X-Recipient: archive-cygwin AT delorie DOT com X-SWARE-Spam-Status: No, hits=0.0 required=5.0 tests=BAYES_50,SPF_PASS X-Spam-Check-By: sourceware.org Received-SPF: pass (mail.aliroguru.net: authenticated connection) receiver=mail.aliroguru.net; client-ip=82.69.97.114; helo=[192.168.11.66]; envelope-from=martin DOT lists AT uncommercial DOT co DOT uk; x-software=spfmilter 0.97 http://www.acme.com/software/spfmilter/ with libspf2-1.0.0; Message-ID: <4ACC89E5.2060605@uncommercial.co.uk> Date: Wed, 07 Oct 2009 13:30:29 +0100 From: Martin N Brampton User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) MIME-Version: 1.0 To: cygwin AT cygwin DOT com Subject: Cygwin setup.exe flagged by AVG as high level security threat because of Win32.AirCrack.c Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com I cannot find any reference to AirCrack anywhere in documentation directly related to Cygwin. What information I can find through Google doesn't give me any idea why Cygwin would contain code for cracking passwords in wireless networks. It doesn't seem wise to install something that an anti-malware program describes as a "password-stealer" and a high level threat without knowing more about it. Why is it part of Cygwin? Is it a threat? Does having this code on a machine introduce a vulnerability? Best regards, Martin Brampton -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple