> I have to join Marc here and say "me too". In my organisation we > actually have those controls in place (antivirus/antimalware) in the > Internet gateways and we do not disable them for specific traffic > flows unless a detailed risk analysis has been done (and approved).
Personally I disagree with this approach as you are making the gateways themselves more open to attack adding risk to all rather than the targetted, especially when antivirus are so easy to fool anyway. A mistake Blackberry has made whilst their devices weren't bad security wise. However this is in no way a reflection on whether I think it should be allowed but I will throw in that. There are many perfectly legitimate hacking tools that may hit the repo that AV will pickup (backtrack distro has many) but also is their any danger of av browser plugins and google even blocking debian.org. -- _______________________________________________________________________ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) In Other Words - Don't design like polkit or systemd _______________________________________________________________________ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/217794.98687...@smtp110.mail.ir2.yahoo.com