On 1/9/06 11:18 AM, "John Jolet" <[EMAIL PROTECTED]> wrote:
> I guess the point here (and I agree with it) is the concept of > defense in depth. Even if my server is scanning, why shouldn't my > client go ahead and scan? just think how hard viruses would have to > work if EVERY process that touched the email scanned it for viruses, > or other assorted malware (as deemed appropriate by the controlling > admin)? You are right...you shouldn't HAVE to scan at the > client...but then again, you shouldn't HAVE to run an os that allows > the behaviors in which viruses engage... oh, wait, there's only one > that does.... We strongly urge our users to scan. Not only do they (by definition) scan at least a little later than we do, they are also very likely to scan using some other product than we use. Second Opinions are valuable in medicine...they're also valuable here. All the OSs *can* be attacked in virus/worm/spyware ways. However, life is made very easy for the bad guys by the fact that the one OS with the huge market share is the same one written initially with no thought to security at all, as were the supplier's user programs. [I'm Outlook Express a few years ago. A MIME part comes in claiming to be a sound...that's nice, I'll play it. Oh...it's a .exe: that means to play it I have to run it. Why is my human so angry?] Why bother attacking the others when the most damage is done by attacking the easy one? If market share shifts, the situation will change. --John _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
