Re: [Fed-Talk] Someday is here UNCLASSIFIED (UNCLASSIFIED)
Re: [Fed-Talk] Someday is here UNCLASSIFIED (UNCLASSIFIED)
- Subject: Re: [Fed-Talk] Someday is here UNCLASSIFIED (UNCLASSIFIED)
- From: "William G. Cerniuk" <email@hidden>
- Date: Mon, 28 Apr 2008 09:20:46 -0400
The McAfee problem is endemic to their development approach (bad)
under Mac OS X. Based on empirical observation I would guess it has
to do with them porting code not native to Mac OS X. This code does
not seem adequately threaded and is more monolithic (yadda yadda). The
McAfee enterprise product come with 4 pages of caveats for Mac OS X.
Norton's AV suffers from the almost identical problem.
I identified VirusBarrier X early on as a much better approach to AV
software on Mac OS X. It not only does not drag system performance
down and runs nicely on Mac OS X servers (they also have a pure server
version) it performs heuristics to try and catch virus/Trojan activity
before the malware is known. VirusBarrier X has been criticized for
not catching all the Windows viruses, which cannot hurt Mac OS, as
they pass through the system in the data files. But all things
considered, while I would like to be my brother's keeper, the utility
and performance on my Mac OS X system is much more important than
correcting another platform's intrinsic problems.
Very Respectfully,
Wm. Cerniuk
E2E Project Manager, Innovation Program
Chief Health Informatics Office
VHA Office of Information
703.594.7616
Time is Short, and the Water Rises
On Apr 28, 2008, at 9:10 AM, Michael wrote:
Yes, all the seriously big servers and clusters have some type of
exemption written into their security plan, because anti-virus
software seriously hinders the performance of these million dollar
plus machines. As far as I know all these machines are running Unix
or Linux. Machines like Army Research Laboratory's JVN, 1024 dual
Xeon boxes in a cluster, running something called The Linux Networx
system.
McAfee on my desktop dual cpu Mac takes 75% of my cpu resources.
Half the time I can't remove USB devices because of the anti-virus
software. It interferes with asr (terminal command to image a hard
disk to another).
On top of that all current anti-virus software is flawed starting at
the basic concept of detecting only what was seen before. Detecting
virus activity what Gatekeeper did for free, but the big companies
took the easy approach, with more then ten years of time to produce
a better product they have totally failed, they drop hundreds of
thousands of known viruses from their databases every year. Vendors
ship computers infected with known viruses because the anti-virus
software they include no longer has that virus in the database.
And another 1/2 million comprised web server over the last week,
including UN and UK gov servers.
Michael
On Apr 28, 2008, at 12:38 AM, Traynor, Paul I wrote:
By "exemption." I assume Michael officially means EXCEPTION (which
requires "acceptance of risk," ***IN WRITING*** - signed/faxed/filed
from a govvie in authority representing the data owner).
Furthermore,
if you broaden the definition from anti-virus to anti-malware, then
it
gets even worse (Gold-Disk/DISA SRR expects and evaluates Anti-
Spyware
as well).
Michael wrote:
On Apr 25, 2008, at 2:30 PM, Traynor, Paul I wrote:
Actually, both NISPOM and DIACAP do require anti-virus software for
all systems, including Macs.
All Linux and Unix systems too? They have a lot of systems with some
type of exemption, the ones I know about just aren't desktop or
laptop
systems and they are both unclassified and classified systems. The
ones I'm thinking of are things like the high performance systems at
the Army Research Laboratory for example. SGI Altix's, Networx
systems, and others.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden