On 6/24/14, 9:16 PM, Al Varnell wrote:
That’s certainly a valid question and deserves a ClamAV® answer, but I’ll throw
this comment out.
The signature team has always been overwhelmed by the number of new samples it
receives every day and even though the team is bigger today, so is the input.
They established a third party signature contribution system a few months ago
and I’m sure part of the reason is to try to reduce what is apparently a
growing backlog of samples which require manual signature writing. If those
with the ability to write quality signatures and contribute them to this
project can do so, we will all benefit from this. I don’t blame the team for
trying to promote this new means of community contributions.
It would appear that Steve is in a unique position here, in that he has his own
UNOFFICIAL signature databases to contribute as well as the apparent skills to
write them on his own. Obviously there is a much larger user base for official
set so contributions there would be of broader benefit, yet he runs his own
services to the community. Something he’ll need to consider and decide on his
own.
Just my two cents.
-Al-
Al Varnell
Mountain View, CA
I don't blame them either but the arrangement is that of peers. Why set some of
them up as unofficial? Why put a limit on the very resource (2 submissions per
day) that that people need to make the product useful? Run all the submitted
signatures through the same QA process and stamp them official. Create a
signature writer's certification test to help streamline the submission process
so qualified people can include a sig with the submission. And they can answer
the earlier question, "How can we make the process better?"
It wouldn't hurt to have a youtube video that shows admins how to generate
simple day 0 check sum sigs that they can deploy locally while waiting for a
Cisco/SourceFire signature. In fact the submission process generates a checksum
that just needs to be captured to a file.
dp
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
