Hello Michael,

I have a Business subscription and I struggle with your post.

Looking at the repos, there has not been a single update to them since July 2022.

In terms of the product:

• The IDS/IPS updates have not worked for over 2 years
  
• The antimalware updates failed in June
  
• The antispam updates also failed in June
  
• Gateway Management failed in March
  
• The domains in Windows Networking (Samba) failed in July 2023
  

From searching the forums the following packages have security vulnerabilities rated as Critical by NIST:

• ClamAV - affecting the Gateway Antivirus, File Scanner and Mail antivirus
  
• Apache/Httpd - affecting the web server, ProxyPass, Webconfig
  
• Squid - affecting the proxy
  
• OpenSSH - the SSH server
  

There are many other less severe vulnerabilities that have not been patched.

Some of these packages are straight from Centos unaltered, like Samba and OpenSSH. Why can they not be passed through to us paid users?

Your advertising blurb on clear.store mentions:

All updates, bug fixes, patches and security fixes are automated at your discretion providing an easy to manage, stable, and secure solution.

Yet there are no updates, the O/S is not stable as bits of it are failing and it is certainly not secure.

I understand from a contact that not a single ticket has been answered since May and only a few have been answered in the preceding couple of months. What are Gold and Platinum users getting for their money? Ripped off? Certainly not support.

Your reference to the Cloudstrike issue is just FUD and seems to be being used as an excuse not to provide any updates for 2 years. Until July 2022, updates were released to paid (Business and Home) users a week after they were released to Community users. Community users received updates within a week of them being issued by Centos. Suddenly you are saying that updates need to be tested for 2+ years before release? Not very credible, I think.

It seems like you are operating some sort of scam, taking money while knowingly not delivering the product advertised. ClearOS Server is neither reliable nor secure and no updates gave been provided since July 2022.

Can I ask, if you have not been able to provide updates, how has Nick Howitt been providing all the last 2 years of upstream Centos 7 and EPEL7 updates and has been recompiling the Clearcenter public domain packages to fix their vulnerabilities? It looks like he can be contacted at:

clearos@howitts.co.uk

Michael, your news is very encouraging! I wish your team continued success in developing the excellent ClearOS product
Can you tell me on which forum we can comfortable discuss ClearOS without any problems?
Because this forum is abandoned and works extremely slowly.

Michael Proper wrote:

In recent discussions surrounding ClearOS, some misconceptions have arisen regarding the state of the ClearOS Server platform. We want to clarify that ClearOS is neither dead nor abandoned. The team is still diligently working behind the scenes to enhance and maintain the system, albeit under a more sustainable model primarily focused around drivers and application support not focused on what the world would call security updates.

Unfortunately, the landscape of free support has been compromised by a few individuals who have misused resources by disgruntled paid admins seeking to take paid customers and their tolls looking to push ClearOS Server admins to other platforms. This has led us to reevaluate how we provide support to ensure that we can continue delivering a reliable product. While we will still provide driver updates and maintain system stability, we cannot commit to regular security patches without the assurance that they will not introduce new vulnerabilities—an issue highlighted by recent events affecting millions of servers globally (over 8.5M Windows systems just last week).

ClearOS has proven to be a stable solution for many users, and we are excited about our future. However, it is essential to recognize that providing support requires resources, and we can no longer sustain a model that relies solely on unpaid contributions. We appreciate the understanding and support of our loyal community as we navigate this transition.

Together, we look forward to a robust future for ClearOS, where our commitment to quality and security remains paramount. Thank you for your continued trust in us.

If you would like paid support you can request it here: https://dret.1237892.xyz/products/support/clearcare-overview or you are welcome to try your luck here assuming you and navigate the trolls and negative folks.

Best of luck and much love!

Hello Michael,

I hope you are also doing well.
Good to hear there is still activity behind the scenes and developments.
You understand that if there is no communication for months and also no activities this has a negative impact.
I am certainly not a troll of any other distro or company and I think you too know better by being a loyal and active supporter of Clarkconnect and ClearOS for almost 20 years.
I hope there will be a successor to ClearOS 7 soon and that this is not free anymore that is understandable. This will never be a dilemena for most users either.

Perhaps you could be a bit more specific in the current developments with a timeframe. This will eliminate a lot of noise.

Thanks and all the best to you

Translated with DeepL.com (free version)