#ClamAV is falsely reporting that #PuTTY 0.83 is infected with malware: allegedly the "Win
Uncategorized
1
Posts
1
Posters
1
Views
-
#ClamAV is falsely reporting that #PuTTY 0.83 is infected with malware: allegedly the "Win.Exploit.Marte-10058127-0" virus. We were notified this morning: the ClamAV database entry is brand new. But the binary it accuses is six months old.
As usual, we believe this report is a falsehood. PuTTY has a long history of being insulted by virus checkers, and we've never worked out why, though we have a number of theories in our wishlist page for the phenomenon https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/false-positive-malware.html.
In this case, the analysis in the screenshot shows that the identification is based on finding particular _text strings_ in the binary. Those text strings are the names of PuTTY source files, baked into the executable by something in the build process (most likely __FILE__, via assert statements). The full pathname includes a randomised build directory name created by mkstemp(), which identifies these strings as ones that would appear _only_ in the release build of PuTTY 0.83 – any other build would have chosen a different build directory. So this alleged virus signature is actually a signature of that particular PuTTY binary build.
Of course, I've submitted a false-positive report. (Quite a grumpy one, since this isn't the first time.) But I do wonder how this keeps happening. I could certainly believe that putty.exe was reused unchanged by some actual malware, and then somehow the signature of putty.exe got into the virus db entry instead of the signature of anything specific to the malware. But another possibility is that someone is maliciously making these database entries. I wonder if there's any way to tell which is true.
-
undefined oblomov@sociale.network shared this topic on
Gli ultimi otto messaggi ricevuti dalla Federazione
-
@ianRobinson of course, of coursa 😀
"de gustibus non disputandum est" literally "tastes shall not be debated", or using the English proverb "There is no accounting for tastes" …
Anyone has his/her own soft spots for childhood games and it is good and right.
-
Mi sa che mi piace.
Il completo più comodo di tutti i tempi si compra in una busta di plastica. Proprio come la T-shirt più leggendaria
> Fruit of the Loom Japan e Keiji Kaneko firmano l’Athletic Formal Suit, un completo doppiopetto in cotone lavabile in lavatrice.Vintage nell’estetica, sorprendentemente easy nella costruzione. E rivoluzionario nell'uso
-
@pressenza_italia
L'idea che sia possibile "rifiuti zero" si è visto come è stata sviluppata a Roma durante il "regno" dei m5Z.Fallimentare.
In termovalorizzatore deve andarci meno roba possibile, ma un minimo resta sempre.
-
dan, glad you saw that. i was surprised that it can generate a real app just by asking for it.
i also had it do an outliner.. 🙂
https://this.how/ai/outliner/outliner.html
did a few iterations on that, and maybe i'll do some more. it basically knows all about every freaking outliner ever made.
https://this.how/ai/outliner/priorArt.opml
and the outlines it makes interop with all my outline-ready software.
things have really changed here.
-
@RachelA @MostlyHarmless Yes, these memes aren't funny more.
-
@mttaggart seriously someone should try to vibe code a Linux distro just to see how much better it would be compared to Windows
-
Richard Littler (@richardlittler.bsky.social)
https://bsky.app/profile/richardlittler.bsky.social/post/3mga3yt5cac24
> Religious zealots always cherry-pick. I mean, just once, couldn't they notice that Satan in The Book of Revelation is typically characterised as an orange Beast who loves gold?
-
Molto interessante.
