Chris Knight wrote:
>> 1) Release a new version that pulls updates from a new hostname.
2) Wait a couple of weeks, or even six months....
3) Shut down old servers,
4. Orphan *all* previous versions, including the still heavily used, and
valid, 0.95s which were released before the hostname change, not just the
buggy 0.94 and older.
What? Somebody was running .95 and not the absolute latest? Why
would anyone do that? I am in absolute shock. Shock and horror and
sarcasm. Yes, lots of sarcasm.
Forget it, it's been covered, and you'll never persuade this group of
people that a) there was any alternative, or b) that there was
anything ethically or legally wrong with the course of action they
did take. Also, when I suggested this, it was in some way interpreted
that I meant running two different upgrade servers/processes in
parallel.
There is one thing though, under step 3, it should have read "remove
old DNS entries"
As for orphaning 0.95 versions, lets take a look. According to an
earlier post, the bug report was filed in Feb last year. 0.95 was
released in march last year, and 0.95.2 in June last year.
Had they added another hostname to the DNS prior to the 0.95 release,
then not a single 0.95 release would have been affected. Had they
done it in June then only two versions, both more than 6 months old
would have been affected. It could have gone into 0.95.3 which was
released after the EOL announcement - and it would still have only
affected versions older than 6 months.
All this has been pointed out, and rubbished already.
Of course, they could have taken the precaution of adding new DNS
entries, and then not used them if they decided to take a different
course of action (such as issuing a poison pill ...
If anyone was running an old enough 0.95 version, then their software
wouldn't have died, they would have seen update errors in their logs,
and the fix would have been to change just one or two hostnames in
their freshclam.conf. As you point out, according to the ClamAV
supporters, they would have been idiots for using such old software,
and it would have been their fault - so why would the ClamAV team be
worried about that when they are happy to make other versions
actually stop running.*
The other 'reason' not to do that is an argument of "why should the
ClamAV team go to the effort and expense of changing the DNS ?", and
my suggestion that it would have cost next to nothing in both cash
and effort terms has been completely dismissed. The only argument put
forward being "you don't know what it costs to change a DNS entry" -
well actually I have a pretty good idea of the cost base for a number
of common scenarios.
* Oh yes, and some people are still clinging to an argument that the
ClamAV team did not stop any software from working. It's the sort of
argument that someone would use to claim he didn't poison his
neighbour's dog : he didn't give any poison to the dog, the dog took
it when he put it in a piece of meat and left it where the owner
takes the dog for a walk - so the dog took it, he didn't give it to
the dog. It's linguistic/logics gymnastics to try and get around the
fact that they misused the victims actions to cause harm rather than
going and directly causing that harm first hand - the motive and end
results were identical, only the means differs.
Actions designed to cause harm to a computer system, and a criminal
offence in the UK.
--
Simon Hobson
Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
