Report: Antivirus feature for Snow Leopard?
(Credit:
Apple)
The next version of Apple's OS X, which is due out Friday, may bundle antivirus capabilities.
Mac security firm Intego said that the latest version of the operating system, Mac OS X Snow Leopard, could have an antimalware feature, according to reports, in a blog post Tuesday.
The company published a screenshot which it said was of the security feature detecting a Trojan in a download, made via Apple's Safari Web browser.
Intego pointed out that the most recent Mac adverts compare Mac security favorably to PCs. However, security experts have historically been divided over the relative security of Microsoft and Apple code, while some point out that any comparison is further complicated by the differing market penetration of Macs and PCs.
Tom Espiner of ZDNet UK reported from London.
Now that Apple admits (at last) that OS X is not "bullet proof" and that it is vulnerable to viruses, etc., these same people say that this is acceptable.
As usual, Apple receives the same forgiving treatment compared to other companies. Probably now people are going to claim that yes, Macs have viruses, but windows as more...
I don't think that there is any OS that doesn't have viruses, and doesn't have security holes. I just think that due to the fact that 90% of the market use Windows, more people encounter viruses, and more hackers write viruses for windows.
At least Apple woke up. took its head out of the sand, and realized that OS X is vulnerable as any other OS.
Apple may be honest about the need for AV software on their website, but that's the proverbial fine print compared to the TV ad campaigns where they constantly harp on Windows and pretend that Macs are immune to viruses and other malware.
in those ads apple is talking about how your more likely to get a virus on a pc compared to a mac. they never said that macs dont get malware of any kind. they just said they dont get the 1000s of pc ones compared to the handful of mac ones. security has always been a bigger problem with windows compared to mac os X. ive seen all the ads, they have never directly stated that macs dont get malware.
OS 9 never got much above 3% market share yet had hundreds of viruses.
Apache is the market leader, but Windows Server has more exploits, not including the crappy PHP sites written by amateurs that are chock full of XSS and SQL injection flaws, which really aren't the fault of the server.
A secure system is secure with 1 user or 1 billion. An insecure system(*cough* Windows) is insecure with 1 or 1 billion users. Even if Windows had a 10% market share, it would still be the #`1 host for bots.
It is so unsecure I got flue by just talking about it.. *cough* :)
I just love MS products and find it more better the more I use it.
'The reason OS X is virus free is a solid secure foundation.'
>>>>You've been corrected on this (and the other points below), pentest; you know better. Yes, Apple's Web site tells you that it's because of being Unix-based that OS X is 100% immune to "viruses designed for Windows," but if you'd read it a little slower, you might notice a sleight of hand. Of course, any non-Windows platform should be immune to malware designed for Windows. But OS X is not immune to malware designed for OS X, including drive-by malware:
http://securitywatch.eweek.com/apple/mac_hacked_via_safari_browser_in_pwn2own_contest.html
http://www.darknet.org.uk/2008/03/mac-owned-on-2nd-day-of-pwn2own-hack-contest/
http://blogs.zdnet.com/security/?p=2917
http://it.toolbox.com/blogs/securitymonkey/mac-os-x-local-user-exploit-appears-12026
http://www.linuxtoday.com/news_story.php3?ltsn=2009-04-17-030-35-SC-SW
http://blogs.computerworld.com/why_windows_is_safer_than_the_mac
http://www.dasmirnov.net/blog/charlie-miller-on-the-lack-of-security-o
'OS 9 never got much above 3% market share yet had hundreds of viruses.'
>>>>Actually, it didn't. Linux has hundreds of malware samples; Mac OS had only a few. And to understand why, you need to understand the history of computers and malware. Back in the days of OS 9, Macs ran on PPC processors; very few people knew the shell. This gave it an even greater obscurity advantage than Linux, which itself ran on Intel like Windows.
Also, the malware written for OS 9 was written by script kiddies looking for notoriety, wanting to show that it could be done. But of course, there's no trick to installing a virus that depends on user intervention; you sudo, and the virus does whatever it wants. This goes for any platform: "as long as you can install SOFTWARE on your computer, you can install malicious SOFTWARE on your computer." Viruses are not jumbled strings of code, pentest. They are programs designed for a particular purpose on a particular platform. Until now, Mac OS did not have antivirus built in; there's no way for it to magically distinguish the malicious from the benign.
Finally, there IS malware in the wild for OS X. Whether or not there are any bona fide "viruses" for the Mac is a silly point to make; again, most viruses come in e-mails, and are installed by permission from the user. If it has been demonstrated over and over again that the Mac is in fact MORE vulnerable to drive-by infection than Windows, and if there are in fact MORE privilege escalation vulnerabilities for Unix-based platforms than there are for Windows, then what makes you think makes OS X any tougher against a virus? Because of status quo? Ridiculous!
'Apache is the market leader, but Windows Server has more exploits, not including the crappy PHP sites written by amateurs that are chock full of XSS and SQL injection flaws, which really aren't the fault of the server.'
>>>>Keep telling yourself that, pentest; you might convince yourself someday. But your claim is false. Apache sites are compromised more than TWICE as often as IIS sites, while only being 1.38 times as prevalent:
http://4sysops.com/archives/iis-websites-are-14-times-more-secure-than-apache-sites/
'A secure system is secure with 1 user or 1 billion. An insecure system(*cough* Windows) is insecure with 1 or 1 billion users. Even if Windows had a 10% market share, it would still be the #`1 host for bots.'
>>>>You seem to be dealing with an identity crisis. Are you a Linux fanboy, a Mac fanboy, or an anti-MS troll? It appears you don't stand for any one platform; you just have nothing better to do than bash a platform you haven't used. And it is manifest that you haven't used Vista or Windows 7 because, if you had, you would know that there are no drive-by downloads in the wild that work on them. Once again, science trumps religion.
'The reason OS X is virus free is a solid secure foundation.'
>>>>You've been corrected on this (and the other points below), pentest; you know better. Yes, Apple's Web site tells you that it's because of being Unix-based that OS X is 100% immune to "viruses designed for Windows," but if you'd read it a little slower, you might notice a sleight of hand. Of course, any non-Windows platform should be immune to malware designed for Windows. But OS X is not immune to malware designed for OS X, including drive-by malware:
http://securitywatch.eweek.com/apple/mac_hacked_via_safari_browser_in_pwn2own_contest.html
http://www.darknet.org.uk/2008/03/mac-owned-on-2nd-day-of-pwn2own-hack-contest/
http://blogs.zdnet.com/security/?p=2917
http://it.toolbox.com/blogs/securitymonkey/mac-os-x-local-user-exploit-appears-12026
http://www.linuxtoday.com/news_story.php3?ltsn=2009-04-17-030-35-SC-SW
http://blogs.computerworld.com/why_windows_is_safer_than_the_mac
http://www.dasmirnov.net/blog/charlie-miller-on-the-lack-of-security-o
'OS 9 never got much above 3% market share yet had hundreds of viruses.'
>>>>Actually, it didn't. Linux has hundreds of malware samples; Mac OS had only a few. And to understand why, you need to understand the history of computers and malware. Back in the days of OS 9, Macs ran on PPC processors; very few people knew the shell. This gave it an even greater obscurity advantage than Linux, which itself ran on Intel like Windows.
Also, the malware written for OS 9 was written by script kiddies looking for notoriety, wanting to show that it could be done. But of course, there's no trick to installing a virus that depends on user intervention; you sudo, and the virus does whatever it wants. This goes for any platform: "as long as you can install SOFTWARE on your computer, you can install malicious SOFTWARE on your computer." Viruses are not jumbled strings of code, pentest. They are programs designed for a particular purpose on a particular platform. Until now, Mac OS did not have antivirus built in; there's no way for it to magically distinguish the malicious from the benign.
Finally, there IS malware in the wild for OS X. Whether or not there are any bona fide "viruses" for the Mac is a silly point to make; again, most viruses come in e-mails, and are installed by permission from the user. If it has been demonstrated over and over again that the Mac is in fact MORE vulnerable to drive-by infection than Windows, and if there are in fact MORE privilege escalation vulnerabilities for Unix-based platforms than there are for Windows, then what makes you think makes OS X any tougher against a virus? Because of status quo? Ridiculous!
'Apache is the market leader, but Windows Server has more exploits, not including the crappy PHP sites written by amateurs that are chock full of XSS and SQL injection flaws, which really aren't the fault of the server.'
>>>>Keep telling yourself that, pentest; you might convince yourself someday. But your claim is false. Apache sites are compromised more than TWICE as often as IIS sites, while only being 1.38 times as prevalent:
http://4sysops.com/archives/iis-websites-are-14-times-more-secure-than-apache-sites/
'A secure system is secure with 1 user or 1 billion. An insecure system(*cough* Windows) is insecure with 1 or 1 billion users. Even if Windows had a 10% market share, it would still be the #`1 host for bots.'
>>>>You seem to be dealing with an identity crisis. Are you a Linux fanboy, a Mac fanboy, or an anti-MS troll? It appears you don't stand for any one platform; you just have nothing better to do than bash a platform you haven't used. And it is manifest that you haven't used Vista or Windows 7 because, if you had, you would know that there are no drive-by downloads in the wild that work on them. Once again, science trumps religion.
There are thousands of viruses for Windows and zero for Mac. (and 2 Mac Trojans in the wild, hundreds for windows)
If Mac has 10% of the market, wouldn't it be true they should have 10% of the thousands of viruses? How about 20 viruses? Or maybe just one virus? But NO, they have zero! It's all because of a superior OS.
One day this will change, and if Snow Leopard has some type of defense in anticipation, it's just a smart move.
remember "proven in the wild" isn't on a bench at a black hat conference, a windows xp machine after a clean install placed online can be infect within 1 hour with 0 user intervention.
This myth about Windows being infested with viruses is just untrue, and it is a marketing tool.
The fact that there are less viruses on Macs in due to the smaller market share they have. This is the same thing as why less software companies develop for Macs compared to Windows.
But one example of a virus is OSX/Leap-A. Of course that there are more, but there is no denying that there are fewer viruses on the Mac. But this doesn't mean that there are no viruses and malware on the Macs.
I actually think it's good that Apple is doing something about it, and doesn't deny reality.
OSX/Leap-A is a trojan, not a virus. A trojan requires that the user interact with it. A virus does not.
To all you Windows shills, even if there are security issues with Mac OS X, how does this excuse the security mess that is Windows? Your "See, Mac has problems too" comments don't make sense.
As for Intego, don't get me started. Dreadful software.
I don't know about these "millions of zombified Windows machines" you talk about. I do know spam is being sent to emails, but I don't think that spam as anything to do with Windows, OS X or Linux.
OK, I admit I exaggerated with the "marketing tool". But claiming that Windows is bloated with viruses is not true. I know a lot of people that own a Windows PC, and no one had a virus for a long time. Some have old PCs, and they work just fine.
It doesn't. There is no excuse for security problems in Windows, nor in OS X.
My comment regarding the fact that Macs have problems too actually is relevant. There seems to be a state of mind that Windows is a terrible OS, full of problems. These compared to OS X, which is perfect and flawless.
I'm pointing out that no OS is perfect, this is why patches are released and new version come out every few years. It end up at what people like, and works best for them.
<quote>remember "proven in the wild" isn't on a bench at a black hat conference, a windows xp machine after a clean install placed online can be infect within 1 hour with 0 user intervention. </quote>
Can we stop comparing anything Apple does to an 8 year old operating system that needed a major service pack to be somewhat secure and actually compare apples to apples (no pun intended). Windows 7 is being released to the public on Oct. 22, which brings the reality two generations past Windows XP. Several people with access to an MSDN subscription or TechNet subscription are already running the final version of Windows 7, including myself.
Let me just give you some perspective of my reality. I have never had a virus, period, and I've been using Windows since 3.1. Since Windows Vista, I haven't been running malware protection outside of what comes out of the box. I'm well aware that Windows XP was a security disaster and that there are probably millions of unpatched XP PCs out there, but the fact remains that Microsoft fixed and continuous to fix vulnerabilities in XP and security in Windows Vista and Windows 7 are well beyond the disaster that XP was. Anybody, who puts an unpatched XP installation on the Internet deserves to be infected!
Amen
It might actually become a liability and slow your system down MORE than using a third party app. I'm not sure I want the OS wasting cycles doing this task when it could be handled by other products and updated more effectively. Also, having it on the 'inside' so to speak, makes it a more tempting target for external threats. It's like having an inside man at the bank you plan to rob.
I think I'd prefer to keep the core OS separate from the security layer.
they know that their market share is nearing the range where people will actively target the OS
they know that their market share is nearing the range where people will actively target the OS
There is nothing wrong with including a free anti-virus as long it doesn't slow the computer down. if EVERY mac machine has an extra form of defense it would make it that much less appealing to try and write\release a mac virus.
in the world, there are more Windows systems
the number in your office doesn't matter
Of course the web browser has anti-malware features. Apple says so here: www.apple.com/safari
Its a refreshing alternative to the bloated suites and prices that are out there. I think Security Suites are probably a bit more effective but if people stop paying for the updates then what good are they?
I think a more effective approach is to do a minimal program in house and give it away. That way everyone benefits and if you are the paranoid type then go with the Security Suites. I for one can conclude that since moving to Vista I have not experienced ANY Viruses or Malware and only used a manual scan of my system with a AV software like AVG free or similar.
This article is nothing more than Intego squeezing their own name into a non-news story to enhance their own name recognition.
If only humans could code half as well as us dogs.
As usual the vast majority of comments here are just rhetoric and hyperbole totally lacking in any basis of fact, logic, or reason. The presumption, assumption, and perception that Mac OS X and Linux are magically immune to viruses and malware is simply false. While both may be somewhat inherently more secure than Windows, they are not invulnerable.
The threat picture is constantly increasing and evolving. Here's some interesting factual reading:
Symantec Global Internet Security Threat Report - Trends for 2008 - Volume XIV, Published April 2009
http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xiv_04-2009.en-us.pdf
Excerpts from the report:
? Of any browser analyzed in 2008, Apple® Safari® had the longest window of exposure (the time between
the release of exploit code for a vulnerability and a vendor releasing a patch), with a nine-day average;
Mozilla® browsers had the shortest window of exposure in 2008, averaging less than one day.
? Mozilla browsers were affected by 99 new vulnerabilities in 2008, more than any other browser; there
were 47 new vulnerabilities identified in Internet Explorer, 40 in Apple Safari, 35 in Opera?, and 11 in
Google® Chrome.
Of course the real issue here isn't the aggregate number of vulnerabilities, or the time it took to patch them. What matters is how many of the vulnerabilities were actually exploited. While I don't have actual proof, I think it's reasonably safe to assume that more people were compromised by IE vulnerabilities than by Mozilla and Safari combined, simply because there are far more users of IE.
While Apple's inclusion of some very limited anti-malware capability with Snow Leopard is good, the best news is Snow Leopard's vastly increased capability to utilize multi-core processors. Unfortunately, there still seems to be issues with 64-bit drivers. No doubt that will be addressed, hopefully, in the near future. There also appears to be issues with Adobe CS3 and CS4 regarding Snow Leopard, though that is not Apple's fault.
All in all, Snow Leopard looks like an excellent and worthy upgrade. Combined with Intel's Nehalem architecture on the new Mac Pro it should be amazing.
FYI
Daily Tech - Malware Detection in Snow Leopard
http://www.dailytech.com/article.aspx?newsid=16083
The Register - Limited malware protection in Snow Leopard:
http://www.theregister.co.uk/2009/08/25/snow_leopard_malware_protection/
Mac Security News:
http://www.securemac.com/
AnandTech - Apple's Nehalem Mac Pro
http://www.anandtech.com/mac/showdoc.aspx?i=3597
http://www.theregister.co.uk/2009/08/25/snow_leopard_malware_protection/
The malware detection is limited to the two most currently popular trojan versions out there, RSPlug and iServices. It only runs this detection during downloads from the internet. It will not do anything about existing files on your system, or if you have mail configured to download attachments automatically. The DMG files it is scanning for will open up normally after downloaded and then compromise your system without warning.
It does not scan your hard drive, USB drives, or any other common exploit vectors. You're still on your own there.
Let's be clear on this- it's not malware protection of any level compared to security product offerings currently available from third party suppliers, but it is an improvement. Even having it pop up with a warning before you download one of these two known issues (out of the many more out there that it doesn't scan for) is a good thing.
To me any machine on a network must have a virus scan, windows or mac. I have seen many times that a virus will hide on a mac not affecting it but just waiting for a windows machine to get to it. This could be a move to make macs more business friendly on this part then helping them create more sales and not just being a small market share.
I run two networks one PC one mac, and im also a believer that both systems have their good points and their bad.
In the end this move is not only a smart one but a move to get into a better market buy securing the system more. you can lock down a machine all you want windows or mac but your weakest point will always be the user on the machine.
That's funny, I don't recall them saying 'riddled.' Please provide link"
Choke up on that bat and "Swing away!" :)
http://news.cnet.com/8301-1009_3-10154662-83.html
The Macintosh and base Linux kernel operating systems have dominated the top spots for vulnerabilities by operating system over the past three years
Mac is not based on Linux. It is based on BSD. BSD is fundamentally better OS.
That's also known as being an apologist.
Yes, a Mac user can choose to download a program, choose to run it, then choose to ignore the warning message that they are running a potentially bad program downloaded off of the internet. That is not the same as something that stealth downloads its self then auto executes.
Yes, there are a few Apple zealots out there who insist that OS X has no issues, but in reality it is just lines up with all other things in this world by not being perfect. HOWEVER... from a long-time user standpoint, I can intelligently and honestly say that what issues it DOES have are insignificant to both my productivity and security.
I find their products to be great investments, and their software to be well-suited to my needs, and I don't have to be a systems analyst or IT with PhD to operate either. I have tried repeatedly to find that same happy place with Windows and HP, but it just doesn't exist except in the fairy tales created by the hordes that have been deluded into loyalty by numbers instead of performance.
"Even though there is only one PC on my 32 system network, it occasionally gets bugs passed on from the Macs because we have no way of knowing they are there."
Now see, this is the most dangerous type of security you could have on your network- ignorance.
The fact you don't even know what is on your network and are taking no steps to do anything about it is very scary indeed. Your own systems may be infected or compromised and you'll never even know it. PCI compliance would be a nightmare on such a setup. I certainly hope you do not handle anything confidential like customer information, financial records, or medical information. Your network security is... well, non-existant.
I concur this is an incident of a company trying to hitch a ride on some free buzz about Snow Leopard. (And C-Net played along).
Anyone that thinks there are no security features (protections against malware included) in OSX, or that there aren't continued improvements to those features, really doesn't understand the OS at all.
"The warning gives the user the choice to ignore the Application, Launch the App, or go to the source web page to verify it's "safety."
Windows has had this with the UAC, however people got used to clicking OK on the box to dismiss it and like any other protection put in the way of people trying to do ignorant/stupid things to their system, they end up ignoring it. Apple's version has the same social issue- the end user clicking on boxes without really stopping to comprehend what it is asking.
It's probably worse for Apple users given the widespread misconception that OS X is invincible. Considering how few Apple users know the slightest thing about security issues, it's only a matter of time before they find out the hard way.
Big difference between "may" and "will"
It`s the first line in the article, funny how the shillbots missed it.
as i write this comment apple has not acknowledged this as a feature in the os yet. im waiting for friday. thats the big day.
- by Dan7637 August 26, 2009 3:33 PM PDT
- looks like the apple haters came out in force, poor fools
- Like this Reply to this comment
-
-
- by Hokulea August 26, 2009 6:58 PM PDT
- I don't hate Apple. They make excellent, albeit pricey, products. From what I've read, Snow Leopard will be a very good and worthwhile upgrade. What I do hate is the Mac fanbois. Doesn't everyone?
- Like this
-
Showing 1 of 2 pages (90 Comments)