On Sunday, July 10, 2005 12:48 PM [EDT], Damian Menscher wrote:
So yes, there's a huge amount of trust placed in the database
maintainers, and we have to hope they don't go bonkers on us. (Anyone
remember that spam RBL site that decided to announce they were going
to stop running by blacklisting the entire internet?)
<rant>
*ahem*
That was only done after people were told for months on end to stop
using the DNSbl since it was going away. They ignored the notice that
it was going away, and cost him severe amounts of bandwidth. So, to get
them to fix their servers and stop the waste, it was set as *
127.0.0.2.
I had to do that with blackholes.2mbit.com as well when we retired it.
Almost a year after people were told to STOP using it, they didn't. So
we * it all and watched them scream and yell. It worked though -
queries dropped from several hundred thousand per hour to a little over
200.
Its the fault of systems administrators not doing their jobs and keeping
their server configs up to date.
</rant>
Anyway, open source software is a bit less prone to this type of
corruption with the developers from my experience - theres no financial
gain for one of the developers to sabatoge the project like this. Even
if it were to happen, recovering from it is just a matter of getting a
new mirror setup and having people change the approprate settings.
This is one thing that generally isn't brought up in the closed source
vs open source debate - when you take away certain key factors in what
drives closed source software development, you tend to have better
products all around. They may not have the same smooth edges as say a
very popular commercial application, but at least you have the peace of
mind knowing that the software is under your control.
Most of the open source developers on our servers for hosting and
development tend to have pretty much free reign of the box in terms of
resources (except for root of course), whereas most of the regular users
and paid users are limited in what they can do.
But you guys get the idea - I have the utmost faith in the people who
work on ClamAV. Considering that I put out one of the Windows versions
of ClamAV, and provide some consulting services to support it on both
Linux and Windows, I need to have trust and faith in the people who
produce the software I stake my reputation on.
--
Brian Bruns
The Summit Open Source Development Group
http://www.sosdg.org / http://www.ahbl.org
_______________________________________________
http://lurker.clamav.net/list/clamav-users.html
