this post was submitted on 15 Sep 2024
24 points (80.0% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54772 readers
444 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

UPX is open source and works on linux , windows and mac (ie. cross platform) I would like to know why the torrenting space isn't using it already / having a mature discussion about it.

top 25 comments
sorted by: hot top controversial new old
[–] [email protected] 32 points 2 months ago (1 children)

Pack what executables exactly?

Like take a copy of Nodobe Notoshop and repack it?

If that's what you mean, uh, politely, but fuck no. Malware is enough of a problem that there's no way I'd want to start downloading crap that's been UPXed since that's going to make it impossible to determine if it's legitimate or not by (most) endpoint tools, or they'll just see UPX and go 'bad shit!' on everything.

[–] [email protected] 1 points 2 months ago (1 children)

What do you actually mean?

Do you scan for torrents using some endpoint tools ?

[–] [email protected] 16 points 2 months ago (2 children)

Sorry, I meant antivirus. (Corpo IT calls it endpoint, since it's, well, the endpoint.)

[–] [email protected] 2 points 2 months ago (2 children)

. Malware is enough of a problem that there’s no way I’d want to start downloading crap that’s been UPXed since that’s going to make it impossible to determine if it’s legitimate or not by (most) endpoint tools, or they’ll just see UPX and go ‘bad shit!’ on everything.

You had clearly misunderstood what this tool is. Its tool for better compression of executables which could be used in data sensitive (Like , most people would agree with me that some times decrypting on our own local device could be better since it could be more predictable than waiting for seeders , because there are very less seeders)

[–] [email protected] 17 points 2 months ago* (last edited 2 months ago) (1 children)

Politely, but no.

It's a compression tool that is also used to mask malware, and you're proposing to expand it's use in a use case that's ALREADY coated in enough malware to give you herpes just by walking past your average tracker.

It's a bad idea from a security perspective, and it's not going to outperform a LZMA-based compression tool using a large dictionary (7zip, etc.) which also isn't fucking with binaries in a way that makes detecting and preventing malicious software more complicated for the average user, who typically knows absolutely zero about what's going on.

[–] [email protected] 3 points 2 months ago* (last edited 2 months ago)

I had actually agreed with you , here was my initial comment , though I just wanted to look into upx github page more

okay now I understand what you mean.
Basically the same threat model follows if you want to unpack a upx
and it also states
- We will *NOT* add any sort of protection and/or encryption.
    This only gives people a false feeling of security because
    all "protectors" can be broken by definition.

What would you recommend instead ? .
But also if you are extracting that file , you are basically running it , but the main issue is that antivirus can't read it

new response:


But on  https://upx.github.io/ , its given as

>secure: as UPX is documented Open Source since many years any relevant Security/Antivirus software is able to peek inside UPX compressed apps to verify them

I am really sorry mate but please read about upx once because I don't know why but you just seem so defensive to this change without actually giving any good reason. Though you do seem knowledgable so I am obviously looking to have more discussion , but just a bit more detailed.
Thanks , have a good day / good night
[–] [email protected] 6 points 2 months ago (1 children)

He didn't, malware guys use UPX and it's true that antiviruses scream bloody murder when they see it. It's also true you can't see what's inside unless you have special tools to do so. UPX also has one huge downside, it's its RAM usage, due to it's inner workings it's unable to use optimisations that normal binaries can like page sharing.

[–] [email protected] 0 points 2 months ago (1 children)

okay so what alternative do you suggest which could be better used in exe formats I feel that unzipping from exe isn't the best solution to this problem

(like some exe contain some zip file inside them and extract them)

[–] [email protected] 1 points 2 months ago* (last edited 2 months ago)

Just putting all your stuff in one big .7z so you can unpack it to directory then scan them all w/ AV.

[–] [email protected] 1 points 2 months ago* (last edited 2 months ago)

well then you could still extract it using upx , (basically if I remember correctly , you use upx on one exe file to generate another (I think this is the intended use case of what I am suggesting) & then use antivirus on that. according to their website you can list, test and unpack your executables. Also, a checksum of both the compressed and uncompressed file is maintained internally.

[–] [email protected] 13 points 2 months ago (2 children)

Maybe present what it's for and why you think it should be used? To me, you just proposed a random tool and just shared a link. Sorry dude, I ain't reading all that.

Anti Commercial-AI license

[–] [email protected] 7 points 2 months ago (2 children)

Okay I have edited it to give more of my side. And not sure why you linked Anti Commercial AI license , I am not a bot .

[–] [email protected] 18 points 2 months ago

It's the digital equivalent of those sovereign citizens who think the people in charge give a fuck what they think. It makes them feel better.

[–] [email protected] 1 points 2 months ago

It's a licensing statement. Their post is CC-licensed.

[–] [email protected] 0 points 2 months ago

Okay agreed.

[–] [email protected] 8 points 2 months ago (1 children)

The executable being packed in an executable format means it has to be decompressed on each launch. If it doesn't it means it's not saving any space anyway.

I don't know what packing you're looking for, but Windows applications are typically installed with installers. An executable compressed executable goes against this; unless you want to pack installers.

Traditional file compression works well enough. People know to launch an msi or exe or read a README. Introducing non-standard tools is not necessarily a good idea, and certainly is not intuitive to users not already familiar with it.

[–] [email protected] 0 points 2 months ago

Traditional file compression doesn't work that well as compared to upx. Upx supports as much as 500 mb/s on any reasonable device (this is very comparable to https://github.com/mhx/dwarfs) , which is honestly insane.

[–] [email protected] 7 points 2 months ago (1 children)

What advantage does it have over existing methods? It's great that it's cross-platform, but so are zip files. And the content inside isn't cross-platform, so I don't think that ultimately adds anything.

[–] [email protected] 1 points 2 months ago (1 children)

I mean , I use linux but I can use wine to run the content inside , so in some sense "every content" is cross platform. I think it ultimately adds to better performance specifically for executable torrents in the long run over things like zip.

[–] [email protected] 2 points 2 months ago

In what way?

[–] [email protected] 4 points 2 months ago

We should use tiny spoons to drink water in communal spaces!

[–] [email protected] 3 points 2 months ago* (last edited 2 months ago) (1 children)

Have you ever used upx on a windows machine, defender throws fits and deletes everything.

[–] [email protected] 1 points 2 months ago* (last edited 2 months ago)

What advantage does it have over existing methods? It’s great that it’s cross-platform, but so are zip files. And the content inside isn’t cross-platform, so I don’t think that ultimately adds anything.

https://github.com/upx/upx/issues/437

It states that the more people use and report upx as non antivirus to windows , the better detection rate occurs. This software is open source y'all. Not sure why you all have got your pitchforks

heres https://www.virustotal.com/gui/file/e61c808be19688dacff19d9439563410067e6eb72a9cc8afdb2644a785d056b1 , upx virustotal link.

[–] [email protected] 2 points 2 months ago (1 children)

Is it faster than 7z or have better ratios?

[–] [email protected] 0 points 2 months ago

yes I think it does indeed have better ratio than 7z with better speed , I think without the need of extraction.