UPX LZMA compression

[dexterm]

Why don't you guys use UPX with LZMA compression? It gives the smallest file size ever and is much more stable than PECompact.

438,341 utorrent-1.7-beta-1137.uncompressed.exe

217,088 utorrent-1.7-beta-1137.upx.exe

203,776 utorrent-1.7-beta-1137.pecompact.exe

202,752 utorrent-1.7-beta-1137.upx.lzma.exe

Edit: With the --ultra-brute option, I got:

202,240

[Firon]

LZMA isn't supported in 2.03. We've also noted no difference between PECompact and UPX in terms of how µTorrent runs, apart from UPX being slightly larger.

[dexterm]

UPX 2.93 beta has --lzma and the --ultra-brute option.

[Firon]

We're not going to use a beta packer.

[khagaroth]

Well, this "beta" packer is more stable than the "stable" one, at least on my system.

[dexterm]

Just a reminder: UPX 3.0 Final has been released.

http://upx.sourceforge.net/#news

Atleast now will you guys use --lzma or --ultra-brute?

[MASTAN]

Using "upx.exe -9 -k --all-methods --ultra-brute utorrent-1.7-beta-1625.uncompressed.exe" UPX 3.0 decreases size to 204288 bytes. It's less than PEcompact'ed version utorrent-1.7-beta-1625.exe(205824 bytes).

[Ultima]

upx --ultra-brute [executable] is enough to compress to that size... All of those extra arguments are redundant and unnecessary. But yeah, the devs have already noticed.

[Saribro]

All this trouble for 1kb, not even 0.5%?

[Firon]

dexterm: I already informed the devs about it. The next UPX build will be either with --lzma or --ultra-brute, depending on which they feel is worth it.

[Ultima]

@Saribro: Heh I share your sentiments ;D

[dexterm]

@Saribro, that's not the point. We are rooting for UPX because it's free, open-source and the EXEs compressed by UPX are much more stable than than PECompact.

PECompact always had an advantage because it used to compress better than UPX. But finally, UPX has caught up with times and it compresses better than PEC in both normal and LZMA compressions.

Therefore, UPX is the clear winner here and it should be preferred over PEC.

[Firon]

There's no stability difference between the two. And the only problem with UPX is that it gets flagged as a virus by so many (stupid) anti-virus programs, much more than PECompact.

[Saribro]

We are rooting for UPX because it's free, open-source and the EXEs compressed by UPX are much more stable than than PECompact.

No you're not, you've been saying size, size, size...

1)UPX is free: Hardly relevant to anyone but the µT-devs?

2)open-source: Well, some people really, really care, but frankly, is it relevant even to the devs?

3)stability: ...data?...

4)AV: See Firon's post.

So it's essentially between 3) and 4), if it's equal between UPX and PEC, we're still down to 0.5% in size.

[Ultima]

2)open-source: Well, some people really, really care, but frankly, is it relevant even to the devs?

Not even just the devs -- to the users, that's entirely irrelevant as well. If open-source were a relevant point, then an open-source BitTorrent client should be used instead, as µTorrent's source code is closed pretty tight.

[dexterm]

@Firon:

Do you have any comparative data as to actually how many AVs out there detect PECompact and UPX as malware?

I've done a scan on virustotal.com of PEC compressed and UPX compressed uTorrent, and both of them show that only 4 AVs detected UPX and PEC. A scan on virusscan.jotti.org showed that not a single AV detected either of them as malware.

Of course, they don't cover all the AVs in the market, so it'll be nice if we could have some data on this from your end.

[Firon]

The problem is that heuristic detection (not virus definitions) seems to flag UPX more often than PECompact.

[Dark Shikari]

@Firon

Make sure you're not comparing UPX with NRV compression to PECompact with LZMA. The rate of false positives might be different between the compression methods.

I don't see why UPX shouldn't be used; in my experience its more reliable than PECompact and has a better compression ratio. It also allows users to decompress the program if loading time is more important than executable size.