[chirp_users] Panda reported a virus in Oct 9 and Oct 13 daily builds.
tom at tomh.us
Tue Oct 13 14:36:09 PDT 2015
On Tue, Oct 13, 2015 at 2:26 PM, Eric Vought <evought at pobox.com> wrote:
> Most of the distribution IS python source is it not? It's compiled on-the-
> fly by the Python runtime. Tom, are there blobs in the package which might
> trigger a false- positive? Alex, does the download checksum correctly?
Yes, that is most likely what is happening.
Every few months we get a message like this to the mailing list. It's
usually one of the smaller antivirus packages reporting a virus. So
far they have all been false positives. My guess is there are actual
viruses out there using Python libraries, and not realizing they're
looking at popular open source software, the antivirus company flags
False positives are extremely common in antivirus software, and
detection rates of real malicious software is low. I don't even bother
with antivirus software.
More information about the chirp_users