Date: Wed, 23 Mar 2016 12:08:08 -0500 (CDT) From: "Valeri Galtsev" <galtsev@kicp.uchicago.edu> To: "Olivier Nicole" <Olivier.Nicole@cs.ait.ac.th> Cc: galtsev@kicp.uchicago.edu, questions@freebsd.org Subject: Re: Anti-virus for FreeBSD Message-ID: <48414.128.135.52.6.1458752888.squirrel@cosmo.uchicago.edu> In-Reply-To: <wu77fgtnazi.fsf@banyan.cs.ait.ac.th> References: <wu77fgtnazi.fsf@banyan.cs.ait.ac.th>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, March 22, 2016 10:12 pm, Olivier Nicole wrote: > Valeri, > >> Now, think about your users whose files, with potentially >> confidential information will be accessible to proprietary code created >> by/for one or the other intelligence agency (I don't distinguish here >> KGB, >> CIA, MI-6, Siguranza,...) > > The files are accessible to anti-virus code created by a private > company. So what? > > Do you really think they will scan the files to change their contents? > > - they will not be able to report any finding, because I have a tight > policy on the mail server. > > - they will not be able to change the files because I run the anti-virus > from amavis, amavis provides a copy of the files for virus checking > and all cares about is a return status saying clean or infected, the > files that have been checked are discarded. > > So, they can be KGB or whatever, as long as they do the job... Oh, well, I didn't mean to be harsh on you on account of using Kasperski stuff, so sorry if it came out that way. However, to scan something with _that_ antivirus, you have to run their binary code on one of your machines, right? Of course, one can feel awfully smart (what!, say, I'm running some code on some system that does nothing else but that code, and has no way to talk to anything apart from getting what to scan and returning scanned...). I myself to the contrary prefer to consider myself stupid when security of my boxes and privacy of my users are concerned. So stupid that I can easily be outsmarted by any of CIA, KGB, MI-6 and alike. Which definitely is 100% true, they easily will outsmart me having all their resources. So I just try to keep away from anything that potentially could have been touched by their hands. That's the only thing I tried to say, and apparently failed ;-) Valeri ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48414.128.135.52.6.1458752888.squirrel>