What if bad actors begin to reuse old malware and old exploits?
Our team is committed to reintroducing any signature based on the activity of bad actors in a timely fashion.
Dude, it's the second sentence in the announcement.
Due to continually increasing database sizes and user adoption, we are faced with significantly increasing costs of distributing the signature set to the community.
We are users relying ClamAV for general antivirus protection. It is strange that they say 'researchers and corner cases'.
BTW,I think it may be the case:
main.cvd => current CVD file with old signatures removed
another file, also called main.cvd => for old signatures removed
Then users can only choose either file to use
What I meant is that they would provide another file name, like:
main.cvd => current CVD file with old signature removed
another file, say old-signatures-main.cvd => old signature removed, but users can configure ClamAV or runtime options to use the file with the old signatures
Can open-source users access the signatures that have been retired from main.cvd?
We intend to make the retired signatures available at a later date for researchers and corner cases
Due to continually increasing database sizes and user adoption, we are faced with significantly increasing costs of distributing the signature set to the community.
zakazak@reddit
So now I know how to hide my malware because there is a cool whitelist of signatures that I can choose from? :D
shroddy@reddit
So yes, you probably can
NoEconomist8788@reddit
Old signatures will be thrown out to increase performance.
nply@reddit
The main reason actually seems to be the high cost of widely distributing large signature databases.
NoEconomist8788@reddit
and what this actually mean?
nply@reddit
It is expensive to run servers from which many people download large files every day. Making the files smaller reduces those costs.
NoEconomist8788@reddit
who say this? Database will not completely downloaded by each update, but the latest changes
nply@reddit
Dude, it's the second sentence in the announcement.
NoEconomist8788@reddit
oh
edmanet@reddit
Thanks for the tl;dr
FryBoyter@reddit (OP)
But that's only part of the changes. For example, container images will also be removed from Docker Hub.
nlh101@reddit
Some container revisions. This isn’t a Bitnami situation, they’re only removing out of date containers so they reduce the load on Docker Hub
Homemade-Cupcake@reddit
Instead of removing them, maybe they can create a new file for old signature that allows people to opt-in to use them?
eclipseofthebutt@reddit
From the links:
Homemade-Cupcake@reddit
We are users relying ClamAV for general antivirus protection. It is strange that they say 'researchers and corner cases'.
BTW,I think it may be the case:
main.cvd => current CVD file with old signatures removed
another file, also called main.cvd => for old signatures removed
Then users can only choose either file to use
What I meant is that they would provide another file name, like:
main.cvd => current CVD file with old signature removed
another file, say old-signatures-main.cvd => old signature removed, but users can configure ClamAV or runtime options to use the file with the old signatures
FyreWulff@reddit
I think that's their way of saying "we will make them available but with zero support"
spyingwind@reddit
akehir@reddit
The decreased RAM usage is a very good thing, I previously had issues with RAM usage.
mmmboppe@reddit
Would IPFS help here?