Quoting Simon Hobson <li...@thehobsons.co.uk>:
At 12:12 -0400 21/4/10, Christopher X. Candreva wrote:
> Knowingly disabling running software on computers that is not your own
is not acceptable. It is immoral, unethical and perhaps illegal.
But that's not what happened.
Yes, it is what happened... People are just confused because of all
the bogus complaints like "they shutdown my server" or "they shutdown
my email". But they did indeed shutdown clamd for some set of older
versions.
The **ONLY** defence I can think of is that they assumed an implicit
permission by virtue of the user running the update process to fetch
signature updates. That's a very tenuous thing to infer when pushing
an update that is so different in purpose to what would normally be
fetched.
Well, since you pull the updates (they are not pushed to you), and since
while this one signature was indeed "different in purpose" than the normal,
you have a point. But, this "different in purpose" signature was just
a way of warning that soon the "same in purpose" signatures _would_ stop
the software. Would you rather they just started pushing the "normal in
purpose signatures" that crashed it, or that they pushed a "different
in purpose" one first, where the "purpose" was to notify users of both
the issue, and how to fix it?
--
Simon Hobson
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
