backtop


Print 29 comment(s) - last by .. on Aug 30 at 10:59 AM


Apple's new Snow Leopard OS apparently comes with free antivirus software.  (Source: Intego)
Apple is rumored to make its upcoming OS more secure

Not wanting to be made the target of new PC ads mocking its lack of antivirus support, Apple reportedly is packaging its new OS X 10.6 "Snow Leopard", set to air on August 28, with free antivirus software.

Security research firm Intego, which maintains a Mac security blog that monitors various OS X-specific malware, first noticed and reported the development.  The firm was running the new version of OS X, when they noticed it detected and removed malware.  The process was carried out via a popup window, which they took a screenshot of, but they were either unable to determine or chose not announce who made the antivirus software.

Intego's post indicated that they were not making the product.  ClamAV -- currently the AV engine in Apple's server operating system -- also seems unlikely as the virus detected had the signature "OSX.RSPlug.A", a signature that ClamAV currently doesn't support (ClamAV does have a signature for "OSX.RSPlug" [1]).  Similar, McAfee and Sophos use the names OSX/Puper.a [2] and OSX/RSPlug-A [3], respectively.

That leaves Symantec [4] as one possibility.  Another is that Apple has developed its own proprietary antivirus software -- which would not be surprising.

Assuming that Intego's report is accurate (which seems likely as they're a serious name in the security software industry), it looks like Apple will finally be taking malware on its consumer products seriously.  It should be interesting to see how the program stacks up to the free offering that Microsoft is releasing later this year for Windows 7, Windows XP, and Windows Vista.

For many years Macs remained largely free of malware, while their PC brethren struggled.  This was due to many factors – including a small marketshare and the OS's generally sound design. Additionally, the web-based attacks of today were somewhat less frequent back then because browsers featured less rich content to exploit. 

However, like any OS, OS X was not without its holes -- on both the OS and the application level.  Recently, with more marketshare and Apple's increasing marketing bravado, interest has picked up in attacking the OS.  Recently, a worm attacking Macs emerged, but it appeared to be amateurish, unable to reproduce due to the server it communicates with being dead.  Nonetheless, it seems a matter of time before more serious attacks, implementing the proof-of-concept OS X attacks that security researchers have been demonstrating, come to light.  One such recent proof-of-concept attack demonstrated an an OS X keylogger though Apple has since patched the route it used.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

By gstrickler on 8/26/2009 7:51:39 PM , Rating: 4
First, Apple never claimed OS X was immune to malware, only that it wasn't a (significant) concern at the time. It hasn't been a significant concern because the number of malware attacks on the Mac is extremely small. The number of malware attacks on Macs is dramatically lower than on Windows due to differences in default security settings, market share, and system design.

That does not necessarily mean that the implementation is more secure, it may or may not be and right now, no one can say for certain.

Malware is a growing concern as the Mac gains market share and as Windows security increases. Now, more of the "bad guys" have started looking at ways to attack Mac OS X. Combine that with many government and corporate buyers demanding anti-malware on machines, and it's smart for Apple to add it or make sure it's readily available.

The biggest source of malware infections on the Mac is Word/Excel macro based malware. That hasn't been a huge problem primarily because of two issues:
1. Office 2004 for Mac supports VBA macros, but it's PPC only, so malware that targets Windows or Intel architectures generally won't work on Office 2004.
2. Office 2008 for Mac is native x86 code (actually, it's both Intel and PPC code, it runs natively regardless of whether you have a PPC or Intel based Mac), but it doesn't support VBA.

The end result is that while MS Office documents on the Mac can be a carrier of macro viruses, the Mac is almost never affected by them. The next revision of Office for the Mac is expected to be x86 native and support VBA, so the opportunity for successful exploitation is likely to increase.

Regardless of the reasons that there is less malware and fewer attacks on the Mac, it's still a benefit to Mac users.

An analogy for you. Would you be more comfortable (e.g. consider your assets more secure) by putting your assets in a bank with lots of visible security measures, but has been robbed thousands of times anyway, or one that has very little visible security, but hasn't been robbed successfully? You could lose your assets in either case, but the latter will probably cost a lot less to insure.


"I'd be pissed too, but you didn't have to go all Minority Report on his ass!" -- Jon Stewart on police raiding Gizmodo editor Jason Chen's home














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki