On Wed, Mar 12, 2014 at 4:48 PM, Paul Kosinski <cla...@iment.com> wrote:
> I'm not worried about dependency on external libraries per se. I just
> want to know *why*? With libz and libz2, it's pretty obvious, with
> SSL, it's not clear.
>
> Decrypting encrypted data while scanning would need the key. Is the
> idea to crack open encrypted malware which comes with its own key?
> That would be great. Is the idea to do Man-in-the-Middle AV in an
> enterprise environment? Unethical if done without notification.
> Somehow locking up ClamAV usage ("Tivoing"). Not very nice.
Hey Paul,
We're currently only using the hashing functionality in OpenSSL, nothing
else. Additionally, planned work in Freshclam will depend on OpenSSL.
Thanks,
Shawn
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
