15 Dec
2018
15 Dec
'18
5 p.m.
On Sat, Dec 15, 2018 at 11:54 AM degski
If you have a better explanation, please do put that forward. The fact that this particular file get's flagged at all indicates that same broken logic.
No, it doesn't. Even if a particular antivirus doesn't support unpacking of some type of archive, that does not imply they simply flag it because it is too big. As Asbjørn said, it is likely it analyzes the archive as if it was a binary blob, searching for some patterns; and given that compression returns basically random data, there is a chance to hit some false positive. And yes, I expect antivirus vendors to whitelist "famous" files if they happen to hit a pattern. :) Cheers, Miguel