Print 124 comment(s) - last by hiscross.. on Sep 12 at 12:42 PM

Is Apple's Snow Leopard as attack proof as the company believes? Probably not, but it does add some significant protections. Security companies, though, are coming out with criticism against Apple's efforts, in what seems a mix of sour grapes and legitimate points.  (Source: Simple Thoughts -- Computer Security Blog)
Are security firms' Snow Leopard gripes legitimate or just sour grapes? The answer may be be that they are a bit of both..

Just as attacks against Macs were beginning in earnest, and security software makers were ready to step into this new market and begin selling customers security suites, Apple dropped a bomb on the security software vendors -- OS X 10.6 "Snow Leopard" comes with built-in malware detection for a few Mac-specific viruses.

Apple, which has long lambasted Windows PCs as dangerously insecure in its advertisements, brags that its new OS offers unmatched protection against malware and cyber-attacks.  It points to hardware-based execution control for heap memory, stronger checksums for preventing memory corruption attacks, and built in antivirus protection -- dubbed XProtect -- as strong improvements in its OS design.

Now security companies are responding to Apple's boasts via blogs and emails that range from skeptical to scathing. 

Symantec was among the most critical, stating, "It is not a full-featured antivirus solution and does not have the ability to remove malware from the system.  File Quarantine is also signature-based only. Malware signatures are only as good as the definitions, requiring Apple to provide regular, timely updates."

The company points out that OS X's Software Update is not fully automatic and that it does not inform users what signatures have been downloaded, to indicate the current level of protection.  They also criticize that Apple's firewall is turned off by default and lacks the configurability of most third-party solutions.  Also they point out that the OS provides little to no protection against unauthorized access of sensitive information on disc or for information being transmitted over networks.  Finally, they say that Apple's reliance on site lists for its anti-phishing efforts make its blocking close to useless as the attacking sites typically change on a daily basis.

Andrew Storms, director of security operations at nCircle Network Security, also criticized the new software. "It feels like they are just trying to put a tic mark in the anti-malware compliance box for the enterprise customers they are still trying to woo.  So far, it looks like a pretty 'featureless feature.' Compared to other third party options, the functionality is pretty low. It's a lot like getting a warranty on your car that only covers floor mats, " he remarks.

Sophos researcher Paul O Baccas takes a more measured approach, stating that Apple's XProtect may be somewhat useful for certain programs -- Entourage, Safari, Mail, Firefox, Thunderbird -- which call LSQuarantine, an XProtect utility that detects malware.  However, for Skype, Adium, BitTorrent and Apple's Finder -- USB drives, shared network volumes, etc. -- there is no protection, he conversely points out.  He elaborates, "They haven't really integrated an antivirus program.  They've added something which can block some malware under some conditions."

He does say that the changes are better than nothing, however.  Apple meanwhile, refused to directly respond or comment on the criticism from security software vendors.

Security vendors will be facing a double-whammy when Microsoft officially releases its more full-featured security solution for Windows XP, Vista, and the new Windows 7.  Microsoft is set to drop this free security suite, dubbed Microsoft Security Essentials, before the end of the year.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: Please leave the pasions out
By jecast on 9/1/2009 6:20:42 PM , Rating: 1
"And what exactly is the task that the MBP is s good at? Hanging out at Starbucks looking cool while you twitter your friends?"

No, this is not related to technology or security. Ideas like this one are a misjudgment to human behavior. Who is "Hanging out at Starbucks looking cool...", the MBP or the persons who use it. This is a personal statement, a judgment about having a Mac. It looks as hate to any person who use a Mac. Is wrong, and it is not about technology.

The point is this is not a human gossip website, not a place to discharge your worst feelings anonymously and not a opportunity to promote hate to certain people or preferences. If you think that you have a valid point there are ways to say what you think without insulting or being vane, is up to all of us to find a proper way.

At work or with my clients I don't see people judging me because I have a Mac or a PC, I use both. Or is it that the few ones that have the problem say nothing in front of you and that is why they prefer to discharge under the comfort and security of a faked name. I don't use aked names to cover my worst feelings.

I am looking forward to upgrade my PC to Windows 7, a q6600 with Xp64 that I builded myself, and I already ordered Snow Leopard for my Mac Pro. As I said before I just want to know what to expect from each system. Yes I have been a bit concerned about not having a security software under OSX since the first incarnation and that is why I keep reading and asking, but until now I am not going to use one. And that may change tomorrow. And many people I know use Macs are aware of the situation, so it is not a security by obscurity issue. It is an opportunity while its still safe. I back up every day the system and I have my critical data replicated in different places, Macs or PCs. It is something I promote and talk about.

RE: Please leave the pasions out
By Alexstarfire on 9/1/2009 6:49:20 PM , Rating: 2
So let me get this straight. Asking what a product is good for is irrelevant? If that's the case then I guess EVERYTHING is irrelevant. I know the last part is, but that's not what I was talking about and you know it.

But if you don't considering talking security or about what products do relevant.... then I can't do anything for you.

RE: Please leave the pasions out
By snookie on 9/2/2009 12:42:36 AM , Rating: 2
Don't worry. Nobody is under the impression you have anything to offer.

"This is about the Internet.  Everything on the Internet is encrypted. This is not a BlackBerry-only issue. If they can't deal with the Internet, they should shut it off." -- RIM co-CEO Michael Lazaridis

Most Popular ArticlesAre you ready for this ? HyperDrive Aircraft
September 24, 2016, 9:29 AM
Leaked – Samsung S8 is a Dream and a Dream 2
September 25, 2016, 8:00 AM
Yahoo Hacked - Change Your Passwords and Security Info ASAP!
September 23, 2016, 5:45 AM
A is for Apples
September 23, 2016, 5:32 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki