From owner-freebsd-questions@freebsd.org  Thu Mar 24 04:41:03 2016
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id A9076ADC0A9
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Thu, 24 Mar 2016 04:41:03 +0000 (UTC)
 (envelope-from Olivier.Nicole@cs.ait.ac.th)
Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::50:5])
 by mx1.freebsd.org (Postfix) with ESMTP id 8F25D1DD3
 for <freebsd-questions@freebsd.org>; Thu, 24 Mar 2016 04:41:03 +0000 (UTC)
 (envelope-from Olivier.Nicole@cs.ait.ac.th)
Received: by mailman.ysv.freebsd.org (Postfix)
 id 8E770ADC0A8; Thu, 24 Mar 2016 04:41:03 +0000 (UTC)
Delivered-To: questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8E185ADC0A7
 for <questions@mailman.ysv.freebsd.org>; Thu, 24 Mar 2016 04:41:03 +0000 (UTC)
 (envelope-from Olivier.Nicole@cs.ait.ac.th)
Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 44E1E1DD2
 for <questions@freebsd.org>; Thu, 24 Mar 2016 04:41:03 +0000 (UTC)
 (envelope-from Olivier.Nicole@cs.ait.ac.th)
Received: from mail.cs.ait.ac.th (localhost [127.0.0.1])
 by mail.cs.ait.ac.th (Postfix) with ESMTP id D1882D7883;
 Thu, 24 Mar 2016 11:41:00 +0700 (ICT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.ait.ac.th; h=
 content-type:content-type:mime-version:message-id:date:date
 :in-reply-to:subject:subject:from:from:received:received
 :received; s=selector1; t=1458794459; x=1460608860; bh=y22ePWWon
 2k0UsJgZAoZDBhOsEDpX/vT7wdkyoyeX1U=; b=S4hV19n1PbTx2jhQDjHJPGqwF
 TTIK7SDmfr8o2Hf3v9b2jrK8uCa2tU7Hsf8Spd8WXZ4ReI0/4tMv+kIjX/tmDyjB
 dyHncRDVjFRkHuBjlwH2KD0y7m7xX+c1JRXmD1TYiqlF9dImg9wn8yZv2GDftTBC
 FdOmrAWkB5U/LuW+FY=
X-Virus-Scanned: amavisd-new at cs.ait.ac.th
Received: from mail.cs.ait.ac.th ([127.0.0.1])
 by mail.cs.ait.ac.th (mail.cs.ait.ac.th [127.0.0.1]) (amavisd-new, port 10026)
 with ESMTP id x7QgufRGmvbE; Thu, 24 Mar 2016 11:40:59 +0700 (ICT)
Received: from banyan.cs.ait.ac.th (banyan.cs.ait.ac.th [192.41.170.5])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mail.cs.ait.ac.th (Postfix) with ESMTPS id 8F59FD7881;
 Thu, 24 Mar 2016 11:40:59 +0700 (ICT)
Received: (from on@localhost)
 by banyan.cs.ait.ac.th (8.15.2/8.15.2/Submit) id u2O4evCI046181;
 Thu, 24 Mar 2016 11:40:57 +0700 (ICT)
 (envelope-from on@banyan.cs.ait.ac.th)
From: Olivier Nicole <Olivier.Nicole@cs.ait.ac.th>
To: galtsev@kicp.uchicago.edu
Cc: ws@au.dyndns.ws, kraduk@gmail.com, questions@freebsd.org
Subject: Re: Anti-virus for FreeBSD
In-Reply-To: <62985.128.135.52.6.1458748953.squirrel@cosmo.uchicago.edu>
 (galtsev@kicp.uchicago.edu)
Date: Thu, 24 Mar 2016 11:40:57 +0700
Message-ID: <wu7d1qkzdwm.fsf@banyan.cs.ait.ac.th>
MIME-Version: 1.0
Content-Type: text/plain
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Mar 2016 04:41:03 -0000

Valeri,

> Partly to toss some more fuel into the fire ;-) and partly to discourage
> too harsh judgement of "some anti-vurus software not catching some
> viruses" (or should I say virii as a plural of Latin word virus?)

I feel like bit of trolling :)

> First of all, the whole anti-virus approach is fundamentally flawed. In
> fact, you can not enumerate bad (what anti-virus is trying to do). You
> only can enumerate good and prohibit everything else. So, don't be too
> harsh on those [anti-viruses] that miss some of evil things sometimes:
> remember, they are trying to do the task that is fundamentally flawed.

And in the best of the wolrd, no one would be temptent to send viruses
(I doubt anyone uses virii, or else, they also call the veeroos, not
vayras).

In the real world, you need to let the information flaw, so you have to
take some risk. While a deny default is the best policy, it is not
always possible to enforce.

> Second, the very existence of Windows viruses is based on architecture
> flaws of MS Windows system IMHO.

I understand that there is a good share of viruses for Android nowdays,
does that mean Android is build on to of Windows :)

> Of course, most of us have to use and
> maintain that system in a course of fulfilling our job duties; that can
> not prevent us from having some attitude. Based on which I would
> discourage running for your Unix/Linux mail server virus scanning software
> on Windows machine.

And that is why I am looking for an Av that run on freeBSD :)

Best regards,

Olivier