AAPL Stock: 118.88 ( + 1.13 )

Printed from

Snow Leopard security features still too weak?

updated 10:55 am EDT, Wed September 2, 2009

Said to fall short of standards

Experts say Apple has yet to provide comprehensive security in Mac OS X.

Apple has still left considerable gaps in Mac security, despite advances in Mac OS X Snow Leopard, say some security experts. The OS is said to have several protection advances over Leopard, most notably a built-in anti-virus scanner, perhaps the first concrete admission from Apple that Macs are now vulnerable to malware. The tool scans content received through apps like Safari, Mail and iChat, and can also check signatures to determine whether a file has been altered since its creation.

The difficulty with Snow Leopard, say researchers with Intego, is that the anti-virus protection does not go far enough. It monitors only a handful of applications, including just a few third-party titles, such as Firefox and Entourage. Significant gaps remain, including other conventional means of downloading like BitTorrent and FTP clients. The OS is moreover unable to detect anything but two Trojans at present, whereas a number of security experts are said to have identified "dozens" of malware threats in the wild.

Mac owners are fortunate, says Trend Micro's David Perry, in that the main danger is actually personal behavior. People can still be lured into sharing private information through phishing websites, or exposed to any number of threats through Craigslist ads. Mac malware currently exists only in "drips and drops," says Perry, though a similar situation once existed on PCs.

Apple is noted to be using its own anti-virus code, forgoing partnership with a third-party developer, or the use of open-source code.

by MacNN Staff



  1. Mimi-mim

    Joined: Dec 1969


    Apple knows best

    Apple's security and malware scanner will probably be good enough for me. I don't download Torrents or warez, and usually only install software from vendors I trust.

    I see installing a scanner from the likes of Symantec or Intego as an extreme last resort because I do not like the idea of a poorly written, monolithic scanner running in the background, slowing my machine down, chewing up RAM, and perhaps causing more problems than it solves.

    I'm not adverse to the idea of malware scanning or scanners. If an anti-malware tool were available as a light-weight, 64-bit tool that uses GrandCentral to keep the impact of scanning light, I would jump at it. For now, I just keep good backups and use CCC to image my machine so it's quick and easy to restore to a known baseline.

  1. dscottbuch

    Joined: Dec 1969


    What A Surprise

    A security expert, who makes their living from selling security service, says their service is still needed. None of these comments mean anything until there is a live virus in the wild for OS X.

    Re Trojans, etc. there is no system in the world that can protect against a users stupidity. If a user runs an unknown program and then goes ahead and types in the admin password well...

  1. jondesu

    Joined: Dec 1969



    "The OS is moreover unable to detect anything but two Trojans at present, whereas a number of security experts are said to have identified "dozens" of malware threats in the wild."

    What experts would those be? They should be fired, because there's not dozens of threats. There are, in fact, exactly two, both of which are blocked in Snow Leopard. These guys are seeing their usefulness eroding away faster than they can think of ways to pretend it's not.


  1. wg45678

    Joined: Dec 1969


    Real security advances...

    ...would be to see Apple support the malware execution blocking features already built into the Intel processors, which Microsoft already uses.

    Plus, force users at install to create a separate Superuser account and set themselves up as a standard user. While admin password are required for some activities, repeating Window's stupid paragidm of setting users up with administrative accounts is just plain asinine.

    That said, I buy only Macintosh at home (and run Windows via VM as necessary).

  1. galley

    Joined: Dec 1969


    OS X security is adequate for the current threat l

    Contrary to the content of the article, OS X 10.6 doesn't do any virus scanning. It scans the most common download vectors for the two Trojan horse programs that have been discovered in the wild.

    Apple has chosen to use most of its security resources to address actual security threats, as opposed to hypothetical ones. So far, that has worked out pretty well for us.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented