merits of norton 360 anti-virus 'protection' for air mac laptop

Part 1 of 2

There are no known Windows-like Viruses in the wild that self replicate and affect macOS, because of the underling UNIX  Foundation and Permission Limitation. 

Right there is reason enough not to install any AntiVirus Software by any Third Party Developer

Additionally, in macOS 11 Big Sur, macOS 12 Monterey and macOS 13 Ventura. 

The Operating System resides in a Sealed and Read Only Volume that can not be opened by the User nor by Third Party Applications.

The only Entity that can open and modify or alter this Volume is Apple.

That would occur when a update or UpGrade is performed.

The Only thing this Antivirus software is protecting is the Bank Account of the Developers and for zero return to the User aside from the problems this software creates.

AntiVirus Developers purposefully Market their product to create a “ Fear Factor “. In so doing, creating a False Need for their Product.

Any of the below should be removed as per Developers Instructions  and / or Never Installed at all.

This will include BitDefender , 

➡️ This will included Norton Antivirus  ⬅️

 Sophos Av Software

Intego AntiVirus

 McAfee, 

Avast AntiVirus

Ad Guard,

 Webroot ,

 ESET ,

 Avira ,

AVG AntiVirus  

 avira antivirus 

Trustee  

AntiVirus for Mac

F-Secure

Securemac

Cylance

Kaspersky Internet Security

Read some of the posting and arrive at your own conclusions.

There most certainly is malware on macOS. But it's not that serious of a problem. Even less as of late. The most dangerous malware will find it impossible to get a foothold into an Apple operating system like they can on other operating systems.

Apple has greatly increased security on macOS. The combination of a read-only System volume that is protected by System Integrity Protection and then snapshot to APFS, signed by Apple and sealed. The OS boots off that immutable (unchangeable) snapshot. Then it loads the Data volume which contains all the user data and installed Applications. Apple created what they call firmlinks and they are used to make the System and Data volume appear as one drive to Finder. This is also why you can now 'Erase all Content and Settings' on Apple Silicon Macs. It just nukes and recreates the Data volume. It's also why you can't delete Apps that Apple includes with macOS.

The Secure Boot on Apple Silicon is much better than secure boot on PC's. There is an actual secure boot exploit that Microsoft cannot fix without breaking millions of Windows PCs. Apple has removed developer access to install Kernel Extensions and only allow sandboxed System Extensions and they are even more picky about what a System Extension is capable of doing. Kernel extensions are extremely dangerous, they run at the operating system kernel level and can do things like read or write any section of RAM and intercept and override operating system behaviors. This is how traditional antivirus worked and still does on Windows. Most of the Windows BSOD (Blue Screen of Death) issues in the past were related to buggy video graphics drivers operating at the kernel level. Microsoft has moved them to Userland so that's why there are less BSOD on Windows. But the security tools still operate at the kernel level. Apple create a new security API so a sandboxed System Extension uses that API to accomplish what a security tool needs to do but nothing else. It's also not possible to crash the operating system nor be exploited by a bug in the extension to allow malware to obtain kernel level access.

On Apple Silicon and Intel w/T2 Macs. The disk is encrypted at the factory wether or not you enable FileVault. Doing so merely generates the recovery key and gives you the ability to unlock the disk and reset your password if you forget it. Inside the Apple Silicon SoC (M1/M2) & the T2 is the Secure Enclave which is a black box that holds all the secrets. The Secure Enclave has a private key burned into the chip at the factory. You can write secrets to the Secure Enclave but you cannot read them back out. The T2 and Apple Silicon SoC act as the disk controller. In modern Mac's there not more disk controller on the SSD so those Macs with removable SSD's are just a board with raw flash chips on it. Unlike PC's who have a disk controller with firmware on every NVMe / SATA SSD.

All security software on macOS has a tendency to reduce system performance and Norton / Symantec / Broadcom products are some of the worst in that regard.

here the general advice is no third-party virus scanner at all and maybe an occasionally scan with etrecheck and the free malwarebytes app from app store

Read: Effective defenses against malware and ot… - Apple Community

FWIW, although Malwarebytes and EtreCheck are often recommended, neither are available in the App Store.

You can get them here…

https://www.malwarebytes.com

https://etrecheck.com/

Never install any app that claims to "tune up", "speed up" or "clean up" your Mac. These apps exist for one reason: to separate the unwary and inexperienced user from their hard-earned money. At best they do very little, at worst, they can damage your OS installation and cause far more problems than they "solve".

Give this document a good read. There is no reason to use an anti-virus product on a Mac unless all of those user posts over the last decade were mistaken about the problems that cleared up after removing their anti-virus applications.