Received-SPF: pass (mail.aliroguru.net: authenticated connection) receiver=mail.aliroguru.net; client-ip=82.69.97.114; helo=[192.168.11.66]; envelope-from=martin.lists@uncommercial.co.uk; x-software=spfmilter 0.97 http://www.acme.com/software/spfmilter/ with libspf2-1.0.0;
Message-ID: <4ACC89E5.2060605@uncommercial.co.uk>
Date: Wed, 07 Oct 2009 13:30:29 +0100
From: Martin N Brampton <martin.lists@uncommercial.co.uk>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: cygwin@cygwin.com
Subject: Cygwin setup.exe flagged by AVG as high level security threat because  of Win32.AirCrack.c
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com

I cannot find any reference to AirCrack anywhere in documentation 
directly related to Cygwin.  What information I can find through Google 
doesn't give me any idea why Cygwin would contain code for cracking 
passwords in wireless networks.

It doesn't seem wise to install something that an anti-malware program 
describes as a "password-stealer" and a high level threat without 
knowing more about it.  Why is it part of Cygwin?  Is it a threat?  Does 
having this code on a machine introduce a vulnerability?

Best regards, Martin Brampton

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple