Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

But Mac OS X scans all code you run to verify code signatures, doesn't it? If so, the performance impact of scanning isn't that high.

I think the main problem with antivirus on modern hardware is that commercial entities selling antivirus have to add bells and whistles. Few people would be willing to pay $x a year for a program they aren't even aware of running. So, that $x program makes sure you see it frequently by adding progress displays, toolbars, task bar items, etc. they also make sure they have stuff to report, even if that includes meaningless stuff such as registry keys on Windows. Detecting that meaningless stuff takes time, too.



Taking a hash of the binary and verifying that against a few-k signature at a known location is kind of on a different level performancewise than scanning literally the entire binary looking for various known signatures and applying heuristic analysis. (Windows does the same thing, FWIW)

I think you're spot on, but from the scope of a user who knows 90% of that stuff is BS, it's just another bullet point in the list of why I don't run AV software.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: