I think you vastly overestimate the size of the audience that has that problem.
— Sent from my iPad > On Mar 16, 2022, at 16:23, Bowie Bailey via clamav-users > <clamav-users@lists.clamav.net> wrote: > > On 3/16/2022 12:35 PM, G.W. Haywood via clamav-users wrote: >> Hi there, >> >>> On Wed, 16 Mar 2022, Bowie Bailey via clamav-users wrote: >>> On 3/16/2022 10:09 AM, Joel Esler via clamav-users wrote: >>>> On Mar 16, 2022, at 5:35 AM, Gary R. Schmidt <grschm...@acm.org> wrote: >>>>> On 16/03/2022 20:19, Christoph Moench-Tegeder via clamav-users wrote: >>>>>> ## Joel Esler via clamav-users (clamav-users@lists.clamav.net): >>>>>>> >>>>>>> Can’t use wget. >>>>>> >>>>>> Looks like "can't use anything which doesn't look like a web browser", >>>>>> as BSD fetch hits the 403, too. >>>>>> That's a major PITA on the BSD side (just like openSuse), but it >>>>>> was working just fine at the time of the 0.104.2 release (and all >>>>>> the time prior to that). Is there any reason behind making the source >>>>>> (not talking about the database files) inaccessible like that? >>>>> >>>>> Hanlon's Razor: "Never attribute to malice what can be adequately >>>>> explained by neglect, ignorance, or incompetence." >>>>> >>>>> With the added FLOSS variant, "or trying to show just how much smarter >>>>> they are than everybody else.” >>>> >>>> It was done because there are people that download the entire ClamAV >>>> package from the same every every 1 minute and do a complete reinstall. >>> >>> Why not simply block the IP addresses that are doing excessive downloads? >>> There can't be that many people who are doing constant rebuilds. >>> >>> The system I use for building ClamAV has no GUI. I download the files by >>> grabbing the URL from my desktop and then pasting it into a wget on the >>> build machine. Am I going to have to make wget spoof its user-agent every >>> time I need to update ClamAV? ... >> >> I don't see much in the way of sympathy for a company that spends good >> money on a content delivery network in order to provide a FREE service >> to the community, only then to take flak from that same community when >> they are obliged to prevent literally hundreds of thousands of what I >> can only describe as scrotes from flagrantly abusing the service. > > That was my point. They are inconveniencing their users with a change that > is unlikely to slow down these abusers for any length of time. > >> Before grumbling about the implementation of the solutions, would it >> not at least be reasonable to find out what the problems are? > > I understand the problem. I just don't see this as a good solution. > >> How often do you update ClamAV? It must be all of a thirty-second job >> to write a user agent string, and e.g. pop it in a 'bash' alias. > > And all of the people who are doing excessive downloads will spend the same > 30 seconds and then be back in business. So what has been gained? A few > days or weeks of reduced server load until they all update their scripts and > then you are right back where you started. > > At the same time, every ClamAV user (new or existing) that wants to download > from the command line will have to spend time figuring out why they are > getting errors trying to download from the published links. Since this > software is designed to be used on a server, that will probably be a decent > percentage of the user base who are all going to have to figure out this > undocumented issue (since documenting the work-around would kind of defeat > the point). I would bet that quite a few prospective new users will simply > give up on ClamAV and assume the website is broken when they keep getting > "403 forbidden" on the downloads. > > -- > Bowie > > _______________________________________________ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
