[Rd] trojan at current development version?

Ben Bolker bbolker at gmail.com
Fri Jan 28 15:17:11 CET 2011

Uwe Ligges <ligges <at> statistik.tu-dortmund.de> writes:

> On 28.01.2011 13:49, peter dalgaard wrote:
> >
> > On Jan 28, 2011, at 09:47 , Andreas Mayr wrote:
> >
> >> Hi,
> >>
> >> is it possible, that the current development version  for Windows (
> >> http://cran.at.r-project.org/bin/windows/base/R-2.13.0dev-win.exe) is
> >> infected by a trojan/virus. My antivir-program (www.avira.com) seems to find
> >> a trojan in open.exe at bin\i386.
> >
> > We have seen false positives before (accidental mismatch between virus
signatures and legitimate
> programs). But presumably, the Windows maintainers will double-check, just in
> Oh yes, we got such reports before. People reported to Avira and it went 
> away. Now it is there again. Hopeless, I assume.
> Duncan: Perhaps we can add at the download page that Avira reports 
> open.exe to be infected from time to time.
> Best wishes,
> Uwe
  Another note for the paranoid is that the MD5 sum for the binary
is posted, so you can at least check consistency.  On the  other hand,
if someone managed to compromise an entire CRAN mirror, they could
also post MD5 sums for their nastified version ...  you could always
go check the MD5 sums on another CRAN mirror (or on the main page),
which would make the attacker work much harder ...

More information about the R-devel mailing list