On 10/3/14 8:10:24AM, Mark Allan wrote:
On 3 Oct 2014, at 03:39 pm, Gene Heskett <ghesk...@wdtv.com> wrote:
On Friday 03 October 2014 07:19:13 Tim Smith did opine
Over the last 24-48 hours, I submitted a number of email attachments.
RAR files that contained viruses.
Running one or two of them through VirusTotal today, I see ClamAV have
*STILL* not managed to produce virus definitions for them !
All of the commercial vendors I submitted the samples to had analysed
and created samples in timeframes ranging from hours to one day.
At this rate I'm going to be dumping ClamAV from my systems and
subscribing to a service from a commercial vendor .....
Looking forward to hearing the reasons why !
Perhaps you should consider submitted them in a compressed file format
that is NOT proprietary to apple and which carries a per seat license fee?
Cheers, Gene Heskett
I'll admit that Tim's email rather reeked of entitlement, but Gene's response
is just confusing and wrong. Yes, the RAR file format is proprietary, but not
to Apple - it was a Russian named Eugene Roshal (Roshal ARchive hence RAR) who
came up with it and the licence is only required for creating files of that
format; software to extract RAR files is free.
Also, ClamAV already contains code to unRAR these archives.
Anyway, I digress from the original question.
The reason it takes time to generate signatures from files/samples which are
contributed by users is that the signatures are still generated manually by
humans, most of whom have other jobs and unless I'm mistaken are therefore
giving their time voluntarily. I've always found the turnaround time to be
pretty good actually, especially for free software.
Mark
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
From http://www.unrarlib.org/faq.html
Q: Do you know that the license for the unrar sources from RARLab is not
compatible with the GNU Public license?
A: Yes, this is true. But we have the permission from Eugene Roshal to
release unrarlib 0.4.0 under GPL and unrarlib-license. Note: this
doesn't mean that RAR is free now or you can use the unrar source from
RARlabs under GPL. You are just allowed to use UniquE RAR File Library
version 0.4.0 (unrarlib 0.4.0) under GPL.
A lot of people avoid RAR as a result.
dp
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
