On Apr 16, 2010, at 3:18 PM, Giampaolo Tomassoni wrote:
The ClamAV team have commanded old versions of its product to stop
working.
I would not describe what they did that way.
Older versions of clamd were going to crash on signatures that newer
versions would accept, and the devs have been prevented for at
least 6
months from using that type of signature. They have posted since then
for
people to upgrade.
When they did was publish this type of signature (has to do with
length,
greater than about 900bytes), where the signature itself is an error
message, so when the program dumped the signature the error would be
displayed.
That's all, not a kill switch as such, but using a known bug to
deliver
a
message, rather than have it just bomb out with a hex dump when they
tried
to use a larger signature.
They could prevent these old systems from being updated at all. It was
really simple and nobody would get hurt.
Giampaolo
You miss the point. It was not up to them to protect you from
yourself. It was THEIR decision, and one they have a right to
exercise, that they can NOT AFFORD to support old versions and
accomplish what they want with current and future development. Could
they have done it differently, yes, should they have? That is up to
them. Since this was 6 months in coming it was not a rash and
impulsive decision.
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
