| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 3 Jul 2014 14:40:17 +0000 From: Victor Aguilar <Victor.Aguilar@...tcon.es> To: Reindl Harald <h.reindl@...lounge.net>, "fulldisclosure@...lists.org" <fulldisclosure@...lists.org> Subject: Re: [FD] AV scan on read vs write debate.... Reindl Harald <h.reindl@...lounge.net> wrote: Am 01.07.2014 20:26, schrieb Joe Brown: > A compromise might be to have scan on Write only, with a forced full system scan of all files at a certain time. > For example at lunch time. bad idea > 1. You don't have an all the time performance hit if i scan my full system it takes 8 hours > 2. Files will be checked on a daily/weekly basis daily is not doable -> see above weekly is not enough typically AV signatures are a few hours behind new malware, so it helps at least if you download something now and don't open the payload directly after download, maybe in a ZIP only specific files are affected the same applies for ZIP's you got from a person you know which has a infected machine per email, while receive the mail your signatures maybe not recent enough, in the time between receive and open files you may get updates > Negatives are that these files may sit on the device while waiting for the next scheduled scan. > > On Mon, Jun 30, 2014 at 2:45 AM, Yoann Gini <yoann.gini@...il.com <mailto:yoann.gini@...il.com>> wrote: > > > Le 30 juin 2014 à 01:48, Reindl Harald <h.reindl@...lounge.net <mailto:h.reindl@...lounge.net>> a écrit : > > > but if you are talk with Apple "the OS is secure" priests > > forget it, they are learning resistent > > This is not true anymore. Any Apple representative wont tell you that nowadays. Even more, Apple has a small > antivirus builtin in the system. But signatures based, focused on major OS X threats. No heuristics, no > detection of windows malwares. > > Le 30 juin 2014 à 01:38, Exibar <exibar@...lair.com <mailto:exibar@...lair.com>> a écrit : > > > they claim they have a huge performance > > improvement with scan on read turned off... > > > This is also true. Sadly. I work only on Apple products (and I use antivirus), I never seen a good product who > don’t slow down the computer as shit. > > From a sys admin perspective, Antivirus editors don’t take the Mac seriously, their product are slow and > sometime published with too much bug inside. That don’t help Mac users to have any trust in it… _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists