Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 6 subscribers
  • Views 3661 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Difficulty choosing between Avast! and Sophos antivirus for Mac! Help needed!

olivierdb

I recently came across this link which recommends avoiding Sophos and I don't know what to think of it because I don't know if the following assertions still are true about the latest version of Sophos antivirus (8.0):

  • I would not use Sophos because the component (and almost all of its components) of the software that receives updates is running with root privileges such that an exploit would be remote root if an exploit was found for that component.
  • Given that Sophos is 32 bit, the security mitigations can be defeated by bruteforce techniques if an exploitable vulnerability is found in the software.

Would you please provide some feedback regarding these assertions. I believe many of us considering Sophos AV come across that link and are deterred from installing Sophos AV.

Thank you.

:1012392


This thread was automatically locked due to age.
Parents
  • 0

    Hello olivierdb,

    whatever your decision, it's a good idea to practice safe computing. I wouldn't make absolute claims like That's all you need to do to keep your [Mac or whichever platform] completely free though.

    As (too many) technical details won't help you much I'll just point out that (at least in this short form) the arguments are somewhat incomplete and contains a some ifs, unuttered assumptions and hasty conclusions. A few examples: all of the components do not run as root [except a] daemon [which] does not receive inputs - true, (remote) inputs can be an additional risk but to what extent is unsaid and it quietly assumes no other risks to the integrity of the daemon. an initial full system scan [...] once [...] complete, periodic on-demand scans - admittedly it starts with If you still want to run antivirus but then, why not asserting it is moot in the light of all you need to do to keep completely free? Perhaps because users like most AV software is not very good at detecting drive-by-downloads anyway? And one more point: Be careful to only install software from trusted, reputable sites - neither are they invulnerable nor perfect (assuming you can absolutely make sure you are indeed connecting to the correct site).

    <rant>IMO it's partly a religious war, reminds me somewhat of the arguments against using a seat-belt - if your car is sinking it might hinder your escape, most of the time you don't need it, it's constricting and anyway it is not very good at ensuring your survival in a crash.</rant>

    As for the choice (which has to be made by you): I don't consider these arcane weaknesses as particularly important (that's not to play them down, just putting it into perspective). Avast! has more features than Sophos (in version 8, heard that "web security" will be added in version 9) and you might want to have them. Won't decide which product is better in terms of protection or performance - I'll just say that both are "not bad". As both are free you won't waste your money if you give each one a try.

    HTH

    Christian 

    :1012402
Reply
  • 0

    Hello olivierdb,

    whatever your decision, it's a good idea to practice safe computing. I wouldn't make absolute claims like That's all you need to do to keep your [Mac or whichever platform] completely free though.

    As (too many) technical details won't help you much I'll just point out that (at least in this short form) the arguments are somewhat incomplete and contains a some ifs, unuttered assumptions and hasty conclusions. A few examples: all of the components do not run as root [except a] daemon [which] does not receive inputs - true, (remote) inputs can be an additional risk but to what extent is unsaid and it quietly assumes no other risks to the integrity of the daemon. an initial full system scan [...] once [...] complete, periodic on-demand scans - admittedly it starts with If you still want to run antivirus but then, why not asserting it is moot in the light of all you need to do to keep completely free? Perhaps because users like most AV software is not very good at detecting drive-by-downloads anyway? And one more point: Be careful to only install software from trusted, reputable sites - neither are they invulnerable nor perfect (assuming you can absolutely make sure you are indeed connecting to the correct site).

    <rant>IMO it's partly a religious war, reminds me somewhat of the arguments against using a seat-belt - if your car is sinking it might hinder your escape, most of the time you don't need it, it's constricting and anyway it is not very good at ensuring your survival in a crash.</rant>

    As for the choice (which has to be made by you): I don't consider these arcane weaknesses as particularly important (that's not to play them down, just putting it into perspective). Avast! has more features than Sophos (in version 8, heard that "web security" will be added in version 9) and you might want to have them. Won't decide which product is better in terms of protection or performance - I'll just say that both are "not bad". As both are free you won't waste your money if you give each one a try.

    HTH

    Christian 

    :1012402
Children
No Data