backtop


Print 29 comment(s) - last by .. on Aug 30 at 10:59 AM


Apple's new Snow Leopard OS apparently comes with free antivirus software.  (Source: Intego)
Apple is rumored to make its upcoming OS more secure

Not wanting to be made the target of new PC ads mocking its lack of antivirus support, Apple reportedly is packaging its new OS X 10.6 "Snow Leopard", set to air on August 28, with free antivirus software.

Security research firm Intego, which maintains a Mac security blog that monitors various OS X-specific malware, first noticed and reported the development.  The firm was running the new version of OS X, when they noticed it detected and removed malware.  The process was carried out via a popup window, which they took a screenshot of, but they were either unable to determine or chose not announce who made the antivirus software.

Intego's post indicated that they were not making the product.  ClamAV -- currently the AV engine in Apple's server operating system -- also seems unlikely as the virus detected had the signature "OSX.RSPlug.A", a signature that ClamAV currently doesn't support (ClamAV does have a signature for "OSX.RSPlug" [1]).  Similar, McAfee and Sophos use the names OSX/Puper.a [2] and OSX/RSPlug-A [3], respectively.

That leaves Symantec [4] as one possibility.  Another is that Apple has developed its own proprietary antivirus software -- which would not be surprising.

Assuming that Intego's report is accurate (which seems likely as they're a serious name in the security software industry), it looks like Apple will finally be taking malware on its consumer products seriously.  It should be interesting to see how the program stacks up to the free offering that Microsoft is releasing later this year for Windows 7, Windows XP, and Windows Vista.

For many years Macs remained largely free of malware, while their PC brethren struggled.  This was due to many factors – including a small marketshare and the OS's generally sound design. Additionally, the web-based attacks of today were somewhat less frequent back then because browsers featured less rich content to exploit. 

However, like any OS, OS X was not without its holes -- on both the OS and the application level.  Recently, with more marketshare and Apple's increasing marketing bravado, interest has picked up in attacking the OS.  Recently, a worm attacking Macs emerged, but it appeared to be amateurish, unable to reproduce due to the server it communicates with being dead.  Nonetheless, it seems a matter of time before more serious attacks, implementing the proof-of-concept OS X attacks that security researchers have been demonstrating, come to light.  One such recent proof-of-concept attack demonstrated an an OS X keylogger though Apple has since patched the route it used.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Explanation
By inighthawki on 8/26/2009 10:30:58 AM , Rating: 2
How is Apple going to explain to the large crowds that their so-called "malware-proof" system has/needs and anti-virus tool. Props to Apple for building this in, but doing so does nothing in stopping those "new pc commercials" from targeting this instead.




RE: Explanation
By lamerz4391 on 8/26/2009 10:36:47 AM , Rating: 4
Interesting that Apple can build it in to Snow Leopard, yet if Microsoft, with Security Essentials, did the same it would be evil and monopolistic. Apple should be forced to unbundle their security app, and should also be forced to offer a browser ballot screen to allow for browser selection.


RE: Explanation
By Ordr on 8/26/09, Rating: -1
RE: Explanation
By ChristopherO on 8/26/2009 1:56:58 PM , Rating: 5
Well, the problem is that people just want fairness applied to corporations. And we all know how the government works... Everyone is too afraid to admit they made a mistake, so they'll never take pressure off MSFT because doing so would be akin to admitting they were idiots in the first place. Once you create a government *anything*, bureau, policy, etc, you can't kill it.

As a result, the best anyone seeking fairness can hope for is that the same pressure is applied to competitors.

What always makes me laugh is that the government attorneys have no idea what they're doing... If they had their way no web browser would be included. Seeing as how a person generally needs a browser to get another one, well, that's difficult.

Put another way...

They would remove IE and Safari requiring FTP to be used to get a new browser...

But wait, you can't use FTP since commercial clients exist!

Oh, and you can't include TCP/IP because you might put the guys who wrote Trumpet Winsock out of business.

So technically, if they had their way, I'd need to call trumpet on the phone, have them mail me a CD. Then call up ipswitch and have them mail me a CD with an FTP client. At which point I'd need to find a company that sells a text editor, because Notepad has commercial competition, so I'd have no idea how to install Trumpet, or Ipswitch, because I couldn't open the README files. And after I do that, I'd have to FTP somewhere to download a browser. Or maybe, since my last name begins with O, the UN will pass a resolution that everyone with a last name beginning with O has to use Opera to help with their really, really low marketshare.

And these are seriously the same buffoons that people want running health care. We'd all be using 8-tracks if we let them control innovation.


RE: Explanation
By hiscross on 8/29/2009 5:52:38 PM , Rating: 2
Capitalism is about generating wealth. It wealth that powers an economy. That is what is fair. No business should give any of it's profits that it earned through the production of products to anyone who won't work. That what is unfairness. If you work for someone and get paid, then that is what you have determined is your value. Now if you start your owe business, the profit you make and the wealth you generate is yours and on;y yours.


RE: Explanation
By afkrotch on 8/26/2009 8:49:50 PM , Rating: 1
It's the difference in product. Microsoft makes software, while Apple makes a whole platform. This is how Apple can get away with it.

If Microsoft make a complete platform, I can see them being able to scoot around these issues. That or Apple would get thrown onto the EU's "take money off American companies" list.


RE: Explanation
By gstrickler on 8/26/2009 9:15:30 PM , Rating: 3
There is not yet confirmation that Snow Leopard actually includes any anti-malware software. There is a report from one reputable company and a few individuals, but nothing from Apple yet. At this point, it's still an unconfirmed rumor, but it may be correct.

From another article about it:
http://www.theregister.co.uk/2009/08/25/snow_leopa...
"The feature is said to warn users if they try to install applications known to be malicious. However, according to the Register's anonymous source, it's quite limited; for one, it's only checking for two known Mac trojans, and two, it only flags those files if they were downloaded from the internet using Entourage, iChat, Safari, and a handful of other applications."

In short, it's more like Microsoft's "Malicious Software Removal Tool" than a full anti-virus or anti-malware software.


RE: Explanation
By ScifiterX on 8/26/2009 12:00:40 PM , Rating: 2
Malware-proof is a term that's been used by both Mac & PC Zealots and hack reporters but never by Apple itself. They have claimed no virus were on it which is still technically correct (what currently exists is actually other forms of malware). There is some malware but the fact is that the numbers are not proportional to marketshare.


RE: Explanation
By omnicronx on 8/26/2009 4:26:59 PM , Rating: 3
quote:
There is some malware but the fact is that the numbers are not proportional to marketshare.
Who are you to make that kind of claim? Security experts would tend to disagree with your statements, you cannot merely take the number of total viruses, and divide by Apples share to get a number. The higher marketshare, the more susceptible you are for attack.

Taking this further, almost all security experts agree, that as marketshare increases, the amount of attacks will increase exponentially.

P.S You are living in the clouds if you think OSX has never had a 'real' by definition virus. Perhaps they are not widespread, but they surely do exist.


RE: Explanation
By ScifiterX on 8/26/2009 5:17:11 PM , Rating: 2
I just doesn't work that way. Windows is not more or less susceptible to attacks because they are as large a part of the market as they are. They are more targeted, however. Things like significant numbers of security, piss poor security defaults & protocols, and long security patch waits are what make any OS more susceptible.

Your argument also breaks down when you consider Linux has a smaller market share than OS X yet has slightly more malware available.


RE: Explanation
By ScifiterX on 8/26/2009 5:27:01 PM , Rating: 2
It's important to not that being susceptible the way I defined it also increases how much a given OS is targeted.

Challenge does so as well but no where near the degree that scale and susceptibility do.


RE: Explanation
By omnicronx on 8/26/2009 6:52:17 PM , Rating: 2
quote:
piss poor security defaults & protocols, and long security patch waits are what make any OS more susceptible.
Sure if you are talking about XP or earlier. There are many aspects of OSX that are just plain not secure either. A non secured app folder and the way applications are packaged (Specifically Bundles) are major security threats .

Another big one is the way extensions work, for example in windows, you could have an infected file labelled virus.jpg.exe. Rename that to virus.jpg and it most likely will do nothing, opening up the app associated with the jpg extension. Well OSX does no such thing, you could completely remove the extension from an infected executable and it will still run as such. So Apple is far from free of security holes, if that existed in the windows environment you might aswell never open an email attachment.
quote:
Your argument also breaks down when you consider Linux has a smaller market share than OS X yet has slightly more malware available.
OSX does not have a larger marketshare including servers, which you cannot just discount. Nobody knows the exact numbers, but most estimate total Unix/Linux share hovers at around 14% (this is what MS figures at least, could be higher), much higher than OSX.

Furthermore unix and its dirivatives have been around for how many years? Not to mention a large chunk of malware were never meant for large scale deployment, and were merely a pet project. This is not really hard to believe either, considering some of the crazy nix developers out there. Most of these threats have been long patched too.

OSX has only been around since 2001, and while it is pretty much a completely new OS, Apple was once the major target of viruses and malware (was the first consumer OS to have a virus set loose in the wild), mainly because the academic community used Apple computers for their studies on the subject. Many of the first proof of concepts came from Apples machines, and it had nothing to do with how secure/insecure the OS was.


RE: Explanation
By gstrickler on 8/26/2009 8:32:31 PM , Rating: 2
quote:
There are many aspects of OSX that are just plain not secure either. A non secured app folder and the way applications are packaged (Specifically Bundles) are major security threats .
I just installed Mac OS X 10.5 on a machine, only "admins" and "system" have write access to the "Applications" folder, everyone else is read only. That's the default setting, and it is secure.
quote:
Another big one is the way extensions work, for example in windows, you could have an infected file labelled virus.jpg.exe. Rename that to virus.jpg and it most likely will do nothing, opening up the app associated with the jpg extension. Well OSX does no such thing, you could completely remove the extension from an infected executable and it will still run as such.
Not unless the file already has the "executable" flag set and/or has an executable "type" associated with it. Relying upon file extensions to determine what is executable is what's insecure. Further complicating things is the fact that the default for every new user under Windows is to hide file extensions, so most users can't see what files may be executable. Using your example, all most users will see is "virus.jpg", they won't even see the ".exe".

Simply renaming a file should not determine whether or not it can be executed. CPM introduced that system in the 70's and it should have been eliminated from Windows years ago.
quote:
Furthermore unix and its dirivatives have been around for how many years? Not to mention a large chunk of malware were never meant for large scale deployment, and were merely a pet project. This is not really hard to believe either, considering some of the crazy nix developers out there. Most of these threats have been long patched too.
Mac OS X is based upon a BSD Unix core, as security holes get fixed in BSD distributions, they make their way into Mac OS X if needed.


"Nowadays you can buy a CPU cheaper than the CPU fan." -- Unnamed AMD executive














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki