Suggestion - Use ClamAV/ClamWin to scan torrents

Discuss suggestions and ideas for the forums, site, software.
ROCK N ROLL KID

Suggestion - Use ClamAV/ClamWin to scan torrents

Post by ROCK N ROLL KID »

I notice a lot of other torrent clients use AVs to scan torrents. Since qBittorrent is free and open-source, I figured you guys could do the same. ClamAV is a free and open-source AV that you guys can bundle in with qBittorrent and have that scan torrents. ClamAV is primary for Linux and Mac users and ClamWin is for Windows users. Just a suggestion, of course.

ClamAV - http://www.clamav.net/index.html

ClamWin - http://www.clamwin.com/

Keep up the good work. Been using qBittorrent for awhile now and I have liked it better then vuze and utorrent.
ciaobaby

Re: Suggestion - Use ClamAV/ClamWin to scan torrents

Post by ciaobaby »

A torrent file cannot be "infected" with a virus and metadata files are the ONLY files that bittorrent clients handle directly, the payload 'files' that are handled by bittorrent clients as pieces which may only contain parts of a virus code which will probably not match any recognisable virus signature UNTIL all the pieces are downloaded and reassembled on to the storage drive (at which point any anti-virus installed on the machine should catch it).

Just because certain other bittorrent client 'vendors' have conned their users into parting with money for a client that includes a completely pointless "feature" does not mean that qBT should.
ROCK N ROLL KID

Re: Suggestion - Use ClamAV/ClamWin to scan torrents

Post by ROCK N ROLL KID »

The torrent itself cannot be infected, true, but the torrent can contain malware, usual inactive until executed, which is why torrent bundle AVs. They are not just their because the clients wanted money, but you are right, most AVs are capable of scanning files when downloaded from torrents already. Also, I was just making a suggestion and I was not saying you should sell this, hence the reason I recommended free, open-source AVs, and I was not trying to say that you should do this because others do this.

Thanks for your time anyways. Keep up the good work guys!
User avatar
Nemo
Administrator
Administrator
Posts: 1730
Joined: Sat Jul 24, 2010 6:24 pm

Re: Suggestion - Use ClamAV/ClamWin to scan torrents

Post by Nemo »

Welcome by the way :),

Well the idea is good but I think at the end that the user itself needs to be careful downloading anything that might be infected. Also most users are using seperate antivirus bundle so how safe can you really be by trusting 2 different antivirus programs that are working against each other and only slowing your computer. Since day one I started torrenting I never had anything like a virus, you as an user needs to be careful the most and get your torrents from trusted, checked sites. Thats my opinion :). I get what you mean though which isn't a bad idea at all.
ciaobaby

Re: Suggestion - Use ClamAV/ClamWin to scan torrents

Post by ciaobaby »

usual inactive until executed,
Of course they are, however you are missing the point that I am trying to explain to you. Files in the payload can ONLY be infected before the metadata (.torrent) is created by the originator, they CANNOT be infected at any point after this because the 'infection' would alter the checksum of the blocks and as such would be rejected by all clients, also you should re-read the bit in my post where it says that BitTorrent clients are unable to detect signatures in pieces or blocks that they download.

Files being transferred using the Bittorrent protocol are, by the very nature of the protocol, totally immune to 'infection' from sources other than the originator and even if they were infected at source, scanning by the client during the transfer WILL FAIL to detect any "virus signature" in parts of files that are in the 16kB blocks that BT clients use to transfer the payload.
which is why torrent bundle AVs
No, it is not. Using "In client" virus scanning only works as a 'selling point' to users that do not understand the protocol, it is redundant, pointless, useless and unnecessary for the points I have mentioned above.  Provided the originator OR the end user downloading the torrent has anti-virus that is up to date on their machine, Bittorrent transfer is THE safest protocol for file transfer from the point of view of virus infection, and no amount of built-in AV will prevent 'malware' being bundled with the client on installation.
I was just making a suggestion and I was not saying you should sell this, hence the reason I recommended free, open-source AVs, and I was not trying to say that you should do this because others do this.
Sure, and I am explaining to you why it is totally unnecessary and therefore why it is not implemented or likely to be implemented. The qbittorrent policy is only to add 'features' that are truly useful to the majority of users, built in AV scanning is pointless for ALL users. The fact that BitTorrent charge an annual fee for the "Pro" version of their clients that include Anti-Virus, says more about the lack of knowledge and gullibility of their users than it does about the "usefulness" of having it there.
User avatar
Peter
Administrator
Administrator
Posts: 2693
Joined: Wed Jul 07, 2010 6:14 pm

Re: Suggestion - Use ClamAV/ClamWin to scan torrents

Post by Peter »

ClamAV's performance and detection rates are close to 0.
It's better than nothing, but I doubt it would leave 99% of the downloads unharmed.
(Cracks, keygens, DLL files, exe files, you name it.)

ClamAV should only be used to scan email attachments, and to flag emails to be reviewed by someone.


It would be cool indeed, to ship an anti-virus with the client - a free one without any ads or strings attached.
The problem is, there is no such thing.
Sure, Avast partners up with projects, but they distribute their client, toolbar, and other adware crap.
And such an antivirus would not be proactive, it would check downloaded files after they are saved (and maybe opened) by your OS, thus offering zero protection again.

I could integrate a "check file on VirusTotal" maybe, but that's again, useless against threats.
ROCK N ROLL KID

Re: Suggestion - Use ClamAV/ClamWin to scan torrents

Post by ROCK N ROLL KID »

ClamAV is trying to make a recovery. I have been working with ClamAV/ClamWin for almost 2 years now. I have been working with various AVs for 6 years and have been torrenting for about 4 years now. You are right shiki, it is primarily for email clients, however, ClamAV does have good unarchiving ability, which you see commonly in emails and torrents. How about, if you do decide to do it, you have an option in the installer "Would you like to bundle ClamAV/ClamWin with qBittorrent to scan torrents for infections" or something like that and let the user decide. That way if you don't want it then you don't use it an people who do want it, or feel more comfortable torrent then, can use it.

@ciababy: I understand what you are saying if you feel it is useless. What do you think about my idea above? I figure this idea will make everyone happy. If you don't want it, don't install it and if you do, then go ahead.

@Nemo: As I said, I have been with ClamAv/ClamWin for almost 2 years now, ClamAV/ClamWin is actually designed to work along side other AVs, like a second opinion scanner, so conflicting with other AVs will not be an issue.
Last edited by ROCK N ROLL KID on Wed Apr 15, 2015 5:12 pm, edited 1 time in total.
User avatar
Peter
Administrator
Administrator
Posts: 2693
Joined: Wed Jul 07, 2010 6:14 pm

Re: Suggestion - Use ClamAV/ClamWin to scan torrents

Post by Peter »

My biggest concern is false positives.
Even major players in the AV field love to delete/flag cracks, and various files as FP.

We would have to design and code, and then implement an entire interface dedicated to this feature, AND a quarantine. Like... that's a huge amount of work....
ROCK N ROLL KID

Re: Suggestion - Use ClamAV/ClamWin to scan torrents

Post by ROCK N ROLL KID »

I understand it a lot to go through. It was just a suggestion. Oh well, maybe sometime in the future, you may consider it or something.
ciaobaby

Re: Suggestion - Use ClamAV/ClamWin to scan torrents

Post by ciaobaby »

[quote="shiki"] Like... that's a huge amount of work....
[/quote]

For zero gain to anyone.
User avatar
Peter
Administrator
Administrator
Posts: 2693
Joined: Wed Jul 07, 2010 6:14 pm

Re: Suggestion - Use ClamAV/ClamWin to scan torrents

Post by Peter »

Well, let's say it would a niche feature. :)
User avatar
Nemo
Administrator
Administrator
Posts: 1730
Joined: Sat Jul 24, 2010 6:24 pm

Re: Suggestion - Use ClamAV/ClamWin to scan torrents

Post by Nemo »

[quote="ROCKNROLLKID"]
I understand it a lot to go through. It was just a suggestion. Oh well, maybe sometime in the future, you may consider it or something.
[/quote]

Suggestions are always welcome mate :)!
sledgehammer_999
Administrator
Administrator
Posts: 2443
Joined: Sun Jan 23, 2011 1:17 pm

Re: Suggestion - Use ClamAV/ClamWin to scan torrents

Post by sledgehammer_999 »

DISCLAIMER: I didn't read the whole thread.

Short answer: NO.
Long answer: Bundling an AV will implode the installer size. Plus most Windows users have AV installed anyway(from different vendors too). Any decent AV has on-file-access scan so it will catch any malware present upon double clicking anyway.
Offtopic and ironic: IIRC ClamAV doesn't have realtime (on file access) scan capabilities.
ROCK N ROLL KID

Re: Suggestion - Use ClamAV/ClamWin to scan torrents

Post by ROCK N ROLL KID »

Actually Sledgehammer, you would not need the entire AV. This was another why I recommended ClamAV/ClamWin. ClamAV is actually broken done into parts. The only thing you would need is what ClamAV calls "clamscan.exe" which is where the scans are initiated. This file is only 96KB. I get it, though, not everyone would be happy with this.
sledgehammer_999
Administrator
Administrator
Posts: 2443
Joined: Sun Jan 23, 2011 1:17 pm

Re: Suggestion - Use ClamAV/ClamWin to scan torrents

Post by sledgehammer_999 »

Let me say this: All Windows users have AV installed so there isn't a need for us to do the same. If they haven't an AV they are already screwed anyway.
EXCEPTION: Unless you are really experienced and careful, you don't need an AV.
Post Reply