macOS-Security-and-Privacy-Guide icon indicating copy to clipboard operation
macOS-Security-and-Privacy-Guide copied to clipboard

Published 20 hours ago verified publisher icon drduh

Remove KnockKnock

Open friadev opened this issue 1 year ago • 2 comments

  • App not updated in over a year
  • Requires extensive permissions including full disk access
  • Sends lots of data to VirusTotal

friadev avatar Sep 30 '24 07:09 friadev

Blockblock should be removed too.

Because BlockBlock utilizes Apple's new Endpoint Security Framework (to monitor for persistence), it requires system privileges.

beerisgood avatar Sep 30 '24 08:09 beerisgood

There should be a new update of KnockKnock coming soon. At least there are new commits in September. https://github.com/objective-see/KnockKnock/commits?author=objective-see&since=2024-09-01&until=2024-10-01

And BlockBlock constantly detects malware and adware without prior knowledge (even 0-days). Just a few examples: https://x.com/patrickwardle/status/1576138133296402432 https://x.com/patrickwardle/status/1503445841821978626 https://x.com/objective_see/status/1473749664683814913 https://x.com/patrickwardle/status/1351603649575702530

I think that's worth mentioning.

ghost avatar Oct 04 '24 12:10 ghost

@friadev Why are you pushing for these useful open source security tools to be removed if they work as intended? There is a disable VirusTotal integration in the settings.

@drduh I think all scanners will need full disk access permissions or privileges to scan your system?

Screenshot 2024-11-21 at 14 53 22

Coding4Coffee avatar Nov 21 '24 14:11 Coding4Coffee

@friadev Why are you pushing for these useful open source security tools to be removed if they work as intended? There is a disable VirusTotal integration in the settings.

Because ignoring recommended practices (keep your system simple) isn't what you want for an secure system.

beerisgood avatar Nov 21 '24 17:11 beerisgood