One final point I would also like to make is that for me as a user of Debian , this has now become a “Trust and Confidence” issue. I never had much trust or respect for the Microsoft products. In the absence of a reliable, trustworthy virus detection software, everything becomes a suspect! including the folks working on the project...
Kind Regards , Hakan Ozturk > On Mar 7, 2018, at 5:52 AM, Ian Jackson <[email protected]> > wrote: > > Scott Kitterman writes ("Re: Problems with source DVDs."): >> There are packages where upstream includes files for testing that trigger >> a/v alerts, even though they are safe. Without knowing which files >> triggered the alerts, it's almost impossible for us to answer your question. > > That might be the cause. > > However: the PuTTY project has been suffering for some time from being > occasionally listed as malware. Notably, for example, the hash of the > actual released putty.exe appeared in a malware list. PuTTY's > developers complained, and it was removed. The next release, same > thing. > > The problem occurred with many virus checkers. PuTTY were mostly > dealing with ClamAV because they have the least horribly-closed > process - ie you can actually talk to them and sometimes even get an > individual false positive fixed. But AFAICT ClamAV get their > signatures from some kind of secret database which you have to sign up > to an NDA to get access to. > > No-one was ever able to explain why PuTTY keeps getting listed as > malware. In IRL conversations with Simon Tatham he had a number of > theories about how this might occur by accident, but I have to say I > didn't find them plausible. > > My theory is that one of PuTTY's proprietary competitors is > deliberately poisoning AV databases. After all, by now, there is > almost no reason for a straight head-to-head proprietary competitor to > PuTTY to even exist. Most of those products are, now, produced by > shysters, who are monetising users' ignorance. They need to > differentiate their product from PuTTY and one way is "doesn't set off > your AV". > > Sadly it seems unlikely we'll ever be able to find out what's really > going on, unless someone leaks a trove of documents or something. > > It is possible that something similar is happening to these ISOs. I > doubt that any of *Debian's* competitors would bother with such > shenanigans, but we ship an enormous variety of software, at least > some of which must have unscrupulous competitors. > > Ian. > > (sad that the world has come to this kind of state) > > -- > Ian Jackson <[email protected]> These opinions are my own. > > If I emailed you from an address @fyvzl.net or @evade.org.uk, that is > a private address which bypasses my fierce spamfilter.
