|
Boost : |
Subject: Re: [boost] Windows quarantines boost_1_68_0.7z
From: Miguel Ojeda (miguel.ojeda.sandonis_at_[hidden])
Date: 2018-12-15 17:00:51
On Sat, Dec 15, 2018 at 11:54 AM degski <degski_at_[hidden]> wrote:
>
> If you have a better explanation, please do put that forward. The fact
> that this particular file get's flagged at all indicates that same
> broken logic.
No, it doesn't. Even if a particular antivirus doesn't support
unpacking of some type of archive, that does not imply they simply
flag it because it is too big.
As Asbjørn said, it is likely it analyzes the archive as if it was a
binary blob, searching for some patterns; and given that compression
returns basically random data, there is a chance to hit some false
positive.
And yes, I expect antivirus vendors to whitelist "famous" files if
they happen to hit a pattern. :)
Cheers,
Miguel
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk