On Mon, 15 Nov 2004, Bart Silverstrim wrote: > ...if you're going to start moving it into another direction, it may be > best to fork that and leave the original recipe alone until the new > direction...
I think you're overstating what the ClamAV team is trying to accomplish here. Forget the "slippery slope" and look at what they're actually doing. > Some messages talk about using "real time scanning" on file > access...would that have use of scanning for phishing attacks on home > directory contents? No more than scanning for nearly everything else Clam scans for... > Personally I don't like the idea of protecting users from their own > stupidity... As a sys admin, this is part of my job. A large portion of my userbase is unsophisticated, and a philsophical argument about why they need to learn to protect themselves wouldn't fly with the boss. Again, I don't have any problem with Julian's basic premise, but I think this discussion has shown that we can't even agree on what "social engineering" means. Given that, maybe adding a flag that allows you to ignore signatures with certain prefixes makes sense, but I don't see the benefit of putting too much effort into being overly specific about the specific path a virus takes from unsolicited e-mail to user hard drive. Jeffrey Moskot System Administrator [EMAIL PROTECTED] _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
