SEtx

Benefit is enhanced security. And sorry, but such obsession with exe size is just stupid. Shouldn't we revert to 1.5.0 because it's half the size of 2.0.3? exe grows bigger with each release and uT already has alot of features that only few people use, but somehow it's worth those few k that accumulates with each build. Oh, and how about stripping those 5k of digital sign in the end of file? There is definitely no benefit for uT work from them.

Again, I'm requesting to keep relocations in the uTorrent exe for the sake of Win7 ASLR. All that you need to do is add --strip-relocs=0 in upx packing options.

Indeed adding sfx to 7z results in 327KB, zip 346KB and official is 311KB but i don't think there is any point in calculating few KB here - if you really wanted smaller size you'd use other exe packers (266KB). I see no good reason for not posting zip'ed version on forum if it would be with additional security feature for those who care or don't like packed exe. Edit: corrected numbers to account for digital signature.

As i said, difference in memory consumption and loading time should be insignificant for such small exe (mine primary request was ASLR). But if you really want to save webservers bandwidth packing it into self-extracting 7z is probably more efficient.

Packing increase memory usage indirectly: windows doesn't need to keep the whole unpacked program in ram as it can fetch the rest any time from disk, but as there is no disk image for packed program you force system to always keep it in memory/page file. The same increase loading time - system can start unpacked program after loading only part of it, but has to load the whole packed one. To enable ASLR you only need to specify /DYNAMICBASE to the linker and it probably will work just fine until you assume somewhere in code that your loading address is 0x4000000 (unlikely). UPX disables ASLR because unless you specify --strip-relocs=0 it will remove relocations that are requited for ASLR to work. Packed version of 2.0 already has ASLR-enabling flag set, but due to missing relocations it actually doesn't work. PS: You can test yourself how packing affects memory usage: make a program with large (~32MB) static const array, reference it in code so optimizing compiler won't throw it away and see how much memory the program consumes in unpacked and packed form.

Why not add one more security-enhancing feature on one of the most exposed to attacks application if it worth you only rebuild? Maybe even rebuild isn't required - it's probably just upx that kills relocations. In general i don't understand why you still insist on packing uTorrent. Packing saves ridiculous amount of disk space but increase memory consumption, loading time (insignificant for uT) and doesn't go well with ASLR as you see.

Can we have unpacked, ASLR-enabled (with relocations not stripped) signed build of 2.0?

It's ok now - no even false positives on unpacked file.

Even in unpacked v0.6.0 unicode Kaspersky and 3 other antiviruses find a trojan: http://www.virustotal.com/analisis/ccbe6d84a489be67a45c5ca6c9174b27 Ultima, can you rebuild it somehow?