Scott Kitterman writes ("Re: Problems with source DVDs."): > There are packages where upstream includes files for testing that trigger a/v > alerts, even though they are safe. Without knowing which files triggered the > alerts, it's almost impossible for us to answer your question.
That might be the cause. However: the PuTTY project has been suffering for some time from being occasionally listed as malware. Notably, for example, the hash of the actual released putty.exe appeared in a malware list. PuTTY's developers complained, and it was removed. The next release, same thing. The problem occurred with many virus checkers. PuTTY were mostly dealing with ClamAV because they have the least horribly-closed process - ie you can actually talk to them and sometimes even get an individual false positive fixed. But AFAICT ClamAV get their signatures from some kind of secret database which you have to sign up to an NDA to get access to. No-one was ever able to explain why PuTTY keeps getting listed as malware. In IRL conversations with Simon Tatham he had a number of theories about how this might occur by accident, but I have to say I didn't find them plausible. My theory is that one of PuTTY's proprietary competitors is deliberately poisoning AV databases. After all, by now, there is almost no reason for a straight head-to-head proprietary competitor to PuTTY to even exist. Most of those products are, now, produced by shysters, who are monetising users' ignorance. They need to differentiate their product from PuTTY and one way is "doesn't set off your AV". Sadly it seems unlikely we'll ever be able to find out what's really going on, unless someone leaks a trove of documents or something. It is possible that something similar is happening to these ISOs. I doubt that any of *Debian's* competitors would bother with such shenanigans, but we ship an enormous variety of software, at least some of which must have unscrupulous competitors. Ian. (sad that the world has come to this kind of state) -- Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own. If I emailed you from an address @fyvzl.net or @evade.org.uk, that is a private address which bypasses my fierce spamfilter.