On Jan 27, 2005, at 11:29 AM, Tomasz Kojm wrote:
On Thu, 27 Jan 2005 11:27:00 -0500 Adam Tauno Williams <[EMAIL PROTECTED]> wrote:
Just my two cents - I agree with the other guy. CLAM should blocks virii and worms, and leave SPAM to something else. Just think of the
Phishing IS NOT spam! Is that really so hard to understand?
As I understand it it doesn't execute code on the computer or spread to other systems without intervention either.
This entire thread is degenerating...it was hashed and rehashed already. The ultimate decision goes to the Clam developers, and I believe they already decided it. Everything that's bad would be blocked, so end users could live with it or use a different product. Our Windows computers are slowly being migrated to static images using Deep Freeze, and if users decide to hand out their bank account info without stopping to think that maybe they shouldn't give out sensitive information we couldn't really stop them.
I would have thought it would be more of a burden eventually to keep up with HTML messages going out to people asking for info along with the binary executables containing viruses so the scanner could catch them both, but oh well. Maybe the UNIX-ish philosophy of specialized applications working together to accomplish goals is giving way to the more common Windows throw-everything-together mindset. Maybe it's overlapping jobs. This is certainly the way commercial AV's go about it now. I've seen all sorts of hits on crap from the web cache on Windows machines...why? Because the AV is hitting stuff the latest update to Spybot is hitting now. And Ad-Aware/Spybot/etc. are hitting some mail viruses. But it doesn't matter. The Clam people made their decision, and the end user benefits from it, even if it does overlap with other systems in place for guarding against phishing/spam. If a developer really resents it, they could fork the project. Personally, I see having three programs doing the same thing as just bloat; phishing is annoying, hit delete or configure the spam filter to get it. Others see it as having three systems increasing the chances of catching new crap as it comes out. I'm tired of fighting with it and tired of the "administrators" who never turn off their collateral damage-causing "you sent me a virus!" notifications. End users don't see any difference though, so companies pander to this mindset of protecting people from all that's potentially bad, period.
Regardless, If the developers wish to get input from users on the issue and are considering it one way or the other, then maybe a thread like this would be useful. As it stands, discussing it again accomplishes nothing, and will inevitably lead to flames and arguments that still...accomplish...nothing. Except sarcastic comments like mine about submitting win.com as a signature.
If all this crap has evolved to the point where spyware/trojans/phishing/spam are now one thing (magical MalWare! Software that's just *bad!*), then maybe someone should come up with a new email network that can truly work so we don't get this junk anymore, period. Email was never meant for the five meg "look at the pictures!" attachments. It wasn't meant for emailing programs to one another. Does it really need to be a proxy for web pages by emailing people all this html-formatted crap that makes dancing images appear while compromising Explorer? We can't even get people to stop with top posting or formatting email in a way that makes it easy to read, without twenty embedded sigs or munged headers. We even have these sigs saying that the contents of the message are confidential meant only for the named recipient and if you get it in error...huh? I already read the message! What good is that?! It's not even been tested in the courts as binding! Why are you wasting ten lines of space at the end of every message telling me this?? It's the EULA of email...no one even reads them anymore. Start an email network that uses clients with embedded encryption. Voila', no more accidental reading. Even makes it safer in transit.
Whew...I'm going to go lay down before I have an aneurism.
_______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
