[clamav-users] Database updated over unencrypted connection?
Franky Van Liedekerke
liedekef at telenet.be
Fri Mar 15 11:53:26 EDT 2019
Op Vrijdag, 15-03-2019 om 16:04 schreef instaham--- via clamav-users:
> Leonardo Rodrigues wrote:
> > the databases are digitally signed, and any modification, such in
> > a man-in-the-middle attack, would break the signature and freshclam
> > would refuse to run the files.
> Sounds good. Can you please explain how this works in detail?
> Apt places GPG keys in the system and uses them to verify downloaded
> It doesn't seem that ClamAV placed any GPG keys in my system. So how is
> the verification happening?
I wonder why the http/https discussion is still relevant. Almost all sites use https now, http is getting slowly banned and a lot of companies just don't want to allow incoming http traffic towards a server. Certifcates cost nothing anymore (you have free ones), so that's no longer an issue too. And the cpu issue might've been relevant years ago, but it shouldn't be now (offloading https to a high-performant frontend server can help if you really have issues).
Just my 2 cents here ...
More information about the clamav-users