> On Apr 27, 2010, at 3:23 PM, Sarocet wrote: > > The ClamAV team didn't design the AV to stop on getting a special > > signature. That signature could exist due to a bug that you decided > > not to fix (by not updating/patching). It was a clever use of a bug > > to disable the daemon.
> You are right that the ClamAV team exploited this feature to notify > users that the format of the database was changing and giving a > descriptive message as to why the database failed to load. What they did was a bad call. They wilfully let freshclam download an update which they knew would crash the clamd service. It's a common trap to fall into. Devs, on their own list, always rise to near God-status: after all, they know everything about the program the best, and you, the user, are always 100% dependent on them. So, the step from "We know the program best." to just "We know best (for you)." is very small. At some point the clamav devs decided that they should force to make responsible admins out of all of us. It didn't suffice any more to just tell us, they felt the need to simply enforce it. In an act of gross self-aggrandisement they sabotaged many systems out there. Yes, those affected should have upgraded their system earlier. And they also should be on a diet, and not smoke, and exercise more. But, you know what? None of that was any of your business! Still isn't. Is it unwise to run a two-year-old anti-virus product? Probably. Is it any of your business? No. The sensible thing would have simply been for freshclam to stop pulling in new updates from set date, and log a warning each day or some such. Yet wilfully sabotaging services on another person's system was incredible arrogant and stupid; and in some countries probably illegal, too. - Mark _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
