Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
macOS needs an AV?
Message
<blockquote data-quote="MacDefender" data-source="post: 957329" data-attributes="member: 83059"><p>I generally agree with this. KAV on the Mac comes close to being a security suite, protecting at the network level as well as at the realtime level, and it's smart enough to skip scanning Apple's "sealed system volume" which is cryptographically read-only and signed anyway, making it a waste of time to scan for malware.</p><p></p><p>With that said, it does have a noticeable power impact on laptops, the daemon can easily reach 100% CPU usage when installing apps or doing other things, and it's not multithreaded so it also limits IO performance when kavd gets to 100%. </p><p></p><p>Note that the above is generally true of antimalware on the Mac, not a Kaspersky specific problem. I've found their engine has good detection rates on Windows/Linux/Mac malware, not much difference in static scanning performance. I don't see any evidence of behavior blocking though the macOS API doesn't provide much of an ability to implement one.</p><p></p><p></p><p>It's not without its bugs though. For example when the network filtering component blocks a file, it simply replaces the network stream with an HTML error page:</p><p>[ATTACH=full]260504[/ATTACH]</p><p></p><p>This causes some applications to behave really bizarrely if Kaspersky thinks a URL is malicious or phishing.There is no UI feedback for when this happens, though if you dig through the logs you can find it.</p><p></p><p></p><p>Overall, I still feel realtime Mac protection isn't worth the tradeoffs. It's gotten a little better compared to 2-3 years ago when crashy/panicky kernel extensions were the norm. But the slight protection it offers is not worth all of the ways the suite can fall over and make your life miserable when it misbehaves, especially since Apple is so known for changing their OS underpinnings rapidly.</p></blockquote><p></p>
[QUOTE="MacDefender, post: 957329, member: 83059"] I generally agree with this. KAV on the Mac comes close to being a security suite, protecting at the network level as well as at the realtime level, and it's smart enough to skip scanning Apple's "sealed system volume" which is cryptographically read-only and signed anyway, making it a waste of time to scan for malware. With that said, it does have a noticeable power impact on laptops, the daemon can easily reach 100% CPU usage when installing apps or doing other things, and it's not multithreaded so it also limits IO performance when kavd gets to 100%. Note that the above is generally true of antimalware on the Mac, not a Kaspersky specific problem. I've found their engine has good detection rates on Windows/Linux/Mac malware, not much difference in static scanning performance. I don't see any evidence of behavior blocking though the macOS API doesn't provide much of an ability to implement one. It's not without its bugs though. For example when the network filtering component blocks a file, it simply replaces the network stream with an HTML error page: [ATTACH type="full"]260504[/ATTACH] This causes some applications to behave really bizarrely if Kaspersky thinks a URL is malicious or phishing.There is no UI feedback for when this happens, though if you dig through the logs you can find it. Overall, I still feel realtime Mac protection isn't worth the tradeoffs. It's gotten a little better compared to 2-3 years ago when crashy/panicky kernel extensions were the norm. But the slight protection it offers is not worth all of the ways the suite can fall over and make your life miserable when it misbehaves, especially since Apple is so known for changing their OS underpinnings rapidly. [/QUOTE]
Insert quotes…
Verification
Post reply
Top