On Tuesday 02 September 2003 8:23 am, Graham Murray wrote: > Antony Stone <[EMAIL PROTECTED]> writes: > > However, from a non-technical person's point of view, it doesn't do > > ClamAV's reputation much good if they see some other antivirus product > > identify a file as "Sobig.F.dam" and ClamAV doesn't identify it at all. > > Such people are not necessarily interested in the finer details of > > whether the thing is actually dangerous or not - they just see that > > ClamAV didn't catch it (whatever it is), whereas antivirus product X did, > > therefore product X must be better :) > > On the contrary, if it is not dangerous and ClamAV does not detect it > and product X does, then ClamAV is superior as Product X has just > generated a false positive!
Technically I agree with you, however this is not the way marketing people think, and it is not even necessarily the way the everyday user thinks. I certainly agree that false positives generated by files which are wanted must be avoided at all costs, however it's not as clear to me that blocking a broken virus sample is a false positive, since there's no good reason for sending such a file on to the end user anyway. When it comes down to it, if we can let the end users receive the files they want, and prevent them receiving the files they don't, that is a good result. Broken viruses in my opinion fall into the "files they don't want" category. Regards, Antony. -- How should I know if it works? That's what beta testers are for. I only coded it. - Linus Torvalds ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
