OSNews: http://www.osnews.com/story/26094/ClamAV_leader_leaves_the_project Exploring the Future of Computing en-us Copyright 2001-2013, David Adams adam+nospam@osnews.com Thu, 23 May 2013 07:45:44 GMT http://www.osnews.com/images/osnews.gif OSNews.com http://www.osnews.com Bullshit http://www.osnews.com/thread?522971 http://www.osnews.com/thread?522971
ClamAV is now mature software and we are confident that Sourcefire will successfully continue its development, move it forward and maintain the integrity of its infrastructure.


Bullshit. Last time I've tried to use "nautilus-clamscan" in Ubuntu 12.04 it was broken as shit. That's far from being "mature". Tue, 19 Jun 2012 23:41:00 GMT donotreply@osnews.com (tuma324) Comments RE: Bullshit http://www.osnews.com/thread?522973 http://www.osnews.com/thread?522973
Bullshit. Last time I've tried to use "nautilus-clamscan" in Ubuntu 12.04 it was broken as shit. That's far from being "mature".


Nautilus-clamscan is not a ClamAV project, so its maturity is completely irrelevant to ClamAV's maturity. Besides, ClamAV is mostly used on e-mail systems and my experience tells me it works great.

But I'm curious: what didn't work in nautilus-clamscan? Wed, 20 Jun 2012 00:28:00 GMT donotreply@osnews.com (Sodki) Comments RE[2]: Bullshit http://www.osnews.com/thread?522974 http://www.osnews.com/thread?522974 After installing nautilus-clamscan and right clicking on a directory (or something else), it simply would not show the option to scan things. Wed, 20 Jun 2012 01:02:00 GMT donotreply@osnews.com (tuma324) Comments RE[3]: Bullshit http://www.osnews.com/thread?522976 http://www.osnews.com/thread?522976 Oh my...
So you didn't even get to the point of using the program.

My experience with clamscan was when my windows installation quit working. Thinking it could have been a virus, I ran the scanner on the whole partition, from my working linux partition.
That was taking too long on my poor netbook, I ^C'ed it and just reinstalled windows.

It didn't find anything in those two hours, but neither did a full MS Security Essentials scan. I guess it's ok.Edited 2012-06-20 01:29 UTC Wed, 20 Jun 2012 01:22:00 GMT donotreply@osnews.com (Vaettir) Comments RE[4]: Bullshit http://www.osnews.com/thread?522979 http://www.osnews.com/thread?522979 That's right, here are some bug reports for that issue:

https://bugs.launchpad.net/ubuntu/+source/nautilus-clamscan/+bug/360...
https://bugs.launchpad.net/nautilus-clamscan/+bug/601255 Edited 2012-06-20 02:21 UTC Wed, 20 Jun 2012 02:12:00 GMT donotreply@osnews.com (tuma324) Comments A good idea, I suppose. http://www.osnews.com/thread?522983 http://www.osnews.com/thread?522983 ClamAV always seemed like a nice idea to me. It's relatively small, freely distributable, and the Linux version is supposed to have decent detection rates; it probably makes a nice addition to a system rescue toolset, especially since you can run it from SystemRescueCD or such... As opposed to needing a live CD from the antivirus vendor, which will probably be running kernel 2.6.18 and Xorg 6.8, and completely incapable of running with your video card or mobo chipset.

Also I like that it doesn't try to be an on-access AV solution. (Because on-access AVs are a poor substitute for practical knowledge of your OS, never mind actual software security.)

OTOH I haven't had the opportunity to put it to serious use yet. I'd be interested to hear how well it does detecting some of the nastier varieties of common malware - MBR rootkits for instance. Wed, 20 Jun 2012 04:05:00 GMT donotreply@osnews.com (Gullible Jones) Comments RE: A good idea, I suppose. http://www.osnews.com/thread?523003 http://www.osnews.com/thread?523003 It works really well for email servers, lots of addition spam/scan detecting definition files available too.

For detecting virusses on desktop machines it is less useful.

The problem is it doesn't have an automatic scan on file use function (like pretty much any commercial scanner) so people don't use it on a daily basis.

Because people don't use it on a daily basis, they don't get as many virus submissions as the commercial products.

If an automatic virus scanner was created for clamwin (probably the best known open source project which produces a windows program based on clamav) then it could pick up pretty fast.
Now that in the last few years there are some commercial products which also have a free version I chance of clamwin geting a really large installed base is even slimmer.

An other reason why clamav on the desktop is less useful is because all desktop anti-virus software have become less useful.

New virusses variants are generated with automated tooling every couple of minutes and then the virusses are send over the Internet through email and all the other infection channels.

And most anti-virus software can't really detect all these new variants. There are more variants created than the virus scanner companies can track let alone create definitions for.

The virus creators have found ways to create variants which the anti-virus software creators haven't found a way to detect variants for. So each variants needs a seperate definition.

The anti-virus companies have lost the battle.

Maybe I should give an example, recently I found a virus and I uploaded it to http://virustotal.com/ and http://virscan.org/ pretty much no virusscanner recognized it.

Only some scanners which I had previously never heared of. All the big brands did not recognise it.Edited 2012-06-20 10:02 UTC Wed, 20 Jun 2012 09:57:00 GMT donotreply@osnews.com (Lennie) Comments RE[3]: Bullshit http://www.osnews.com/thread?523095 http://www.osnews.com/thread?523095 So, you installed a Nautilus plugin, and the Nautilus plugin didn't show the option for ClamAV, thus it's the fault of the ClamAV developers that the Nautilus plugin failed to install correctly?

That's some twisted logic you got going on there. Wed, 20 Jun 2012 22:55:00 GMT donotreply@osnews.com (phoenix) Comments RE[2]: Bullshit http://www.osnews.com/thread?523111 http://www.osnews.com/thread?523111 Agreed. I wouldn't consider ClamAV a desktop A/V solution. However I have used it on my mail server for about 2 years now, and it works like a charm! Thu, 21 Jun 2012 00:57:00 GMT donotreply@osnews.com (dnstest) Comments