Contribute
Register

Security: Please explain XProtect

pisomojado

pisomojado

Joined
Jan 9, 2013
Messages
176
Motherboard
Gigabyte Z390 Designare
CPU
i7-9700K
Graphics
RX 580
I got sick of Avast security and read on a couple Mac sites that it does more harm than good. That Macs have built-in XProtect. I was directed towards free products such as Eclectic Light Company's SilentKnight2 and ObjectiveSee's KnockKnock and BlockBlock.

However, I'm not sure how well these work with a Hackintosh. I tried using Silentknight's updater (see screenshot), and suddenly I couldn't boot and had to restore from backup. It could have been a coincidental hard drive failure...

What is recommended security protocol? Is XProtect updated in Hackintoshes? If not, should I reinstall Avast, or something like it?
 

Attachments

  • Screenshot 2024-04-27 at 2.12.33 PM.png
    Screenshot 2024-04-27 at 2.12.33 PM.png
    169.3 KB · Views: 6
Here is an explanation of the security setup for a system running macOS, including XProtect.

Protecting against malware in macOS

In macOS, Apple protects against malware using XProtect and the Malware Removal Tool (MRT), and updates these tools automatically.
support.apple.com

A very good reason not to disable the builtin security, i.e. disabling SIP & AMFI.
 
I personally don’t use any third party antivirus software on my Mac’s or Hack’s. I don’t use OCLP either.

Unless you are frequently downloading suspect software and files, I don’t see why you would need to use an antivirus program in macOS.
 
Edhawk said:
I personally don’t use any third party antivirus software on my Mac’s or Hack’s. I don’t use OCLP either.

Unless you are frequently downloading suspect software and files, I don’t see why you would need to use an antivirus program in macOS.
Click to expand...
Thanks for the explanation link. I never use the app store, preferring open source and third party software. My mom uses the computer frequently and is terrible about security, opening spam, downloading garbage, etc. Since SilentKnight2 indicates (screenshot in OP) that XProtect is not updated and that SIP status is "unknown", I'm concerned about security.

Why is XProtect not updated? Does this have to do with OpenCore?
 
Are you using a Broadcom WiFi card in macOS Sonoma, with OpenCore Legacy Patcher and the Broadcom Root Patches? If yes, then that will be why SIP is disabled and reported as in an unknown state. Probably why XProtect is not updating.

You may want to think about using an Intel AX200 or AX210 WiFi/BT card in Sonoma, so you can keep the normal Apple security enabled.

While you will loose some Continuity functions, most of them can be reinstated using alternative Apps, such as LocalSend, which is an alternative to AirDrop.

You are more likely to download and install a virus/bot or other issue using third-party apps. The AppStore is a much safer environment to obtain apps, even for a Hackintosh.
 
You must log in or register to reply here.
Copyright © 2010 - 2024 tonymacx86 LLC
Back
Top