From owner-freebsd-questions@freebsd.org  Thu Mar 24 15:02:20 2016
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 00ED5ADB673
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Thu, 24 Mar 2016 15:02:20 +0000 (UTC)
 (envelope-from galtsev@kicp.uchicago.edu)
Received: from mailman.ysv.freebsd.org (unknown [127.0.1.3])
 by mx1.freebsd.org (Postfix) with ESMTP id E40F61E47
 for <freebsd-questions@freebsd.org>; Thu, 24 Mar 2016 15:02:19 +0000 (UTC)
 (envelope-from galtsev@kicp.uchicago.edu)
Received: by mailman.ysv.freebsd.org (Postfix)
 id E3698ADB671; Thu, 24 Mar 2016 15:02:19 +0000 (UTC)
Delivered-To: questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id E3199ADB670
 for <questions@mailman.ysv.freebsd.org>; Thu, 24 Mar 2016 15:02:19 +0000 (UTC)
 (envelope-from galtsev@kicp.uchicago.edu)
Received: from cosmo.uchicago.edu (cosmo.uchicago.edu [128.135.70.90])
 by mx1.freebsd.org (Postfix) with ESMTP id C50D81E45
 for <questions@freebsd.org>; Thu, 24 Mar 2016 15:02:19 +0000 (UTC)
 (envelope-from galtsev@kicp.uchicago.edu)
Received: by cosmo.uchicago.edu (Postfix, from userid 48)
 id BC962CB8C94; Thu, 24 Mar 2016 10:02:18 -0500 (CDT)
Received: from 128.135.52.6 (SquirrelMail authenticated user valeri)
 by cosmo.uchicago.edu with HTTP;
 Thu, 24 Mar 2016 10:02:18 -0500 (CDT)
Message-ID: <30820.128.135.52.6.1458831738.squirrel@cosmo.uchicago.edu>
In-Reply-To: <wu77fgszdcm.fsf@banyan.cs.ait.ac.th>
References: <wu77fgszdcm.fsf@banyan.cs.ait.ac.th>
Date: Thu, 24 Mar 2016 10:02:18 -0500 (CDT)
Subject: Re: Anti-virus for FreeBSD
From: "Valeri Galtsev" <galtsev@kicp.uchicago.edu>
To: "Olivier Nicole" <Olivier.Nicole@cs.ait.ac.th>
Cc: galtsev@kicp.uchicago.edu,
 questions@freebsd.org
Reply-To: galtsev@kicp.uchicago.edu
User-Agent: SquirrelMail/1.4.8-5.el5.centos.7
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Mar 2016 15:02:20 -0000


On Wed, March 23, 2016 11:52 pm, Olivier Nicole wrote:
> Valeri,
>
>> However, to scan something with _that_ antivirus, you have to run their
>> binary code on one of your machines, right? Of course, one can feel
>> awfully smart (what!, say, I'm running some code on some system that
>> does
>> nothing else but that code, and has no way to talk to anything apart
>> from
>> getting what to scan and returning scanned...).
>
> Not to that extend, but the mail server does only mail.
>
>> I myself to the contrary
>> prefer to consider myself stupid when security of my boxes and privacy
>> of
>> my users are concerned. So stupid that I can easily be outsmarted by any
>> of CIA, KGB, MI-6 and alike. Which definitely is 100% true, they easily
>> will outsmart me having all their resources. So I just try to keep away
>> from anything that potentially could have been touched by their hands.
>> That's the only thing I tried to say, and apparently failed ;-)
>
> You did not failed. But :)
>
> If I have to have secured email, I will secure it on my workstation
> before I even pass it to the mail system.
>
> Why worrying about the anti virus being able to spy on my email if I am
> about to send it to the world (through many email relay that I have no
> control upon whatsoever) in clear text?

This is one thing in [system] security that we often tend to overlook.
Penetration happens one tiny little step at a time. Say, you are running
[some untrustworthy] code on your machine (or system) solely dedicated to
scanning mail. You feel safe about mail. But you already let some
potentially unfriendly one to run his code on your system. One tiny step
on his part is already achieved with your consent. This is what I was
trying to say. We used to say about security part of our sysadmins duties:
paranoia is in my job description. And I apparently failed to stress it
enough. It looks like I definitely had much better in that respect
teachers than I can be (well, not thinking of myself as a teacher, but a
person trying to pass the point along).

Valeri

>
> If the message is dully encrypted, then the anti virus, nor any bad guy
> should be able to spy on it. If the message is clear text, I must not
> worry too much about the privacy of its contents.
>
> Best regards,
>
> Olivier
>
>
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe@freebsd.org"
>


++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++