[clamav-users] Database updated over unencrypted connection?

instaham at posteo.org instaham at posteo.org
Sun Mar 17 14:24:11 EDT 2019

Arnaud Jacques wrote:
> The .cvd files have an internal cryptographic signature that's
> checked by freshclam and clamd/clamscan. If freshclam and/or clamd
> accepts the files, you can be assured they are official and
> unmodified. This is built into clam; no external tools are called.

Thanks, this is basically what I wanted to know. Good to hear that 
there's a verification of the data happening.

Thanks to everybody who shared thoughts and knowledge on this topic.

More information about the clamav-users mailing list