Discover more from Rixstep NSA
Mac AVs, Cleaners, Optimisers
After a while you just... From Radsoft.
We've seen this before. On Windows. Boy what a circus that was over there. And still might be. Always count on the charlatans to try again. What was it PT said?
Memory optimisers are a bluff. We proved it. We proved it by showing what they tried to do, we went through the system intrinsics to show how pointless it was. And when confronted directly by us, the vendors got evasive, insisted they'd never claimed their products actually worked, and even got downright nasty.
As for cleaning disk systems: it depends a bit on what you mean. But if you're thinking of generic cleaning, we've had the ultimate product all along: the E3 Security Kit. It's being used by Verizon. It's being used by the fricking Pentagon. There's a way to do things and E3 is it.
If you know absolutely nothing about computers, and if you're not part of a shop with a dedicated and adequate admin, some of the current Mac lineup might prove useful. One should however emphasise 'might' because none of them can know what you do with your computer and because some of them are going to be a bit demented (but hopefully not too dangerous, although that can never be ruled out).
Your best bet is to hook onto an admin who knows what he's doing, or learn how to do it yourself.
On the Mac side, Rixstep have long had CLIX with thousands upon thousands of scripts. CLIX's won awards and has been universally praised.
The beauty with CLIX is that, once you learn how to do it, you never have to learn again, or type in those long command lines. It's all a matter of 'CLIX' ('clicks').
In today's world, fewer and fewer end-users use computers anymore anyway.
'Unix is big, powerful, and sophisticated.'
Apple's boxes today are complex, much more than Apple want to let on. Their marketing's all about making things look simple even when they're really not. That's how you sell Macs. But they're not running System 7 anymore. This is Unix. FreeBSD Unix essentially.
Unix is big, powerful, and sophisticated. You can't stuff everything in a single 'folder' anymore, as nostalgic Apple users once longed for.
The Apple HI group didn't like the fact that NeXT used three different colours for window title bars. They literally thought two colours would be OK but three more than their users could handle.
The fact that windows can have in fact three and exactly three 'states' was immaterial to them.
Unix files have three permissions for three user groups. Unix files do not have a 'Read & Write' permission. But they do have an 'eXecute' permission. Yet again, this is considered too 'mind-boggling' by Apple's Human Interface Group.
Apple HI think their customers are stupid, but they're judging themselves.
When the '.DS_Store' scandal broke on the Mac, a member of Apple's HI wrote to Rixstep. Obviously they'd been hurt by the criticism and wanted to defend themselves. They insisted that .DS_Store didn't matter because no one saw them.
But if no one sees .DS_Store files, how does anyone know they exist?
And that individual from Apple HI was a former programmer from Corel in Canada. Pause for thought.
They're still peddling and pimping AV for the Mac. Oy vey. Here's a summary from Tom.
Let's make one thing distinct straight away. The virus per se exists and can only exist on a Windows machine. Computer viruses are malware that attaches to executables. Either that or boot sectors (which are executable too).
The computer virus per se exists only on Windows because it's only a crappy third-rate system like Windows that does not and cannot protect its program files (or boot sectors).
That being said, any huckster can fool any sucker at any time.
The following is interesting for several reasons.
'Unfortunately, Apple's built-in antivirus protections, Gatekeeper and XProtect, don't always work so well because they use out-of-date methods of stopping infections. The best Mac antivirus programs do a better job, quickly spotting brand-new malware and double-checking dodgy files 'signed' with an Apple developer ID.'
XProtect is like Apple's attempt to copy Microsoft's Recycle Bin. It's half-hearted.
The fact that Apple developer IDs, despite lugubrious code-signing, can be spoofed: it speaks volumes.
But the failure of Gatekeeper is significant. For, as we've argued all along, Gatekeeper wasn't created to protect you. If it had been, and if your safety were such a high priority at Apple, then they would have fixed things long ago. But did they? No they did not.
The fact that at least one of those AV products, Bitdefender, goes beyond the domain of vanilla AV and also combats malware in general is a good thing. Rolling back ransomware encryption certainly sounds promising.
But Romanian Bitdefender (what does that name mean actually) has turned into a huge international enterprise, all for fighting off the odd spurious attack that a seasoned Unix user would have taken care of anyway. Fighting off malware, especially on a Unix box, isn't that difficult.
Tom points out here that these products have yearly fees. Really?
'Whenever Bitdefender's malware-scanning engine encounters what may be a new piece of malware, it uploads the suspicious item to Bitdefender's online testing lab for analysis. New malware signatures are distributed several times daily to the 500 million systems protected by Bitdefender products.'
Is that why the Internet's so slow at times?
And 'signatures'? You mean the field in the header section which states 'Virus Signature'? Deciding on a good 'signature' is not an easy task, if at all possible. You've heard of 'false positives', right?
'Bitdefender no longer offers the free downloadable Bitdefender Rescue CD, which booted a severely infected system into Linux for a complete scan and cleaning. Bitdefender paid software still creates the similar Bitdefender Rescue Environment in a hidden hard-drive partition during installation, but the Rescue Partition now uses a sandboxed version of Windows 10 instead of Linux to remove persistent threats.'
Oh goodness. What about the rest of the field? And, most importantly, should a Mac user have AV? Can AV be of any value at all on a Mac?
Let's remember what Brian Krebs said a while back: that he'd been gifted with AV on his Mac but would not otherwise bother with it.
Then there's Avast. Top of the list.
'During November and December 2021 we evaluated eight home user security products for macOS Big Sur. We always used the most current version of all products for the testing. They were allowed to update themselves and query their cloud services. We focused on malware detection, false positives and performance.'
But how did they check if the products caught all the bad guys?
They never do that, do they? They'd praise App Zapper-type products but they had no way to see if they actually worked - yet they kept praising them anyway. Go figure.
And ultimately an ambition/desire to publish useful information is tempered by the enervating realisation that people just don't learn and don't seem to care much about learning. The information's been out there for decades, since before the new millennium. If they choose to ignore, then just fuck 'em.
Avast for Mac is here. It's free.
'Avast One combines our award-winning free antivirus with advanced protection to help you safeguard your privacy, connect securely, speed up devices, and stay safe from cybercrime. And, yes, itÕs still free.'
But why this, Avast?
% ls -l total 40 -rw------- 1 rixstep staff 147 Dec 1 15:25 00000000000494e2 -rw------- 1 rixstep staff 71 Dec 1 15:25 00000000000494e3 -rw------- 1 rixstep staff 78 Jan 8 12:20 0000000002d806a2 -rw------- 1 rixstep staff 72 Jan 8 12:20 0000000002d806a3 -rw------- 1 rixstep staff 36 Jan 8 12:20 fseventsd-uuid
'As long as you're not stupid...' A reserve officer of the USAF was in contact with us way back in our RTP days. Boy he loved to talk! But he was totally convinced that even Windows didn't need AV, 'as long as you're not stupid'. He was getting a rig ready for his mother-in-law, and he wasn't going to give her AV.
On the other hand, our bartender got her first PC from an IBM consultant. No AV. Windows. She just pulled the cord out of the mains when it got too much.
'Porn storms', she called them.
No, you don't need that on a Mac. (You don't need that on Unix either.)
Apple's 'Mac vs PC' poked fun at the insecurity of Windows. Isn't it a bit remarkable how Tim Cook turned it all around to make Mac users feel insecure?
Not when it adds another 60-80 billion to the company's coffers each year.