One final point I would also like to make is that for me as a user of Debian , 
this has now become a “Trust and Confidence” issue.  I never had much trust or 
respect for the Microsoft products.  In the absence of a reliable, trustworthy 
virus detection software, everything becomes a suspect!  including the folks 
working on the project...  

Kind Regards ,
Hakan Ozturk

> On Mar 7, 2018, at 5:52 AM, Ian Jackson <ijack...@chiark.greenend.org.uk> 
> wrote:
> 
> Scott Kitterman writes ("Re: Problems with source DVDs."):
>> There are packages where upstream includes files for testing that trigger 
>> a/v alerts, even though they are safe.  Without knowing which files 
>> triggered the alerts, it's almost impossible for us to answer your question.
> 
> That might be the cause.
> 
> However: the PuTTY project has been suffering for some time from being
> occasionally listed as malware.  Notably, for example, the hash of the
> actual released putty.exe appeared in a malware list.  PuTTY's
> developers complained, and it was removed.  The next release, same
> thing.
> 
> The problem occurred with many virus checkers.  PuTTY were mostly
> dealing with ClamAV because they have the least horribly-closed
> process - ie you can actually talk to them and sometimes even get an
> individual false positive fixed.  But AFAICT ClamAV get their
> signatures from some kind of secret database which you have to sign up
> to an NDA to get access to.
> 
> No-one was ever able to explain why PuTTY keeps getting listed as
> malware.  In IRL conversations with Simon Tatham he had a number of
> theories about how this might occur by accident, but I have to say I
> didn't find them plausible.
> 
> My theory is that one of PuTTY's proprietary competitors is
> deliberately poisoning AV databases.  After all, by now, there is
> almost no reason for a straight head-to-head proprietary competitor to
> PuTTY to even exist.  Most of those products are, now, produced by
> shysters, who are monetising users' ignorance.  They need to
> differentiate their product from PuTTY and one way is "doesn't set off
> your AV".
> 
> Sadly it seems unlikely we'll ever be able to find out what's really
> going on, unless someone leaks a trove of documents or something.
> 
> It is possible that something similar is happening to these ISOs.  I
> doubt that any of *Debian's* competitors would bother with such
> shenanigans, but we ship an enormous variety of software, at least
> some of which must have unscrupulous competitors.
> 
> Ian.
> 
> (sad that the world has come to this kind of state)
> 
> -- 
> Ian Jackson <ijack...@chiark.greenend.org.uk>   These opinions are my own.
> 
> If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
> a private address which bypasses my fierce spamfilter.

Reply via email to