[ale] AV software? Slightly OT

David Tomaschik david at systemoverlord.com
Wed May 18 22:07:14 EDT 2011


On Wed, May 18, 2011 at 9:46 PM, Richard Bronosky <Richard at bronosky.com> wrote:
> +1 for Little Snitch. I still do not believe in virus software for a
> Mac. Just don't install ill gotten software and you are fine. I also
> tend to avoid using any software that uses an "installer" unless I
> have done my research on it. If you use an installer, you probably are
> a windows developer and suck at writing software anyway. No thank you.
> It makes sense that something like Little Snitch would need an admin
> password to install. But most everything else ought to be unzip and
> use.
>
> Just say no to virus protection software. It's usually more of a
> performance penalty than the virus you would never get anyway.

If only there were no ways other than installing "ill gotten software"
that your system could be exploited.  But obviously, that's not the
case:
* http://www.macobserver.com/tmo/article/the_java_exploit_how_dangerous_is_it/
* http://www.computerworld.com/s/article/9133350/Angered_by_Apple_delay_hacker_posts_Mac_Java_attack_code?taxonomyId=1&intsrc=kc_top&taxonomyName=knowledge_center
* http://www.theregister.co.uk/2011/05/03/mac_osx_crimeware_kit/

I still don't run AV on Mac, but everyone should at least be aware
that there are other ways to be compromised.  Cross-platform plugins
are nice for developers, but there can be exploits that are present on
more than one platform.  (Requiring different payloads, to be sure,
but they are there.)

-- 
David Tomaschik, RHCE, LPIC-1
System Administrator/Open Source Advocate
OpenPGP: 0x5DEA789B
http://systemoverlord.com
david at systemoverlord.com


More information about the Ale mailing list