What advantage does it have over existing methods? It’s great that it’s cross-platform, but so are zip files. And the content inside isn’t cross-platform, so I don’t think that ultimately adds anything.

https://github.com/upx/upx/issues/437

It states that the more people use and report upx as non antivirus to windows , the better detection rate occurs. This software is open source y’all. Not sure why you all have got your pitchforks

heres https://www.virustotal.com/gui/file/e61c808be19688dacff19d9439563410067e6eb72a9cc8afdb2644a785d056b1 , upx virustotal link.

I had actually agreed with you , here was my initial comment , though I just wanted to look into upx github page more

okay now I understand what you mean.
Basically the same threat model follows if you want to unpack a upx
and it also states
- We will *NOT* add any sort of protection and/or encryption.
    This only gives people a false feeling of security because
    all "protectors" can be broken by definition.

What would you recommend instead ? .
But also if you are extracting that file , you are basically running it , but the main issue is that antivirus can't read it

new response:

But on  https://upx.github.io/ , its given as

>secure: as UPX is documented Open Source since many years any relevant Security/Antivirus software is able to peek inside UPX compressed apps to verify them

I am really sorry mate but please read about upx once because I don't know why but you just seem so defensive to this change without actually giving any good reason. Though you do seem knowledgable so I am obviously looking to have more discussion , but just a bit more detailed.
Thanks , have a good day / good night

. Malware is enough of a problem that there’s no way I’d want to start downloading crap that’s been UPXed since that’s going to make it impossible to determine if it’s legitimate or not by (most) endpoint tools, or they’ll just see UPX and go ‘bad shit!’ on everything.

You had clearly misunderstood what this tool is. Its tool for better compression of executables which could be used in data sensitive (Like , most people would agree with me that some times decrypting on our own local device could be better since it could be more predictable than waiting for seeders , because there are very less seeders)

well then you could still extract it using upx , (basically if I remember correctly , you use upx on one exe file to generate another (I think this is the intended use case of what I am suggesting) & then use antivirus on that. according to their website you can list, test and unpack your executables. Also, a checksum of both the compressed and uncompressed file is maintained internally.

Okay I have edited it to give more of my side. And not sure why you linked Anti Commercial AI license , I am not a bot .

Okay agreed.

What do you actually mean?

Do you scan for torrents using some endpoint tools ?