PaulDotCom mailing list archives
Re: AV for OSX
From: Bill Swearingen <hevnsnt () i-hacked com>
Date: Sun, 26 Aug 2012 07:05:37 -0500
the irony of this question being asked on the "hack naked" list must be noted. On Sun, Aug 26, 2012 at 4:33 AM, John Strand <john () blackhillsinfosec com>wrote:
Lol. John Strand 605-550-0742 Sent from my phone. On Aug 25, 2012 10:05 PM, "Arch Angel" <arch3angel () gmail com> wrote:No worries John we would never question your genius, now if you wouldn't open that PDF and wait for instructions :-) Not yet, wait for.... Almost ready.... There we go, thank you for your time :-) Robert (arch3angel) On Aug 25, 2012 10:15 AM, "John Strand" <john () blackhillsinfosec com> wrote:Yea.. Thinking about it. Smart has nothing to do with it. I just announced to a security list that I dont run AV on my mac. Not to bright... Is it? John On Sat, Aug 25, 2012 at 7:17 AM, ash <ash () ash-d net> wrote:Hahaha I have to agree .. I also run Sophos on my macs .. im also not as smart as John Strand .. and I am Australian .. I don’t have much going for me here do I??**** ** ** DAMMIT**** ** ** ** ** Ash D**** ** ** *From:* pauldotcom-bounces () mail pauldotcom com [mailto: pauldotcom-bounces () mail pauldotcom com] *On Behalf Of *Jeremy Pommerening *Sent:* Saturday, 25 August 2012 2:16 AM *To:* PaulDotCom Security Weekly Mailing List *Subject:* Re: [Pauldotcom] AV for OSX**** ** ** I run Sophos on my MAC and don't notice any performance hit. But I am NOT as smart as John Strand. **** **** Jeremy Pommerening CISSP,GCFA,GPEN,GAWN,GCFW, MCSE Win2K, MCSE NT4**** *From:* xgermx <xgermx () gmail com> *To:* PaulDotCom Security Weekly Mailing List < pauldotcom () mail pauldotcom com> *Sent:* Friday, August 24, 2012 10:22 AM *Subject:* Re: [Pauldotcom] AV for OSX**** **** I like that analogy Chistopher. I've been running Sophos for a couple days now and it's stayed out of my way for the most part. Even if I decide to turn it off, I'll keep it installed for one-off scans. Thanks all. **** On Fri, Aug 24, 2012 at 8:59 AM, Christopher Croad <ccroad () syr edu> wrote:**** I have mixed feelings. I figure AV is at best 30% effective, and I know I can keep my Mac pretty secure without it. Still, I run Sophos on my Mac and it doesn't get in the way. If it did, I would have no issue in shutting it down. AV is like seatbelts on an airplane. They provide a little security during bumpy flights, but a lap belt isn't going to do much when the plane is rocking and rolling ( or crashing). Chris Croad**** -----Original Message----- From: pauldotcom-bounces () pdc-mail pauldotcom com [mailto: pauldotcom-bounces () pdc-mail pauldotcom com] On Behalf Of Josh More Sent: Thursday, August 23, 2012 11:23 PM To: PaulDotCom Security Weekly Mailing List**** Subject: Re: [Pauldotcom] AV for OSX I agree with Ryan's view. Also, as a counterpoint to Michael's, it is surprisingly difficult to not do anything stupid under OSX. The only way I've found to be reasonably secure is to not run as admin (not hard, actually), use Little Snitch and Glimmer Proxy (annoying) AND replace Safari completely with a hardened Firefox (noscript, HTTPS Everywhere, Request Policy, WOT, Adblock+, Certificate Patrol, etc)... which pretty much completely kills a large part of the OSX experience. When you add to this, the tendency of Apple to release patches as frequently as cicadas, I don't think that adding an additional layer of defense, imperfect as it is, is a bad idea. I use Sophos on mine. -Josh More On Thu, Aug 23, 2012 at 4:43 PM, Michael D. Wood <mike () itsecuritypros org> wrote:I also agree. Don't believe the hype, when/if it really comes downto it -maybe, then look into something. In the meantime, be security awareanddon't do anything stupid. -- Michael D. Wood ITSecurityPros.org <http://itsecuritypros.org/> http://www.itsecuritypros.org/ -----Original Message----- From: pauldotcom-bounces () mail pauldotcom com [mailto:pauldotcom-bounces () mail pauldotcom com] On Behalf Of AlexKornilovSent: Thursday, August 23, 2012 10:55 AM To: pauldotcom () mail pauldotcom com Subject: Re: [Pauldotcom] AV for OSX On 8/22/12 10:20 PM, John Strand wrote:No. The reason? I have yet to be on a test were it gets in the way. I do know it causes your system to run slower and crash more. I would rather have a faster, less secure system than the illusion of security.+1 I agree. Don't believe propaganda from yellow press IT blogs. _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com/_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com/ _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com/**** ** ** _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com/**** _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- John Strand O: (605) 550-0742 C: (303) 710-1171 _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Re: AV for OSX, (continued)
- Re: AV for OSX xgermx (Aug 24)
- Re: AV for OSX Jeremy Pommerening (Aug 24)
- Re: AV for OSX Alex Kornilov (Aug 24)
- Re: AV for OSX John Strand (Aug 24)
- Re: AV for OSX Michael Salmon (Aug 24)
- Re: AV for OSX ash (Aug 25)
- Re: AV for OSX John Strand (Aug 25)
- Re: AV for OSX ash (Aug 25)
- Re: AV for OSX Arch Angel (Aug 25)
- Re: AV for OSX John Strand (Aug 26)
- Re: AV for OSX Bill Swearingen (Aug 26)
- Re: AV for OSX Francois Lachance (Aug 28)
- Re: AV for OSX Carl Baughman (Aug 24)
- Re: AV for OSX Alex Kornilov (Aug 24)