backtop


Print 29 comment(s) - last by .. on Aug 30 at 10:59 AM


Apple's new Snow Leopard OS apparently comes with free antivirus software.  (Source: Intego)
Apple is rumored to make its upcoming OS more secure

Not wanting to be made the target of new PC ads mocking its lack of antivirus support, Apple reportedly is packaging its new OS X 10.6 "Snow Leopard", set to air on August 28, with free antivirus software.

Security research firm Intego, which maintains a Mac security blog that monitors various OS X-specific malware, first noticed and reported the development.  The firm was running the new version of OS X, when they noticed it detected and removed malware.  The process was carried out via a popup window, which they took a screenshot of, but they were either unable to determine or chose not announce who made the antivirus software.

Intego's post indicated that they were not making the product.  ClamAV -- currently the AV engine in Apple's server operating system -- also seems unlikely as the virus detected had the signature "OSX.RSPlug.A", a signature that ClamAV currently doesn't support (ClamAV does have a signature for "OSX.RSPlug" [1]).  Similar, McAfee and Sophos use the names OSX/Puper.a [2] and OSX/RSPlug-A [3], respectively.

That leaves Symantec [4] as one possibility.  Another is that Apple has developed its own proprietary antivirus software -- which would not be surprising.

Assuming that Intego's report is accurate (which seems likely as they're a serious name in the security software industry), it looks like Apple will finally be taking malware on its consumer products seriously.  It should be interesting to see how the program stacks up to the free offering that Microsoft is releasing later this year for Windows 7, Windows XP, and Windows Vista.

For many years Macs remained largely free of malware, while their PC brethren struggled.  This was due to many factors – including a small marketshare and the OS's generally sound design. Additionally, the web-based attacks of today were somewhat less frequent back then because browsers featured less rich content to exploit. 

However, like any OS, OS X was not without its holes -- on both the OS and the application level.  Recently, with more marketshare and Apple's increasing marketing bravado, interest has picked up in attacking the OS.  Recently, a worm attacking Macs emerged, but it appeared to be amateurish, unable to reproduce due to the server it communicates with being dead.  Nonetheless, it seems a matter of time before more serious attacks, implementing the proof-of-concept OS X attacks that security researchers have been demonstrating, come to light.  One such recent proof-of-concept attack demonstrated an an OS X keylogger though Apple has since patched the route it used.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Explanation
By omnicronx on 8/26/2009 4:26:59 PM , Rating: 3
quote:
There is some malware but the fact is that the numbers are not proportional to marketshare.
Who are you to make that kind of claim? Security experts would tend to disagree with your statements, you cannot merely take the number of total viruses, and divide by Apples share to get a number. The higher marketshare, the more susceptible you are for attack.

Taking this further, almost all security experts agree, that as marketshare increases, the amount of attacks will increase exponentially.

P.S You are living in the clouds if you think OSX has never had a 'real' by definition virus. Perhaps they are not widespread, but they surely do exist.


RE: Explanation
By ScifiterX on 8/26/2009 5:17:11 PM , Rating: 2
I just doesn't work that way. Windows is not more or less susceptible to attacks because they are as large a part of the market as they are. They are more targeted, however. Things like significant numbers of security, piss poor security defaults & protocols, and long security patch waits are what make any OS more susceptible.

Your argument also breaks down when you consider Linux has a smaller market share than OS X yet has slightly more malware available.


RE: Explanation
By ScifiterX on 8/26/2009 5:27:01 PM , Rating: 2
It's important to not that being susceptible the way I defined it also increases how much a given OS is targeted.

Challenge does so as well but no where near the degree that scale and susceptibility do.


RE: Explanation
By omnicronx on 8/26/2009 6:52:17 PM , Rating: 2
quote:
piss poor security defaults & protocols, and long security patch waits are what make any OS more susceptible.
Sure if you are talking about XP or earlier. There are many aspects of OSX that are just plain not secure either. A non secured app folder and the way applications are packaged (Specifically Bundles) are major security threats .

Another big one is the way extensions work, for example in windows, you could have an infected file labelled virus.jpg.exe. Rename that to virus.jpg and it most likely will do nothing, opening up the app associated with the jpg extension. Well OSX does no such thing, you could completely remove the extension from an infected executable and it will still run as such. So Apple is far from free of security holes, if that existed in the windows environment you might aswell never open an email attachment.
quote:
Your argument also breaks down when you consider Linux has a smaller market share than OS X yet has slightly more malware available.
OSX does not have a larger marketshare including servers, which you cannot just discount. Nobody knows the exact numbers, but most estimate total Unix/Linux share hovers at around 14% (this is what MS figures at least, could be higher), much higher than OSX.

Furthermore unix and its dirivatives have been around for how many years? Not to mention a large chunk of malware were never meant for large scale deployment, and were merely a pet project. This is not really hard to believe either, considering some of the crazy nix developers out there. Most of these threats have been long patched too.

OSX has only been around since 2001, and while it is pretty much a completely new OS, Apple was once the major target of viruses and malware (was the first consumer OS to have a virus set loose in the wild), mainly because the academic community used Apple computers for their studies on the subject. Many of the first proof of concepts came from Apples machines, and it had nothing to do with how secure/insecure the OS was.


RE: Explanation
By gstrickler on 8/26/2009 8:32:31 PM , Rating: 2
quote:
There are many aspects of OSX that are just plain not secure either. A non secured app folder and the way applications are packaged (Specifically Bundles) are major security threats .
I just installed Mac OS X 10.5 on a machine, only "admins" and "system" have write access to the "Applications" folder, everyone else is read only. That's the default setting, and it is secure.
quote:
Another big one is the way extensions work, for example in windows, you could have an infected file labelled virus.jpg.exe. Rename that to virus.jpg and it most likely will do nothing, opening up the app associated with the jpg extension. Well OSX does no such thing, you could completely remove the extension from an infected executable and it will still run as such.
Not unless the file already has the "executable" flag set and/or has an executable "type" associated with it. Relying upon file extensions to determine what is executable is what's insecure. Further complicating things is the fact that the default for every new user under Windows is to hide file extensions, so most users can't see what files may be executable. Using your example, all most users will see is "virus.jpg", they won't even see the ".exe".

Simply renaming a file should not determine whether or not it can be executed. CPM introduced that system in the 70's and it should have been eliminated from Windows years ago.
quote:
Furthermore unix and its dirivatives have been around for how many years? Not to mention a large chunk of malware were never meant for large scale deployment, and were merely a pet project. This is not really hard to believe either, considering some of the crazy nix developers out there. Most of these threats have been long patched too.
Mac OS X is based upon a BSD Unix core, as security holes get fixed in BSD distributions, they make their way into Mac OS X if needed.


"Let's face it, we're not changing the world. We're building a product that helps people buy more crap - and watch porn." -- Seagate CEO Bill Watkins














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki