PaulDotCom mailing list archives

Re: AV for OSX

From: ash <ash () ash-d net>
Date: Sun, 26 Aug 2012 01:31:51 +0000

Yeah .. but you looked good saying it John :)

Ash

From: pauldotcom-bounces () mail pauldotcom com [mailto:pauldotcom-bounces () mail pauldotcom com] On Behalf Of John 
Strand
Sent: Saturday, 25 August 2012 11:51 PM
To: PaulDotCom Security Weekly Mailing List
Subject: Re: [Pauldotcom] AV for OSX

Yea..

Thinking about it.  Smart has nothing to do with it.

I just announced to a security list that I dont run AV on my mac.

Not to bright...  Is it?

John
On Sat, Aug 25, 2012 at 7:17 AM, ash <ash () ash-d net<mailto:ash () ash-d net>> wrote:
Hahaha I have to agree .. I also run Sophos on my macs .. im also not as smart as John Strand .. and I am Australian .. 
I don't have much going for me here do I??

DAMMIT

Ash D

From: pauldotcom-bounces () mail pauldotcom com<mailto:pauldotcom-bounces () mail pauldotcom com> 
[mailto:pauldotcom-bounces () mail pauldotcom com<mailto:pauldotcom-bounces () mail pauldotcom com>] On Behalf Of 
Jeremy Pommerening
Sent: Saturday, 25 August 2012 2:16 AM

To: PaulDotCom Security Weekly Mailing List
Subject: Re: [Pauldotcom] AV for OSX

I run Sophos on my MAC and don't notice any performance hit.  But I am NOT as smart as John Strand.

Jeremy Pommerening
CISSP,GCFA,GPEN,GAWN,GCFW,
MCSE Win2K, MCSE NT4
From: xgermx <xgermx () gmail com<mailto:xgermx () gmail com>>
To: PaulDotCom Security Weekly Mailing List <pauldotcom () mail pauldotcom com<mailto:pauldotcom () mail pauldotcom 
com>>
Sent: Friday, August 24, 2012 10:22 AM
Subject: Re: [Pauldotcom] AV for OSX

I like that analogy Chistopher. I've been running Sophos for a couple days now and it's stayed out of my way for the 
most part. Even if I decide to turn it off, I'll keep it installed for one-off scans.

Thanks all.

On Fri, Aug 24, 2012 at 8:59 AM, Christopher Croad <ccroad () syr edu<mailto:ccroad () syr edu>> wrote:
I have mixed feelings.  I figure AV is at best 30% effective, and I know I can keep my Mac pretty secure without it.  
Still, I run Sophos on my Mac and it doesn't get in the way.  If it did, I would have no issue in shutting it down.  AV 
is like seatbelts on an airplane.  They provide a little security during bumpy flights, but a lap belt isn't  going to 
do much when the plane is rocking and rolling ( or crashing).

Chris Croad

-----Original Message-----
From: pauldotcom-bounces () pdc-mail pauldotcom com<mailto:pauldotcom-bounces () pdc-mail pauldotcom com> 
[mailto:pauldotcom-bounces () pdc-mail pauldotcom com<mailto:pauldotcom-bounces () pdc-mail pauldotcom com>] On Behalf 
Of Josh More
Sent: Thursday, August 23, 2012 11:23 PM
To: PaulDotCom Security Weekly Mailing List
Subject: Re: [Pauldotcom] AV for OSX

I agree with Ryan's view.

Also, as a counterpoint to Michael's, it is surprisingly difficult to
not do anything stupid under OSX.  The only way I've found to be
reasonably secure is to not run as admin (not hard, actually), use
Little Snitch and Glimmer Proxy (annoying) AND replace Safari
completely with a hardened Firefox (noscript, HTTPS Everywhere,
Request Policy, WOT, Adblock+, Certificate Patrol, etc)... which
pretty much completely kills a large part of the OSX experience.

When you add to this, the tendency of Apple to release patches as
frequently as cicadas, I don't think that adding an additional layer
of defense, imperfect as it is, is a bad idea.

I use Sophos on mine.

-Josh More

On Thu, Aug 23, 2012 at 4:43 PM, Michael D. Wood
<mike () itsecuritypros org<mailto:mike () itsecuritypros org>> wrote:

I also agree.  Don't believe the hype, when/if it really comes down to it -
maybe, then look into something.  In the meantime, be security aware and
don't do anything stupid.

--
Michael D. Wood
ITSecurityPros.org<http://itsecuritypros.org/>
http://www.itsecuritypros.org/

-----Original Message-----
From: pauldotcom-bounces () mail pauldotcom com<mailto:pauldotcom-bounces () mail pauldotcom com>
[mailto:pauldotcom-bounces () mail pauldotcom com<mailto:pauldotcom-bounces () mail pauldotcom com>] On Behalf Of 
Alex Kornilov
Sent: Thursday, August 23, 2012 10:55 AM
To: pauldotcom () mail pauldotcom com<mailto:pauldotcom () mail pauldotcom com>
Subject: Re: [Pauldotcom] AV for OSX

On 8/22/12 10:20 PM, John Strand wrote:

No.

The reason?  I have yet to be on a test were it gets in the way.

I do know it causes your system to run slower and crash more.

I would rather have a faster, less secure system than the illusion of
security.

+1
I agree. Don't believe propaganda from yellow press IT blogs.
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com<mailto:Pauldotcom () mail pauldotcom com>
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com<mailto:Pauldotcom () mail pauldotcom com>
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com/

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com<mailto:Pauldotcom () mail pauldotcom com>
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com/
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com<mailto:Pauldotcom () mail pauldotcom com>
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com/


_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com<mailto:Pauldotcom () mail pauldotcom com>
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com/

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com<mailto:Pauldotcom () mail pauldotcom com>
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



--
John Strand
O: (605) 550-0742
C: (303) 710-1171

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

Re: AV for OSX, (continued)
- - - Re: AV for OSX Robin Wood (Aug 24)
    - Re: AV for OSX Ray Davidson (Aug 24)
    - Re: AV for OSX Bill Swearingen (Aug 24)
    - Re: AV for OSX xgermx (Aug 24)
    - Re: AV for OSX Jeremy Pommerening (Aug 24)
    - Re: AV for OSX Alex Kornilov (Aug 24)
    - Re: AV for OSX John Strand (Aug 24)
    - Re: AV for OSX Michael Salmon (Aug 24)
    - Re: AV for OSX ash (Aug 25)
    - Re: AV for OSX John Strand (Aug 25)
    - Re: AV for OSX ash (Aug 25)
    - Re: AV for OSX Arch Angel (Aug 25)
    - Re: AV for OSX John Strand (Aug 26)
    - Re: AV for OSX Bill Swearingen (Aug 26)
    - Re: AV for OSX Francois Lachance (Aug 28)
    - Re: AV for OSX Carl Baughman (Aug 24)
    - Re: AV for OSX Alex Kornilov (Aug 24)
  - Re: AV for OSX Ryan (Aug 23)
- Re: AV for OSX Jason (Aug 22)