[clamav-users] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!
G.W. Haywood
clamav at jubileegroup.co.uk
Tue Jul 27 18:01:28 UTC 2021
Hi there,
On Tue, 27 Jul 2021, Joel Esler wrote:
> On Jul 27, 2021, at 11:27 AM, Paul Kosinski wrote:
>> On Mon, 26 Jul 2021 11:35:29 Rick Cooper wrote:
>>
>>> And what, exactly, is the reason for moving to cmake? I am sure
>>> you know it's going to be problematic for thousands of people so I
>>> am curious what tremendous gain of speed, size, memory usage or
>>> seciurity the other users get from this change, or if it's just a
>>> convenience thing for the developers?
>>
>> I get the impression that *all* recent software development (at
>> least in Open Source) has given up any notion of backward
>> compatibility. ...
>>
>> Now I wonder what will happen when I next try to build ClamAV on my
>> three different Debian systems (7, 8 & 10).
>
> You can’t support everything, forever. You have to push forward
> with new tools and technology that make securing your customers
> easier and better and provide more functionality to us (the authors
> of the ruleset) to better protect people (you).
I could get alongside this if I could see the evidence that the better
security and functionality was actually happening. We're still stuck
with version 2 of Yara, and a parser that's so riddled that I've often
considered Python tools instead. Despite being swallowed up by Cisco,
(a near hundred-billion-dollar corporation) eight years ago, ClamAV is
*still* very near the bottom of my detection rates league table:
https://marc.info/?l=clamav-users&m=162379914711853&w=2
If 'cmake' is going to change all that, please tell me how - and when.
> If you’re using security software to protect yourself, why would you
> not do the most basic things and upgrade the OS of the systems ... ?
While I'd agree in principle with the sentiment, there are some people
who are stuck with legacy software which makes upgrade very difficult.
Despite my warnings about the gear, I've seen clients make seven-digit
GBP investments in machine tools which rely on Windows XP, expecting
the tools to operate long after Winows XP reaches EOL, no upgrade path
whatever available. There are accounting and ERP packages clinging on
by their fingernails too. It sometimes seems like the only way to get
rid of them is to get the tax authorities to mandate some new feature
which they don't support. There's a real world out there, and it's
unsatisfactory from many points of view, but it's the one we've got.
--
73,
Ged.
More information about the clamav-users
mailing list