PaulDotCom mailing list archives
Re: AV for OSX
From: "Ryan" <randomrhythm () rhythmengineering com>
Date: Thu, 23 Aug 2012 17:54:19 -0600
I personally would go with yes but it of course comes down to the individual and their risk assessment. I agree with
John that if you are targeted by an experienced and determined attacker AV won't likely get in their way. For that
scenario you best have your systems locked down and other defenses in place. As John has said in the past you should
design your security as if you don't have antivirus at all. However, I will say not all attackers are as skilled and
knowledgeable as John Strand. Antivirus is a last line of defense and if it can block, interfere or identify a
percentage of attacks then it may be worth the performance hit and bugs.
I also fully agree with John that antivirus adds system load and may make your system or applications unstable. Those
are real side effects and risks of running antivirus. Adding appropriate scan exclusions, turning off real-time
scanning, upgrading or switching products can usually help out with those if you've got the time to fool with it. At
minimum doing a scheduled scan at some interval could still add value if simply to tell you the system was compromised.
Some people won't know they were hacked until someone or something tells them like a virus detection alert.
I recommend Sophos but I'm sure there is a ClamAV port that may fit your needs.
Ryan
----- Original Message -----
From: John Strand
To: PaulDotCom Security Weekly Mailing List
Sent: Wednesday, August 22, 2012 2:20 PM
Subject: Re: [Pauldotcom] AV for OSX
No.
The reason? I have yet to be on a test were it gets in the way.
I do know it causes your system to run slower and crash more.
I would rather have a faster, less secure system than the illusion of security.
On Wed, Aug 22, 2012 at 11:38 AM, xgermx <xgermx () gmail com> wrote:
To run or not to run, that is the question. (Let's assume a home environment for this scenario)
Why or why not?
If yes, which product?
Best,
germ.
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
--
John Strand
O: (605) 550-0742
C: (303) 710-1171
------------------------------------------------------------------------------
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Re: AV for OSX, (continued)
- Re: AV for OSX Michael Salmon (Aug 24)
- Re: AV for OSX ash (Aug 25)
- Re: AV for OSX John Strand (Aug 25)
- Re: AV for OSX ash (Aug 25)
- Re: AV for OSX Arch Angel (Aug 25)
- Re: AV for OSX John Strand (Aug 26)
- Re: AV for OSX Bill Swearingen (Aug 26)
- Re: AV for OSX Francois Lachance (Aug 28)
- Re: AV for OSX Carl Baughman (Aug 24)
- Re: AV for OSX Alex Kornilov (Aug 24)