Hi,
I am not sure at this point if this is virus database   
Registration/maintenance issue or an actual virus.  windows defender first scan 
revealed the virus alerts mentioned in my previous email.  Due to the long long 
time it takes to scan the iso files, the second time I ran the scan on the 
source dvd-5 iso file only which was one of the suspects.  It triggered the 
virus alert again but, this time it gave no information as to what virus it is 
, it’s location, file names etc.  I suspect windows defender is buggy and does 
not function the way it should!  After clicking on “take action” I went to bed 
and I have no idea when it finished.  This morning I saw the message stating 
“no threats found”.    This is absurd! No software utility should work like 
this.  The other problem I experienced was during the burning stage of the iso 
Discs, in particular DVD-5 iso file.  It failed number of times for reasons 
unknown.  Failed during verification stage after burning the disc.

Kind Regards,
Hakan Ozturk


> On Mar 7, 2018, at 5:52 AM, Ian Jackson <ijack...@chiark.greenend.org.uk> 
> wrote:
> 
> Scott Kitterman writes ("Re: Problems with source DVDs."):
>> There are packages where upstream includes files for testing that trigger 
>> a/v alerts, even though they are safe.  Without knowing which files 
>> triggered the alerts, it's almost impossible for us to answer your question.
> 
> That might be the cause.
> 
> However: the PuTTY project has been suffering for some time from being
> occasionally listed as malware.  Notably, for example, the hash of the
> actual released putty.exe appeared in a malware list.  PuTTY's
> developers complained, and it was removed.  The next release, same
> thing.
> 
> The problem occurred with many virus checkers.  PuTTY were mostly
> dealing with ClamAV because they have the least horribly-closed
> process - ie you can actually talk to them and sometimes even get an
> individual false positive fixed.  But AFAICT ClamAV get their
> signatures from some kind of secret database which you have to sign up
> to an NDA to get access to.
> 
> No-one was ever able to explain why PuTTY keeps getting listed as
> malware.  In IRL conversations with Simon Tatham he had a number of
> theories about how this might occur by accident, but I have to say I
> didn't find them plausible.
> 
> My theory is that one of PuTTY's proprietary competitors is
> deliberately poisoning AV databases.  After all, by now, there is
> almost no reason for a straight head-to-head proprietary competitor to
> PuTTY to even exist.  Most of those products are, now, produced by
> shysters, who are monetising users' ignorance.  They need to
> differentiate their product from PuTTY and one way is "doesn't set off
> your AV".
> 
> Sadly it seems unlikely we'll ever be able to find out what's really
> going on, unless someone leaks a trove of documents or something.
> 
> It is possible that something similar is happening to these ISOs.  I
> doubt that any of *Debian's* competitors would bother with such
> shenanigans, but we ship an enormous variety of software, at least
> some of which must have unscrupulous competitors.
> 
> Ian.
> 
> (sad that the world has come to this kind of state)
> 
> -- 
> Ian Jackson <ijack...@chiark.greenend.org.uk>   These opinions are my own.
> 
> If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
> a private address which bypasses my fierce spamfilter.

Reply via email to