Hacker News new | past | comments | ask | show | jobs | submit login

They allow a 3rd party to change Kernel stuff with an update. Apple banned this a while ago.



It is supposed to be like that.

Antivirus software always works as a driver in the kernel, no other way. You'll get the same in Linux, for example. In MacOS it may be slightly better (if I remember right Darwin is a micro-kernel), but in fact a broken driver still can crash the system there.


> Antivirus software always works as a driver in the kernel, no other way.

You're confidently wrong: https://developer.apple.com/support/kernel-extensions/


This page is only about using some APIs, that are now supposed to be called through wrappers. I would say it significantly limits the developers, and also may introduce additional flaws.


Yet it is how antivirus works on Mac now.


*banned

Made it a lot harder for everyone involved, but still possible, as it’s a very useful technique.

PS: Since I'm being downvoted, here is the link showing that it is still possible using Reduced Security:

https://support.apple.com/en-gb/guide/mac-help/mchl768f7291/...

I doubt Apple will completely disable kext in the near future. Making it hard enough to be impractical has most of the benefits already.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: