On Thu, Dec 04, 2003, Christoph Cordes <[EMAIL PROTECTED]> wrote:Agreed. Completely.
Thursday, December 4, 2003, 8:31:11 PM, you wrote:
BB> How much you want to bet that they either #1 didn't bother to update the BB> definitions #2 aren't telling people that they have some sort of connection BB> or agreement with one of the big vendors? This like FUD to the extreme. I BB> run ClamAV alone here and it has yet to let a single virus through.
What kind of agreement do you think of? heise.de is one of the most reliable sources for it-related news in germany. And they mentioned that you can�t compare an OS-Project that is still under heavy development (alpha-stage as they called it) with a commercial product that was made by some big company with tons of manpower and money. ClamAV is gettin better every day, with every signature and every line of code. Still it�s far away from being a real challenger to the "big" av-products - but i�m sure - we have seen nothing yet ;-)
If you want to blame someone just blame web.de. As one of the biggest Freemailprovider with hundreds of thousands accounts it was their mistake not to evaluate it better. as a matter of fact many of their customers complain about false positives and no option to turn it off.
IMO, this could be the worst part. False positives are absolutely horrible.
Me too (tm).
We should find out which emails were found as false positives and fix the signature as appropriate.
I haven't seen any false positives with ClamAV, but then again the load on the systems I've used are relatively low compared to web.de.
Yep, the 0.65 release was a really great leap towards stability. Perhaps someone from web.de could sched some light on the system configuration clamav is run in?
Just see it like this: Clam was able to fight in a heavyweight-enviroment - so you can see the code is pretty stable and able to handle realy big loads. :-)
This is very good from a code stability standpoint.
Well, they (heise/Mr. Marx) did _not_ blame clamav for it's small database. They blamed it for not finding in-the-wild viri, and this is not something to treat lightly.
Oh - and of course there are viruses that can�t be recognized by clam - tons of them, but it�s only a matter of time....
I'd argue that many of those viruses are insignificant. There are very clear parallels between these viruses and say smallpox. No one cares about it anymore because it's all but extinct.
Who cares if ClamAV can't detect viruses that haven't been seen in more than decade?
I haven't had any incident of clamav letting a _real_ virus through (only some _damaged_ SOBIGs), though.
I just mailed Mr. Marx directly (and in German), trying to get the list of those uncatched in-the-wild viri, and trying to convince him to submit them to the maintainer team. Besides having a better signature DB then, perhaps we could get heise to publish a "good" (read: better) article about clamav.
Thomas
JE
------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
