UPX is open source and works on linux , windows and mac (ie. cross platform) I would like to know why the torrenting space isn’t using it already / having a mature discussion about it.

  • schizo@forum.uncomfortable.business
    link
    fedilink
    English
    arrow-up
    31
    arrow-down
    1
    ·
    2 months ago

    Pack what executables exactly?

    Like take a copy of Nodobe Notoshop and repack it?

    If that’s what you mean, uh, politely, but fuck no. Malware is enough of a problem that there’s no way I’d want to start downloading crap that’s been UPXed since that’s going to make it impossible to determine if it’s legitimate or not by (most) endpoint tools, or they’ll just see UPX and go ‘bad shit!’ on everything.

        • Linuxer@discuss.onlineOP
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          1
          ·
          2 months ago

          . Malware is enough of a problem that there’s no way I’d want to start downloading crap that’s been UPXed since that’s going to make it impossible to determine if it’s legitimate or not by (most) endpoint tools, or they’ll just see UPX and go ‘bad shit!’ on everything.

          You had clearly misunderstood what this tool is. Its tool for better compression of executables which could be used in data sensitive (Like , most people would agree with me that some times decrypting on our own local device could be better since it could be more predictable than waiting for seeders , because there are very less seeders)

          • schizo@forum.uncomfortable.business
            link
            fedilink
            English
            arrow-up
            17
            arrow-down
            1
            ·
            edit-2
            2 months ago

            Politely, but no.

            It’s a compression tool that is also used to mask malware, and you’re proposing to expand it’s use in a use case that’s ALREADY coated in enough malware to give you herpes just by walking past your average tracker.

            It’s a bad idea from a security perspective, and it’s not going to outperform a LZMA-based compression tool using a large dictionary (7zip, etc.) which also isn’t fucking with binaries in a way that makes detecting and preventing malicious software more complicated for the average user, who typically knows absolutely zero about what’s going on.

            • Linuxer@discuss.onlineOP
              link
              fedilink
              English
              arrow-up
              3
              ·
              edit-2
              2 months ago

              I had actually agreed with you , here was my initial comment , though I just wanted to look into upx github page more

              okay now I understand what you mean.
              Basically the same threat model follows if you want to unpack a upx
              and it also states
              - We will *NOT* add any sort of protection and/or encryption.
                  This only gives people a false feeling of security because
                  all "protectors" can be broken by definition.
              
              What would you recommend instead ? .
              But also if you are extracting that file , you are basically running it , but the main issue is that antivirus can't read it
              
              

              new response:

              
              But on  https://upx.github.io/ , its given as
              
              >secure: as UPX is documented Open Source since many years any relevant Security/Antivirus software is able to peek inside UPX compressed apps to verify them
              
              I am really sorry mate but please read about upx once because I don't know why but you just seem so defensive to this change without actually giving any good reason. Though you do seem knowledgable so I am obviously looking to have more discussion , but just a bit more detailed.
              Thanks , have a good day / good night
              
          • montar
            link
            fedilink
            English
            arrow-up
            5
            ·
            2 months ago

            He didn’t, malware guys use UPX and it’s true that antiviruses scream bloody murder when they see it. It’s also true you can’t see what’s inside unless you have special tools to do so. UPX also has one huge downside, it’s its RAM usage, due to it’s inner workings it’s unable to use optimisations that normal binaries can like page sharing.

            • Linuxer@discuss.onlineOP
              link
              fedilink
              English
              arrow-up
              1
              ·
              2 months ago

              okay so what alternative do you suggest which could be better used in exe formats I feel that unzipping from exe isn’t the best solution to this problem

              (like some exe contain some zip file inside them and extract them)

              • montar
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                2 months ago

                Just putting all your stuff in one big .7z so you can unpack it to directory then scan them all w/ AV.

        • Linuxer@discuss.onlineOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          2 months ago

          well then you could still extract it using upx , (basically if I remember correctly , you use upx on one exe file to generate another (I think this is the intended use case of what I am suggesting) & then use antivirus on that. according to their website you can list, test and unpack your executables. Also, a checksum of both the compressed and uncompressed file is maintained internally.