On Wed, 09 Jul 2008 14:26:58 -0500, Sunny wrote:
The difference is in the price. O-A-S is expensive (as system resources). While there are other, less expensive solutions (on-write check, on download check, on email receiver check, on document/macro open check, AA), etc., there is no need to nail a fly with a hammer.
And nobody has ever said that OAS is an all-or-nothing option. As I said elsewhere, I've seen OAS systems that care about file types or allow excluded directories (such as /tmp). There's no reason that footprint can't be minimised. It could be done effectively on OSes running on 386/486 processors. With computing power that's 20x those old systems, I can't see the impact being *worse* if implemented properly.
So, complaining that the kernel does not include this and that - especially when dazuko is mostly used by a closed-source application (is antivir open-sourced?).
I don't know - and I didn't now the history of dazuko, either. I'm not pro any particular application - just the idea.
There's another thing as well - antivirus solutions just make feel people safer, w/o adding too much of a protection.
Tell that to the millions of Windows users who have been infected over the years. There is value in protecting against known threats.
Usually the people, which do not care do not update their definitions regulary,
That's what auto-update is for. Part of the problem with closed-source AV solutions is that they use a subscription model - if you don't pay, you don't get current virus definitions. That is a business model that says "my business is more important than the users". They haven't figured out (generally speaking) that taking care of the users *takes care of business*.
and on the top it, "being protected" means for them that they can download and run whatever garbage they can set their hands on.
True, but some people will do that regardless.
So, again - it is a balance of the cost - I would better prefer some kernel devs to work on and create a more stable kernel, which works with better and newer hardware, that to waste their time on a such a low impact subject. But everybody else if free to change/modify/use whatever solution which will make them happy. And they have all the information they need - the kernel is opensourced, has a release cycle, what changes are going to be put in the next release are well known, etc.
Sure, but there's nothing that says it has to be implemented at the *kernel* - I've not said the kernel devs need to spend time writing AV software. If there are hooks there, let someone else write it. Doesn't the Linux kernel support some form of copy-on-write mechanism, or a file modification monitoring mechanism? I'd think it must in order for an app like AppArmor to detect changes that aren't permissible. Jim -- Jim Henderson Please keep on-topic replies on the list so everyone benefits -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org