本帖最后由 sniss 于 2010-11-29 11:41 编辑
BitDefender can unpack many archived/packed formats, so archived threats can be detected. However, BitDefender has limited capabilities of cleaning up archived files (ZIP files, for instance, can be cleaned, but RAR files cannot).
This happens because most of the archiving/packing systems are proprietary formats. To clean an archive, you basically need to unpack all files (which BitDefender can do), and create a new archive containing only the clean files... which BitDefender can't do.
Because most archiving formats are proprietary formats, it means that the packing algorithm cannot be used without license from the author of the algorithm.
ZIP format is a free format, and everyone knows it and can use it to create (un)packers. But RAR format (for instance), is a closed format, owned by RarLabs (if I'm not mistaking). So for BitDefender to repack files in the RAR format would be basically illegal, not to mention somehow dangerous for the files, because BitDefender doesn't know the exact packing method and corrupt the archives. The same thing applies for the rest of the packing formats.
BitDefender可以解开多种文档/打包格式,所以文档的威胁能够被检测到。但是,BitDefender还是有有限的能力去清除文档文件(例如,ZIP格式的文件就可以被清除,但是RAR文件却不能被清除)。
发生这个是因为绝大多数文档/打包系统是有【专利】的格式。为了使一个文档干净,你必须先解压缩所有的文件(BitDefender能够做到),然后创建一个新的只包含干净文件的文档文件......这个BitDefender不能做到。
因为大部分文档格式是专利格式,所以就意味着没有来自算法作者的授权(文件),(我们)就不能使用打包算法。
ZIP格式是一个免费的格式,而且每个人都了解它,能够使用它去创建(解)压缩包。但是RAR格式(例如),是一个封闭格式,被Rarlabs(RAR实验室)拥有。所以对于BitDefender,想要以RAR格式重新打包文件就是违法的,并不是涉及到对文件有某种程度上的危险,因为BitDefender不知道准确的打包方法并且会使文档崩溃。同样的原因也是用于其它压缩格式。
本人认为:
1、并且这个问题是绝大多数杀软都很难做到的,原因就在于需要获得其打包授权,而这个授权,是相当得昂贵的!!
2、一般情况下,杀软对那些难以处理的压缩包采取:移入隔离区的方法。
更多相关阅读材料:点击进入
|
发表于 2010-11-28 13:57:26
发表于 2010-11-28 14:00:07
楼主
