virus protection has changed. In the Wall Street Journal, Symantec’s own Senior VP for Information Security has said anti-virus software “is dead.” Virus scanning software has become nearly obsolete in the business world, and companies like Symantec, who invented commercial antivirus with the ubiquitous Norton antivirus protection suite, now defend against cyber threats via automated threat forensics (checking network traffic to detect threats early on, for example). Journalists are writing headlines like “Antivirus Is Ailing” and “The Antivirus Era Is Over.” In the last decade, security experts have switched their focus from detecting software on your PC via antivirus products to stopping viruses before they ever get to your computer, and minimizing lost data once the viruses do get there. (In fact, Symantec only has about a 70% success detection rate – so it’s no surprise these companies are moving away from endpoint protection.)

Displeased Face Male

When your AV software tries to remove Skype because it’s “dangerous”.

Many don’t realize how anti-virus scanning works. For example, are more scanners better than one? Virus Total, a virus scanning aggregator, now lists over 50 virus scanners, and many often use this product to test files across many different scanners, but Virus Total specifically recommends AGAINST this: “In VirusTotal desktop-oriented solutions coexist with perimeter-oriented solutions; heuristics in this latter group may be more aggressive and paranoid, since the impact of false positives is less visible in the perimeter. It is simply not fair to compare both groups….Very often antivirus solutions and URL scanners will produce false positives, i.e. detect as malicious innocuous files and URLs. These erroneous detections may severely hinder the business activity/popularity of third party products (e.g. refrain access to a given site, dissuade users from downloading and installing a given application, etc.).”

Virus scanners, even according to the makers of them, often find out about actual problems too late, and often what they detect is a false positive. Some even detect chat clients because they’re productivity killers, and torrent clients because they might be used to download viruses accidentally.

Virus scanners, frankly, are often crap.

So if you ever notice that something you’ve compiled in UBot Studio is being detected as malware or as containing a virus, first, relax, and remember that this is almost certainly a false positive report, and it’s being sent from a dinosaur in a dying industry. Then, follow these steps to fix the problem.

 

Mostly Harmless

Click the “Angel” icon to vote for a file as harmless on Virus Total

      1. If the scanner is on your computer, be sure to add the file to the virus scanners exceptions list. This will let you continue using the file.
      2. Don’t upload your file to VirusTotal. Search for it there using its md5 hash to determine if it’s been uploaded already. This is quicker, and industry experts have told us that uploading your file is one reason that some products are falsely detected. (According to Virus Total, they help “antivirus labs by forwarding them the malware they fail to detect.”) The md5 hash is just a string that helps verify a file quickly. To check the hash, use the command line in Windows or OSX.) If your file is on Virus Total, make sure to vote that it is “Harmless” in the top right.
      3. Read your virus scanner results carefully. Make sure to check any “Additional Information” sections. Take note of any specifically important and ambiguous wording, such as: “While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat.” (Actual language from Virus Total.)
      4. Let the company or companies reporting it as malicious know that it’s a false positive. There are several ways to do this, but the best is to submit a false positive report. This site has a list of where to submit false positives for each company. A short message is all you need to give them in most false positive reports, along the lines of “Dear company, the executable I’ve attached was compiled using UBot Studio. Your virus scanner reported it as containing {virus x}. It does not contain this and this was a false positive. Please refrain from reporting this UBot Studio compiled executable as containing x.”
      5. No, really, tell the virus scanning company that it’s a false positive. Tweet to them. Email them. Post on their forum. Get your friends together and anyone else having this problem, and explain that you compiled the software yourself in UBot Studio, and it is definitely a false positive. If you do this as soon as you notice the issue, you are more likely to get a speedier resolution. Make no mistake – these AntiVirus companies are wrongly accusing you of a crime, and in doing so they may be harming your business unjustly. It is crucial that you do whatever you can to make these companies aware that you won’t be bullied.
      6. Let us know at http://tracker.ubotstudio.com. Be sure to link us to the Virus Total report and let us know the following:
        • Were you including the installer in your compilation?
        • What plugins were included?
        • What virus scanners are detecting your product as a false positive?
        • Include the script, if possible.
      7. Send anyone who might be using your compiled executable an email letting them know what’s going on. Here’s a quick message you can use or modify:

I just got word that the software I made is being detected as a virus by X antivirus program. First of all, let me assure you that it does not contain any malicious script and is entirely safe to run.

Second, I’ve contacted X, the company listing it falsely, and you can follow the progress of this false positive submission here: [Link to your sales page or blog or forum post explaining where the ticket or email is and how they can get more info.]

As you know, virus scanners work by analyzing software for specific actions and potential threats. My software checks with a server when it’s loaded to see if it has to download any additional support files, and this is probably why it’s being detected as malicious. This is known as a “generic downloader” signature and is a common problem for producing false positives. [Here include any ambiguous wording that could help explain that the virus scanner isn’t sure that it’s actually a virus, and maybe even send this link to show that even Info Security professionals have this same problem.]

Sometimes virus scanners help, but often times, they tell you there’s something dangerous on your computer when there really isn’t. In this case, you are totally safe to run the file and I’m working on getting this issue corrected. If you have any questions please let me know. To run the file, simply add it to the ‘exceptions list’ in your AV scanner. Contact me if you need help doing this.

Yours,

Concerned Software Creator

 

Over the years, we’ve worked to make UBot Studio friendlier to AV software, by changing how compiling works and how the calls-to-home work. We’ve done everything we can to keep AV companies out of our business, and out of your business. As a software creator, it is now up to you to take that flag, carry it with pride, and, if necessary, beat a few AV company executives over the head with it.

 

Jason