toggle

AAPL Stock: 97.03 ( -0.16 )

Printed from http://www.macnn.com

Snow Leopard security features still too weak?

updated 10:55 am EDT, Wed September 2, 2009

Said to fall short of standards

Experts say Apple has yet to provide comprehensive security in Mac OS X.


Apple has still left considerable gaps in Mac security, despite advances in Mac OS X Snow Leopard, say some security experts. The OS is said to have several protection advances over Leopard, most notably a built-in anti-virus scanner, perhaps the first concrete admission from Apple that Macs are now vulnerable to malware. The tool scans content received through apps like Safari, Mail and iChat, and can also check signatures to determine whether a file has been altered since its creation.

The difficulty with Snow Leopard, say researchers with Intego, is that the anti-virus protection does not go far enough. It monitors only a handful of applications, including just a few third-party titles, such as Firefox and Entourage. Significant gaps remain, including other conventional means of downloading like BitTorrent and FTP clients. The OS is moreover unable to detect anything but two Trojans at present, whereas a number of security experts are said to have identified "dozens" of malware threats in the wild.

Mac owners are fortunate, says Trend Micro's David Perry, in that the main danger is actually personal behavior. People can still be lured into sharing private information through phishing websites, or exposed to any number of threats through Craigslist ads. Mac malware currently exists only in "drips and drops," says Perry, though a similar situation once existed on PCs.

Apple is noted to be using its own anti-virus code, forgoing partnership with a third-party developer, or the use of open-source code.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. Mimi-mim

    Joined: Dec 1969

    +7

    Apple knows best

    Apple's security and malware scanner will probably be good enough for me. I don't download Torrents or warez, and usually only install software from vendors I trust.

    I see installing a scanner from the likes of Symantec or Intego as an extreme last resort because I do not like the idea of a poorly written, monolithic scanner running in the background, slowing my machine down, chewing up RAM, and perhaps causing more problems than it solves.

    I'm not adverse to the idea of malware scanning or scanners. If an anti-malware tool were available as a light-weight, 64-bit tool that uses GrandCentral to keep the impact of scanning light, I would jump at it. For now, I just keep good backups and use CCC to image my machine so it's quick and easy to restore to a known baseline.

  1. dscottbuch

    Joined: Dec 1969

    +15

    What A Surprise

    A security expert, who makes their living from selling security service, says their service is still needed. None of these comments mean anything until there is a live virus in the wild for OS X.

    Re Trojans, etc. there is no system in the world that can protect against a users stupidity. If a user runs an unknown program and then goes ahead and types in the admin password well...

  1. jondesu

    Joined: Dec 1969

    +8

    Experts?

    "The OS is moreover unable to detect anything but two Trojans at present, whereas a number of security experts are said to have identified "dozens" of malware threats in the wild."

    What experts would those be? They should be fired, because there's not dozens of threats. There are, in fact, exactly two, both of which are blocked in Snow Leopard. These guys are seeing their usefulness eroding away faster than they can think of ways to pretend it's not.

    jW

  1. wg45678

    Joined: Dec 1969

    -3

    Real security advances...

    ...would be to see Apple support the malware execution blocking features already built into the Intel processors, which Microsoft already uses.

    Plus, force users at install to create a separate Superuser account and set themselves up as a standard user. While admin password are required for some activities, repeating Window's stupid paragidm of setting users up with administrative accounts is just plain asinine.

    That said, I buy only Macintosh at home (and run Windows via VM as necessary).

  1. galley

    Joined: Dec 1969

    +1

    OS X security is adequate for the current threat l

    Contrary to the content of the article, OS X 10.6 doesn't do any virus scanning. It scans the most common download vectors for the two Trojan horse programs that have been discovered in the wild.

    Apple has chosen to use most of its security resources to address actual security threats, as opposed to hypothetical ones. So far, that has worked out pretty well for us.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Cambridge Audio DacMagic XS

Every computer with a microphone or headphone port has one -- a digital to analog converter (DAC). There are nearly as many chipsets a ...

D-Link Wi-Fi Smart Plug

Home automation fans have been getting their fair share of gadgets and accessories in the last few years. Starting with light bulbs, a ...

Razer Kraken Pro headset

Gaming headphones are a challenge to get right, for a long list of reasons that are unique to the consumer buying them. Some shoppers ...

toggle

Most Commented