Fork me on GitHub
Adam Helins07:06:00

Mornin' y'all


Good Morning


good morning


Good morning 🙂


does anyone have any good antivirus experiences to relate ? i recognise the need for AV, but i'm currently struggling with bitdefender endpoint security on macos, which is causing major slowdowns for git and build related tasks - which is quite a large portion of everything i do

Adam Helins13:06:42

Is there really a need for AV on macos these days?


perhaps less of a need than on some other o/s, but there are root exploits for macos out there:


and as ever with infosec stuff, the best approaches are probably multi-layered, so having a workable AV is probably better than not having one


macos has its own builtin av


our business uses a dns filter to block known malware plus a centralised system that shows our IT folks what's on everyone's computers and what versions they're on, and skips installing custom AV. we focus on vetting apps and ensuring they're kept updated, and on blocking known malware sites.

💯 1

how does that work @U0509NKGK ? i've currently got 4.5K packages in my /nix, ~300 homebrew packages, and innumerable npm, clojars, mvn deps, and a smaller number of binary deps, across many dev projects - it doesn't seem manageable without automation


ah, we focus that vetting effort on our non-technical staff 🙂


one thing that helps is that we provide everyone with computers, so non-work stuff happens elsewhere. that keeps the amount of 'out of character' software way down. our devs all have their own pcs and do their hobby stuff on there.


yeah, we give everyone computers too... almost all my stuff is work related - i don't really have any time for hobby stuff anymore AV doesn't seem to be a problem for non-devs anyway, they don't tend to have file-access patterns which require hitting large filetrees all at once i've been looking for any evidence that macos' built-in XProtect AV is any good ... there's not much detail around, and mostly what i can find says that its rules don't get updated very often, so it's perhaps unlikely to be protective against any novel threats


Oh, how I miss #clojured!

😆 1
borkdude 2