Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

mackenmac

macrumors newbie
Original poster
Mar 26, 2020
6
0
Hello,

I made a factory reset of my MacBook Air, and downloaded a firewall and an antivirus program. Then I noticed that the firewall picked up a program called "Python", which I found to be strange.

To my knowledge, this is a similar program to R (Statistics, coding, forecasting, etc. program). Or is this something else? Is this suppose to be a standard program for a MacBook Air? It does not show amongst the different applications in the application folder, meaning it is not a program I can use, but it shows in the firewall. Also, when using Spotlight search a folder called "Python" shows.

What could this be?
 

chrfr

macrumors G5
Jul 11, 2009
13,702
7,264
Hello,

I made a factory reset of my MacBook Air, and downloaded a firewall and an antivirus program. Then I noticed that the firewall picked up a program called "Python", which I found to be strange.

To my knowledge, this is a similar program to R (Statistics, coding, forecasting, etc. program). Or is this something else? Is this suppose to be a standard program for a MacBook Air? It does not show amongst the different applications in the application folder, meaning it is not a program I can use, but it shows in the firewall. Also, when using Spotlight search a folder called "Python" shows.

What could this be?
Python is a programming language, so it could be doing lots of things that might need network access. Python has been included in macOS for many years, so its presence is not unexpected.
 

mackenmac

macrumors newbie
Original poster
Mar 26, 2020
6
0
Thank you for the answer. What do you suggest would be the result of having the firewall block it?
 

leman

macrumors Core
Oct 14, 2008
19,494
19,630
Thank you for the answer. What do you suggest would be the result of having the firewall block it?

Probably some script trying to access the internet. Could be one of Apple's standard one, could be some tool you have installed, could be some sort of malicious thing. There is no way to know without a more detailed analysis.
 

mackenmac

macrumors newbie
Original poster
Mar 26, 2020
6
0
Probably some script trying to access the internet. Could be one of Apple's standard one, could be some tool you have installed, could be some sort of malicious thing. There is no way to know without a more detailed analysis.
It occurred after performing a factory reset of the MacBook, and only installing antivirus and firewall (The program that made me aware of it in the first place). It seemed strange, but if it is standard for MacBooks then that explains it.
 

leman

macrumors Core
Oct 14, 2008
19,494
19,630
It occurred after performing a factory reset of the MacBook, and only installing antivirus and firewall (The program that made me aware of it in the first place). It seemed strange, but if it is standard for MacBooks then that explains it.

There are a lot of things that could be accessing the network, some of them benign and some of them malicious. Your firewall won’t discriminate between “good” or “bad” programs. We can’t tell you whether that particular access was harmless or not.

Generally, I don’t recommend installing a third party antivirus software on a Mac since it is a often a security risk. Can’t comment on firewalls. The default Mac built-in protection was always sufficient for me.
 

Daino92

macrumors regular
Sep 15, 2019
113
216
Montana
There are a lot of things that could be accessing the network, some of them benign and some of them malicious. Your firewall won’t discriminate between “good” or “bad” programs. We can’t tell you whether that particular access was harmless or not.

Generally, I don’t recommend installing a third party antivirus software on a Mac since it is a often a security risk. Can’t comment on firewalls. The default Mac built-in protection was always sufficient for me.
Can you explain why you think that having 3rd Party antivirus is a security risk? After doing some research it seemed like a lot of articles were recommending this due to the increase in malware that MacOS picked up in 2019. I currently have Norton installed.
 

leman

macrumors Core
Oct 14, 2008
19,494
19,630
Can you explain why you think that having 3rd Party antivirus is a security risk? After doing some research it seemed like a lot of articles were recommending this due to the increase in malware that MacOS picked up in 2019. I currently have Norton installed.

An antivirus is a complex piece of software that operates in elevated privilege mode and consists of many components. It is a perfect target for an attack. Popular antivirus programs routinely exhibit exploitable security flaws that leave your system vulnerable. Since Macs still don’t have any known viruses viruses, I see no benefit in running an additional tool that occupies resources and is a potential security risk without actually doing anything useful.

To deal with malware it is sufficient to use a malware scanner - you don’t need an antivirus. And of course, a malware scanner is built into mac OS itself. A good third party scanner is a non-resident tool that does not have elevated privileges and simply scans your file system for known threats periodically. If such a tool has a resident component that can inspect all processes at runtime - you again run into security issues.

A third-party firewall is another thing and there are users that want to have a complete control over their network traffic, beyond what the default Mac firewall does.
 
  • Like
Reactions: Daino92

Daino92

macrumors regular
Sep 15, 2019
113
216
Montana
An antivirus is a complex piece of software that operates in elevated privilege mode and consists of many components. It is a perfect target for an attack. Popular antivirus programs routinely exhibit exploitable security flaws that leave your system vulnerable. Since Macs still don’t have any known viruses viruses, I see no benefit in running an additional tool that occupies resources and is a potential security risk without actually doing anything useful.

To deal with malware it is sufficient to use a malware scanner - you don’t need an antivirus. And of course, a malware scanner is built into mac OS itself. A good third party scanner is a non-resident tool that does not have elevated privileges and simply scans your file system for known threats periodically. If such a tool has a resident component that can inspect all processes at runtime - you again run into security issues.

A third-party firewall is another thing and there are users that want to have a complete control over their network traffic, beyond what the default Mac firewall does.
Thanks for your detailed reply. I appreciate it. :)

I can see where you're coming from. I just read an article (here: https://www.macworld.co.uk/feature/mac-software/mac-viruses-list-3668354/) that listed at least 15 different threats that Macs have faced over the years. To be fair, these seem to be Zero Day vulnerabilities that ended up being resolved. You're saying that with all of those that I just referenced, that an antivirus would have done nothing to help?
 

leman

macrumors Core
Oct 14, 2008
19,494
19,630
You're saying that with all of those that I just referenced, that an antivirus would have done nothing to help?

All of these things (as far as I can see) are either malware or various software exploits. They can be trivially blocked by Apple's built-in malware protection (provided the signatures are updated).

Some antivirus companies advertise proactive threat detection which would allow them to block unknown malware, but frankly, I am not convinced. IMO, the best protection is a) maintaining regular redundant backups b) using caution and common sense with software you download from internet. And of course, skip using Adobe Reader (it's crap anyway) :D
 

Daino92

macrumors regular
Sep 15, 2019
113
216
Montana
All of these things (as far as I can see) are either malware or various software exploits. They can be trivially blocked by Apple's built-in malware protection (provided the signatures are updated).

Some antivirus companies advertise proactive threat detection which would allow them to block unknown malware, but frankly, I am not convinced. IMO, the best protection is a) maintaining regular redundant backups b) using caution and common sense with software you download from internet. And of course, skip using Adobe Reader (it's crap anyway) :D
I see. That makes sense.

I totally agree, Adobe is not that great and constantly has security issues. What alternative would you recommend for adobe? Also, not sure if you'd know, but is there a way to back up your Mac without a external SSD? I do not have one.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.