Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

They allow a 3rd party to change Kernel stuff with an update. Apple banned this a while ago.


It is supposed to be like that.

Antivirus software always works as a driver in the kernel, no other way. You'll get the same in Linux, for example. In MacOS it may be slightly better (if I remember right Darwin is a micro-kernel), but in fact a broken driver still can crash the system there.


> Antivirus software always works as a driver in the kernel, no other way.

You're confidently wrong: https://developer.apple.com/support/kernel-extensions/


This page is only about using some APIs, that are now supposed to be called through wrappers. I would say it significantly limits the developers, and also may introduce additional flaws.


Yet it is how antivirus works on Mac now.


*banned

Made it a lot harder for everyone involved, but still possible, as it’s a very useful technique.

PS: Since I'm being downvoted, here is the link showing that it is still possible using Reduced Security:

https://support.apple.com/en-gb/guide/mac-help/mchl768f7291/...

I doubt Apple will completely disable kext in the near future. Making it hard enough to be impractical has most of the benefits already.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: