From owner-freebsd-questions@freebsd.org Wed Mar 23 17:08:09 2016 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B6238ADB451 for ; Wed, 23 Mar 2016 17:08:09 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id A4B731AB2 for ; Wed, 23 Mar 2016 17:08:09 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: by mailman.ysv.freebsd.org (Postfix) id A059AADB450; Wed, 23 Mar 2016 17:08:09 +0000 (UTC) Delivered-To: questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9FF19ADB44F for ; Wed, 23 Mar 2016 17:08:09 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from cosmo.uchicago.edu (cosmo.uchicago.edu [128.135.70.90]) by mx1.freebsd.org (Postfix) with ESMTP id 81C141AB1 for ; Wed, 23 Mar 2016 17:08:09 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: by cosmo.uchicago.edu (Postfix, from userid 48) id 2B30FCB8CB3; Wed, 23 Mar 2016 12:08:08 -0500 (CDT) Received: from 128.135.52.6 (SquirrelMail authenticated user valeri) by cosmo.uchicago.edu with HTTP; Wed, 23 Mar 2016 12:08:08 -0500 (CDT) Message-ID: <48414.128.135.52.6.1458752888.squirrel@cosmo.uchicago.edu> In-Reply-To: References: Date: Wed, 23 Mar 2016 12:08:08 -0500 (CDT) Subject: Re: Anti-virus for FreeBSD From: "Valeri Galtsev" To: "Olivier Nicole" Cc: galtsev@kicp.uchicago.edu, questions@freebsd.org Reply-To: galtsev@kicp.uchicago.edu User-Agent: SquirrelMail/1.4.8-5.el5.centos.7 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Mar 2016 17:08:09 -0000 On Tue, March 22, 2016 10:12 pm, Olivier Nicole wrote: > Valeri, > >> Now, think about your users whose files, with potentially >> confidential information will be accessible to proprietary code created >> by/for one or the other intelligence agency (I don't distinguish here >> KGB, >> CIA, MI-6, Siguranza,...) > > The files are accessible to anti-virus code created by a private > company. So what? > > Do you really think they will scan the files to change their contents? > > - they will not be able to report any finding, because I have a tight > policy on the mail server. > > - they will not be able to change the files because I run the anti-virus > from amavis, amavis provides a copy of the files for virus checking > and all cares about is a return status saying clean or infected, the > files that have been checked are discarded. > > So, they can be KGB or whatever, as long as they do the job... Oh, well, I didn't mean to be harsh on you on account of using Kasperski stuff, so sorry if it came out that way. However, to scan something with _that_ antivirus, you have to run their binary code on one of your machines, right? Of course, one can feel awfully smart (what!, say, I'm running some code on some system that does nothing else but that code, and has no way to talk to anything apart from getting what to scan and returning scanned...). I myself to the contrary prefer to consider myself stupid when security of my boxes and privacy of my users are concerned. So stupid that I can easily be outsmarted by any of CIA, KGB, MI-6 and alike. Which definitely is 100% true, they easily will outsmart me having all their resources. So I just try to keep away from anything that potentially could have been touched by their hands. That's the only thing I tried to say, and apparently failed ;-) Valeri ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++