Internet Archive and Virustotal...again
It's frustrating. I first attempted to use the IA forum to discuss - incredibly the area for software discussion link doesnt work.
All I can say is, those who blindly rely on their A/V to decide for them what is malware - and then reports (sometimes loudly) that such and such file "is infected" does a disservice to those who bust their humps to make sure software is genuine.
Here's my latest exchanges:
info@archive.org
Aug 7, 2023, 10:41 PM (8 hours ago)
to me
Dear Der AppleSeed,
Thank you for your interest in adding files to the Internet Archive. Unfortunately, one or more of the files you uploaded into item FreeCommander appear to be malware, and access to the item on archive.org has been blocked. You can get more details about the malware file(s) here:
freeCommander 2004.10a/freeCommander 2004.10a_fc_setup_.zip https://www.virustotal.com/gui/file/e92bbd413e865c024d2ceaba33783d03923bc3675775c8d9c7592394bbba6e3c/detection/f-e92bbd413e865c024d2ceaba33783d03923bc3675775c8d9c7592394bbba6e3c-1691462150
If you have questions or concerns, you may contact us at info@archive.org.
Thanks,
Internet Archive
All I can say is, those who blindly rely on their A/V to decide for them what is malware - and then reports (sometimes loudly) that such and such file "is infected" does a disservice to those who bust their humps to make sure software is genuine.
Here's my latest exchanges:
info@archive.org
Aug 7, 2023, 10:41 PM (8 hours ago)
to me
Dear Der AppleSeed,
Thank you for your interest in adding files to the Internet Archive. Unfortunately, one or more of the files you uploaded into item FreeCommander appear to be malware, and access to the item on archive.org has been blocked. You can get more details about the malware file(s) here:
freeCommander 2004.10a/freeCommander 2004.10a_fc_setup_.zip https://www.virustotal.com/gui/file/e92bbd413e865c024d2ceaba33783d03923bc3675775c8d9c7592394bbba6e3c/detection/f-e92bbd413e865c024d2ceaba33783d03923bc3675775c8d9c7592394bbba6e3c-1691462150
If you have questions or concerns, you may contact us at info@archive.org.
Thanks,
Internet Archive
Comments
I setup archive to store discord chat and attachments, a playstation executable patcher was shared, not a virus, and archive removed the complete archive, not just the single upload!
I have a hunch and I have yet to prove this, if it's packaged in a .iso or cue/bin etc, a cdrom image... it'll stay there. They really really love CDROM's
While I admire Internet Archive's lofty goals of preserving media, when it's done poorly, we are all penalized.
The more any all all segments of society use the "we know what's best for you" and treat people as children, the more these people so in fact become childlike.
Yes, I saw the warez CD's, that's how I came to that theory... and it kinda makes sense in that if someone went to that effort (authoring a CDROM image), then mostlikely, they knew what they were doing, software wise... kinda?
Also Jason (and therefore Archive.org) is a nutty hard leftist, which are always hypocrites. I stop regularly donating to Archive.org when it was obvious many years ago! And now they're in legal problems, because they think laws don't apply to them, stupid!
There is a software called SmartVersion by Gilles Vollant (WinImage author) that creates diff files of two or more nearly identical files. Can be text, or binaries. It's used out here in software land for example for ISOs of the same product - say Windows 7 - differ because of language or Edition. English, German, Russian - Home, Professional Enterprise - as examples.
So, it occured to me one could make two archives, one with a troublesome file and one without. Then use SmatVersion to generate its SVF/diff file, upload that plus the "innocent" binary.
I've briefly looked for encrypting utils, but so far, what I've discovered is that anything that uses decent encryption is somewhat large itself, and this matters because it would have to be included in the upload.
Even GNU PGP is somewhat bulky, and not all that user friendly.
But that was after the initial virus report, so maybe they dont except protected archives after it's found a virus in accs that has had a virus flagged... who knows
Ditto. I'm convinced I am now on their "watched" list. Makes me feel special.
It's all a game with the self-righteous. Went thru BS at Betaarchive too, because one person's ego outweighs the needs of the many, (Cue Spock I think).
I am beyond cuss words strong enough to express my disgust.
I don't upload executables much to archive, but next time I do, it will be in a ISO image.
Just yesterday, someone put a Windows 7 activator in an ISO and it looked interesting (was still in process). But before I could snatch it, it was deleted. I found another source and ran it through virustotal, and yup, those incompetent fools had flagged it.
The only thing I know for sure is that VirusTotal has a 650mb max file upload. That may be why full ISOs of warez get a free pass.
I did again complain on the forum, and will continue. I have no confidence in their nanny state approach. It baffles me, because sending all that binary content to VT, then logging the response, sending a automated email, etc, takes up server horsepower.
PS: Hybrid-Analysis.com and my Malwarebytes proggie both said it was clean - of course.
It makes sense now, thanks, good to know!
I think things should be flagged with the virus report, maybe a warning before downloading. Not just removed. Maybe it's a WIP.
Something along the lines of Base64, or Ascii85, or btoa or ZMODEM - all of which /might/ be recognized by Virustotal. Sp it had to be a new algorithm.
Also, wanted a "key required" sort of action - that didn't actually require some damn, easily lost, or wrongly entered manual entry.
Becaause we are talking about 7-8 ascii bytes now representing a single hex value, the result is double or more - but easily is halved with 7zip compression.
When I get a little more polish on it, I will once again post uTorrent to archive dot org.
wow, that all sounds intense!
https://archive.org/details/uTorrent_25302
You can examine InstallFiles.bat contained in the 7z archive with Notepad and confirm there is no hanky-panky going on.
Not as efficient as UUencode or YEnc, but it gets the job done.