On Fri, Nov 28, 2008 at 15:12, Paul Kosinski <[EMAIL PROTECTED]> wrote: > When I go to the download page for ClamAV at SourceForge, > I observe that the signature file ("clamav-0.*.*.tar.gz.sig") > is downloaded less than 10% of the time that the source code > ("clamav-0.*.*.tar.gz") is downloaded. I find this strange, > especially for anti-malware software, whose users presumably > think about security more than the average SourceForge visitor.
Some of that may be down to things like FreeBSD, where the package maintainer fingerprints the download when they prepare the package/port and it is that fingerprint that is checked when you install. -- Please keep list traffic on the list. Rob MacGregor Whoever fights monsters should see to it that in the process he doesn't become a monster. Friedrich Nietzsche Mark Twain - "It usually takes me more than three weeks to prepare a good impromptu speech." _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml