Wednesday, August 26, 2009

New in Snow Leopard - lame anti-malware

Apple's upgrade to OS X - dubbed "Snow Leopard" - contains two security surprises. The first surprise is built-in anti-malware.

Apple is dipping yet another toe into the anti-malware pond with a feature in the latest beta version of its forthcoming Snow Leopard operating system.

...

The feature causes users who try to install applications known to be malicious to receive a pop-up window warning that the file will damage the computer and should be moved to the Trash.

Mac Fanboys might be forgiven for thinking that they didn't need any. I mean, they saw it on TV and everything:



But Apple thinks you need it. Interesting.

The second surprise: it's incredibly lame anti-malware:
At the moment, though, the feature offers fairly limited protection. Based on an analysis of a corresponding preferences file called XProtect.plist, it appears that the feature checks for only two known Mac trojans. And it only flags those files if they were downloaded from the internet using Entourage, iChat, Safari, and a handful of other applications, according to this person. Files that were downloaded using Skype and dozens of other net-facing applications aren't covered, nor are files on DVDs and thumb drives.
Cool.

Now in reality, Macs are indeed a target for malware. Not like Windows, of course, and the malware is more targeting the Mac user rather than the Operating System. So Mac users also need to remember Borepatch's First Law of Security:
"Free download" is Internet Security for "Open your mouth and close your eyes."
As with firearms, the most effective Internet safety device is the one found between your ears. Especially when compared to this lame anti-malware.

No comments: