You could keep the virus fingerprint database outside the codebase. Customers would then pay for access (and updates) to the fingerprints.
The fingerprints have to be some sorts of data, like regular expressions or other limited instruction set which can only parse the incoming file and not communicate with outside world.
The company could automatically release fingerprints into the open after a time, say 6 months.
The fingerprints have to be some sorts of data, like regular expressions or other limited instruction set which can only parse the incoming file and not communicate with outside world.
The company could automatically release fingerprints into the open after a time, say 6 months.