What is chronod, is it a part of Sonoma?

first off there are programs apple has not consented to which where designed to malfunction if you do not allow them all access pass to your root and computer., most dont need to ask as they have your password from the moment you installed them, why else did you think Apple asks for your own password once you already logged into your paid for device

No, Apple does not provide QA for millions of developers. Apple tests apps when they are submitted to certify them as eligible to be on their app store. If a company creates any kind of software and doesn't thoroughly QA their software then they are incompetent. If you consistently send buggy software to Apple they will stop accepting it for review and certification, they will not allow it on their app store and users will never be aware of it.

I'm saying this issue was missed by both Norton and Apple and it is my opinion that Norton will have to change their software to accommodate this issue whether it is Apple's bug or Norton's bug because Apple is the big dog and tends to say, "no, you fix it, you say it's our bug, we don't have bugs, your software needs to operate on our operating system not the other way around. My opinion is born of twenty years in high tech, including ten as a software quality engineer (QA) and much of that time testing mobile apps, submitting them to Apple, negotiating with Apple (there is no negotiating with Apple) and sending the app back to my team's developers to "fix".

MusicGenreDeleted wrote:

I can find no information suggesting Chronod is often used by bad actors. If you could post a link, I'd love to read about it. Currently Apple and Norton advise allowing access forever.

Here is how to resolve this and other similar issues with Norton 360.

So what exactly does this do, allow traffic for the stock market app or something, I blocked this app, still works anywhere, where to who is this traffic is beyond me, its not apple alone cause I see Russia, china, etc etc

I, we, have already done everything you suggested. What would be good is if you read the entire string so you would know that. It's getting a little bothersome dealing with people entering advice that has already been followed but they don't know that because they respond to the oldest comment in the string. We're now months past that.

Your suggestion for removing the software is well taken but do you mind if the rest of us get on with trying a less radical solution? It's antivirus software, not some fidget spinning, novelty app. Taking it out of my defense strategy is not acceptable, or at least not acceptable at this time.

MusicGenreDeleted wrote:

I, we, have already done everything you suggested. What would be good is if you read the entire string so you would know that. It's getting a little bothersome dealing with people entering advice that has already been followed but they don't know that because they respond to the oldest comment in the string. We're now months past that.

Your suggestion for removing the software is well taken but do you mind if the rest of us get on with trying a less radical solution? It's antivirus software, not some fidget spinning, novelty app. Taking it out of my defense strategy is not acceptable, or at least not acceptable at this time.

Using the built-in anti-malware* isn’t something I would consider radical.

Nor is contacting the vendor support for the add-on app reporting the false.

Particularly an add-on that’s been reporting this false positive for months, un-remediated.

Lately, the better sources for macOS malware have been cracked apps, and obviously-sketchy downloads. The biggest mess lately has been some persistent adware that the built-in anti-malware is blocking, but is not yet removing. (details)

As for add-on anti-malware: One of the better-known add-on anti-malware packages (Avast) was caught selling personally-identified web browsing and web purchasing data. (details) I’d be surprised if various other add-on security apps and add-on VPNs and such weren’t also collecting and reselling metadata. Here’s another false positive (details) where the built-in anti-malware prevented the add-on anti-malware from deleting part of macOS. F-Secure has had falses. (details) Here’s the Symantec (Norton) VP (2014) saying anti-malware is failing badly and getting worse. (details). Add-on anti-malware is itself a target, and more than a little has been hilariously poorly written, and Tavis and Google Project Zero has found some egregious implementations. (details)

Reading: Effective defenses against malware and ot… - Apple Community

TL;DR: This is a third-party app reporting this. For assistance or concerns with this, contact the third-party app support. Or remove the add-on anti-malware.

*XProtect, XProtect Remediator, the app store, Gatekeeper, the read-only boot system volume, etc. (details)

By "previous posts", I can only assume you mean a link to Norton's site where you can download an uninstaller?

The only way anything from Norton could have been on your Mac is if you, or someone else with access to your Mac installed it. Then, didn't uninstall it correctly. This leaves orphaned stuff behind that still tries to do its thing, if it can.

But good thing you found a way to resolve the issue.

You say I can turn chronod off. Please tell me How. thanks

I never said that. I’m not sure how you got that from my response.

People worried about chronod would do well to not worry about it.

Glad my answer was helpful to so many others.

I have this issue but my macOS firewall is not active.

I do have Norton and it is active

"I typically use the built-in anti-malware; Apple Gatekeeper, XProtect, and XProtect Remediator"

Exactly how do you "use" those three programs/features? How do I adjust settings.

no one is allowed to discuss malware here

ok so if Chronod is part of someone what exactly is it doing, who does it dial back to and why should we allow it forever?

Great idea, feel free to reply back after you do some research. We’re all looking forward to what you find out. You might start by reading the string in it entirety.

Trying to avoid that.