[prev in list] [next in list] [prev in thread] [next in thread] 

List:       boost
Subject:    Re: [boost] Windows quarantines boost_1_68_0.7z
From:       Miguel Ojeda via Boost <boost () lists ! boost ! org>
Date:       2018-12-15 17:00:51
Message-ID: CANiq72mFc0QkiqOn9Ns2N543oz5HcmyQ24nP8d_eqLoK4nmFYA () mail ! gmail ! com
[Download RAW message or body]

On Sat, Dec 15, 2018 at 11:54 AM degski <degski@gmail.com> wrote:
>
> If you have a better explanation, please do put that forward. The fact
> that this particular file get's flagged at all indicates that same
> broken logic.

No, it doesn't. Even if a particular antivirus doesn't support
unpacking of some type of archive, that does not imply they simply
flag it because it is too big.

As Asbjørn said, it is likely it analyzes the archive as if it was a
binary blob, searching for some patterns; and given that compression
returns basically random data, there is a chance to hit some false
positive.

And yes, I expect antivirus vendors to whitelist "famous" files if
they happen to hit a pattern. :)

Cheers,
Miguel

_______________________________________________
Unsubscribe & other changes: http://lists.boost.org/mailman/listinfo.cgi/boost

[prev in list] [next in list] [prev in thread] [next in thread]