updated 10:55 am EDT, Wed September 2, 2009
Said to fall short of standards
Experts say Apple has yet to provide comprehensive security in Mac OS X.
Apple has still left considerable gaps in Mac security, despite advances in Mac OS X Snow Leopard, say some security experts. The OS is said to have several protection advances over Leopard, most notably a built-in anti-virus scanner, perhaps the first concrete admission from Apple that Macs are now vulnerable to malware. The tool scans content received through apps like Safari, Mail and iChat, and can also check signatures to determine whether a file has been altered since its creation.
The difficulty with Snow Leopard, say researchers with Intego, is that the anti-virus protection does not go far enough. It monitors only a handful of applications, including just a few third-party titles, such as Firefox and Entourage. Significant gaps remain, including other conventional means of downloading like BitTorrent and FTP clients. The OS is moreover unable to detect anything but two Trojans at present, whereas a number of security experts are said to have identified "dozens" of malware threats in the wild.
Mac owners are fortunate, says Trend Micro's David Perry, in that the main danger is actually personal behavior. People can still be lured into sharing private information through phishing websites, or exposed to any number of threats through Craigslist ads. Mac malware currently exists only in "drips and drops," says Perry, though a similar situation once existed on PCs.
Apple is noted to be using its own anti-virus code, forgoing partnership with a third-party developer, or the use of open-source code.