Increasing attack surface using simple virus scanner
SynIV opened this issue Β· comments
Hello,
Thank you so much for the great guide. I absolutely appreciate it π
Although there is one question left for me.
You mentioned in the guide that the use of an antivirus software could increase the attack surface for more sophisticated attacks.
Although I was wondering how it would look like with a simple virus scanner like the Bitdefender Virus Scanner Plus Application from the Mac App Store or ClamAV.
May thanks in advance π
Any extra program increase your attack surface. AV programs even need access to your files which is a privacy problem too.
Thank you for your answer.
I totally agree with you on that points but the question was more about if a simple scanner is any better than a "full featured" security suite. I would assume yes, because it has not to run with higher privileges and if its from the App Store there is also Apples Sandboxing in place (which is also limiting its capabilities).
So what I would assume is that if someone doesn't want to fully rely on "common sense" it could be a second line of defense if it doesn't increase the attack surface in a way that it wouldn't makes sense anymore. Please correct me if I'm wrong.
I'm sorry for the maybe dump question, but I am really not an expert :)
Bitdefender Virus Scanner Plus Application from the Mac App Store or ClamAV.
First one install an browser extension which itself is a security issue.
ClamAV isn't available from AppStore and using non-StoreApps isn't recommend.
I don't think there's room for this type of software on a secure workstation, in part because it's mostly written very poorly, but mostly because it creates a false sense of security which might absolve the administrator of otherwise critical reasoning.