• tastysnacks@programming.dev
    link
    fedilink
    arrow-up
    10
    arrow-down
    3
    ·
    2 months ago

    So you don’t trust me, but you trust McAfee to give it full control over the system. Yet my software doesn’t work because something is blocked and nothing is showing up in the logs. But when we take off Mafee, it works. So clearly McAfee is not logging everything. And you trust Mcafee but not me? /s kinda.

    • mosiacmango@lemm.ee
      link
      fedilink
      arrow-up
      5
      arrow-down
      4
      ·
      edit-2
      2 months ago

      No one on earth trusts McAfee, be it the abysmal man or abysmal AV suite.

      If the EDR or AV software is causing issues with your code running, it’s possibly an issue with the suite, but it’s more likely an issue with your code not following common sense security requirements like code signing.

        • mosiacmango@lemm.ee
          link
          fedilink
          arrow-up
          2
          arrow-down
          2
          ·
          2 months ago

          It’s not common, but it should be.

          Still, that was just one example. EDR reacting to your code is likely a sign of some other shortcut being taken during the development process. It might even be a reasonable one, but if so it needs to be discussed and accounted for with the IT security team.

          • tyler@programming.dev
            link
            fedilink
            arrow-up
            1
            ·
            1 month ago

            You’re talking about during CI. Not during the actual coding process. You’re not signing code while you’re debugging.