Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 23 Mar 2016 12:08:08 -0500 (CDT)
From:      "Valeri Galtsev" <galtsev@kicp.uchicago.edu>
To:        "Olivier Nicole" <Olivier.Nicole@cs.ait.ac.th>
Cc:        galtsev@kicp.uchicago.edu, questions@freebsd.org
Subject:   Re: Anti-virus for FreeBSD
Message-ID:  <48414.128.135.52.6.1458752888.squirrel@cosmo.uchicago.edu>
In-Reply-To: <wu77fgtnazi.fsf@banyan.cs.ait.ac.th>
References:  <wu77fgtnazi.fsf@banyan.cs.ait.ac.th>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

On Tue, March 22, 2016 10:12 pm, Olivier Nicole wrote:
> Valeri,
>
>> Now, think about your users whose files, with potentially
>> confidential information will be accessible to proprietary code created
>> by/for one or the other intelligence agency (I don't distinguish here
>> KGB,
>> CIA, MI-6, Siguranza,...)
>
> The files are accessible to anti-virus code created by a private
> company. So what?
>
> Do you really think they will scan the files to change their contents?
>
> - they will not be able to report any finding, because I have a tight
>   policy on the mail server.
>
> - they will not be able to change the files because I run the anti-virus
>   from amavis, amavis provides a copy of the files for virus checking
>   and all cares about is a return status saying clean or infected, the
>   files that have been checked are discarded.
>
> So, they can be KGB or whatever, as long as they do the job...

Oh, well, I didn't mean to be harsh on you on account of using Kasperski
stuff, so sorry if it came out that way.

However, to scan something with _that_ antivirus, you have to run their
binary code on one of your machines, right? Of course, one can feel
awfully smart (what!, say, I'm running some code on some system that does
nothing else but that code, and has no way to talk to anything apart from
getting what to scan and returning scanned...). I myself to the contrary
prefer to consider myself stupid when security of my boxes and privacy of
my users are concerned. So stupid that I can easily be outsmarted by any
of CIA, KGB, MI-6 and alike. Which definitely is 100% true, they easily
will outsmart me having all their resources. So I just try to keep away
from anything that potentially could have been touched by their hands.
That's the only thing I tried to say, and apparently failed ;-)

Valeri

++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?48414.128.135.52.6.1458752888.squirrel>