Snow Leopard to warn Apple users of malware - reports - Page 2

Mac OSX doesn't get virus', worms, adware or spyware, because of it's BSD UNIX foundations. There is no case where a Mac can be infected by merely logging into a web page or reading email. All the Botnets on the web are Windows machines. The 200,000 virus and malware are all Windows programs. Windows is exceptionally vulnerable to malware, because it does not have any internal protections the way that UNIX has.

That said, the Macs are not immune to Trojan Horses, spam or other social programs which trick you into giving away your passwords. The problem is that many new people to the Mac may not know how easy it is to get rid of even that Trojan listed above. It's good that Apple tells people when they need to beware.

Apple never said that it was immune to virus' or malware, it merely pointed out that Windows is exceptionally unhealthy. A Windows user can use extraordinary means to keep from being infected. The Mac OS has a very good immune system and uses ordinary precautions which don't intrude on the users work.

Apple understands that evil people are constantly using means to break into its system, so it must not be complacent. Consequently, it is always increasing its security. The fact that Apple is moving from 99% secure in Leopard to 99.9% in Snow Leopard is no acknowledgment of that Mac OSX is even close to being as bad as Windows.

Snow Leopard includes three security increases that we know of. First, Apple has adopted many of Microsoft's security procedures at its periphery. Then, it is warning users of spam, phishing and Trojan Horses. Finally, it is sand-boxing all its OS's, applications and even plugs-ins in their own virtual space. This is possible because every Macintosh having Core 2 processor chips, in the last three years, has included Intel's VT -- Virtual Technology -- hardware in it. Apple had no need to tell us until it got its software in place to utilize this capability.

Recently, a leaked clip of Snow Leopard Beta's Activity Monitor showed a misbehaving Flash plug-in that was sand-boxed in Safari 4.0. All that was necessary to fix the problem was to delete the process.

Golly gosh, Mr. Wizard. If it's posted on Amazon, well then it MUST be true!

Nope

Most Infections just use vulnarabilities in the Browser, Flash, Adobe Reader, outdated Java plugins to do what they want.

the classic "viruses" are not tha common, since the dont make money. Most malware now is just to make some $$$ (getting you online banking account, paypal, using you machine as spam-bot)

I really wish this was true.

Just have a look at some of the Apple Updates

Take this for QuickTime: http://support.apple.com/kb/HT3591

Just embed it into a web page and *boom* you can execute your code as the current user.

Again, Apple does the right thing by offering malware protection integrated into the OS like it should always be while Microsoft does the wrong thing.

I dont think its fake and I dont think that Apple contacted a third party for assistance with virus checking assistance. OS X already indexes on the fly with Spotlight so it wouldnt be difficult for the few potential malware names to trigger a simple warning like this.

While I certainly agree that the software engineering team needs to step up its game in terms security functionality, I would put much stock in Pwn2Own or Black Hat. The problem is that they're always very poorly reported in the press and quite honestly, Charlie Miller, especially, is kind of a farce.

Eighty percent of the vulnerabilities he finds always require direct access to the system (typically direct terminal input) or are social engineering exploits from things like the Java vulnerability that Apple took too long to plug. Charlie Miller has never once been able to remotely hack into a Macintosh computer without social engineering. Keep in mind, especially at Pwn2Own, he's never been able to hack it until the third day when he gets to instruct someone else.

I will say though, I really don't like scum like him who go to conventions to hack systems for nothing more than notoriety (they get paid very little in comparison) when they could be working for these companies and helping them improve the situation. It's like seeing a person who has the skills to be a world class doctor instead spend his life playing video games.

we know that even the best suit of armor can have weak spots. and while the hits have been on torrent users and such, malware for the Mac does exist. and the more press the OS gets the more someone might be inclined to try a hand at making some.

so protection is a good thing. and I would much rather it was built in than I have to go and pay someone to get it (lord knows we all paid enough for our computers as it is)

Wrong. While that tech was a little over a year out of date, it was in reference to OS X.

-kpluck

Don't more people get struck by lightening each year than suffer from Mac malware?

The security isn't perfect. But its good enough that i'll spend my life worrying about other things; like backups... and perhaps getting struck by lightening.

I think this is wise. Sure malware isn't a big threat now but what about tomorrow?

Once you get the reputation as susceptible to malware it doesn't go away easily. Witness Windows and all the Apple bashing on the matter.

PS And I'm not out to argue with you although we've been on opposite ends on several debates here lately.

If we ever need to use anti-virus on a Mac then Apple have failed as an OS maker. So far, so good.

And as for trojans, a major problem is that operating systems allow programs to run with the full permissions of the user. This is ridiculous. Software is not a tool like a wrench, whose purpose and actions are transparent to the user. Software should be considered as an avatar of the programmer, whose purpose and actions can only be guessed at. Therefore they should each run with access permissions of a guest, depending on the purpose for which they claim.

just today I had to reply back to warn 7 friends that they were spreading what an old prof called 'social malware'. what is that, some ask. easy. any of those 'forward to everyone you know' emails. 99.9% of the time they are bogus warnings that, if followed, will do more harm than good. like the registry virus on XP a few years ago that was actually a legit file which once removed caused your computer to not start up if you turned it off/back on, restarted etc


old feature. As pointed out the diff is that now it is not just looking for executables, it is apparently scanning them for potential malware code. and warning folks if it finds something amiss


part of the reason for that is that the base code is public knowledge being that it's from open source projects. so the first step of having to reverse engineer the software is pretty much done.


agreed. the base code is very complex and even when you understand it, it is not easy to write Mac OS malware. this difficulty combined with the lower level of chaos compared to the Windows world is why folks aren't writing more malware.

The correct response to a vulnerability is to fix the weakness in the OS and everywhere a similar weakness can take place. Unix has had this process in place for years and, in spite of the fact that the world's most valuable data is all held on, and passes through, unix servers, it is Windows that gets beaten regularly.

Once commentators start to recommend anti-virus, the pressure will come off Apple to fix their security weaknesses and the vicious cycle of weakness will build. There is a need to be fundamentalist about the core functions of an OS. These include that fact that it is the responsibility of the OS to be in charge, at all times, of its programs, data and users. No excuses, ever.

That feature has existed for a while. It doesn't warn you that a file is specifically malware like this screenshot.

Correct. That is a good point.

I call bullshit and will be more than happy to eat a big stinking pile of crow on Friday.
Rixstep, as usual, is right on.
http://rixstep.com/2/20090826,00.shtml

Esp. the part where they guess about the motives by Intego... make people think Mac OS X is just as insecure as Microshit and they won't switch. 99.99% better isn't perfect, as we all know, but if you can sow just a little doubt and fear you'll keep people shelling out $39.99/yr for an AV subscription.

Is Apple going to keep enabling Safari's "Open safe files after downloading" option by default? Why does that option even exist?

More info:

"Based on an analysis of a corresponding preferences file called XProtect.plist, it appears that the feature checks for only two known Mac trojans. And it only flags those files if they were downloaded from the internet using Entourage, iChat, Safari, and a handful of other applications"

http://www.theregister.co.uk/2009/08...re_protection/

Which is kinda what I expected. Apple can update the plist file with any new malware using Software Update. Since Mac malware is so few and far between, it would be no problem for Apple to add the one or two files per year that are discovered. Any application that uses the OS's standard functions for downloading and opening disk image files (Safari, Mail, etc) will get the protection. That should cover the vast majority of threat vectors. Mac malware on optical discs, thumb drives, etc is pretty unlikely.

If you honestly believe your first sentence, then you have absolutely no business owning a Macintosh computer. Not having to worry about viruses is certainly nice, but there are numerous other things that make the Mac experience what it is today. Just a few examples:

1) Built-in software that is functional and fun to use with shared libraries to ease workflow, not forty thousand two week trials of nothing bloatware.

2) Service that doesn't require speaking to four different companies to fix even the simplest of problems.

3) An operating system employing intuitive design and good looks that doesn't require one to add everything on in pieces (such as data back-up and language packs) or else upgrade to an even more expensive version. An operating system, that along with the iLife suite, comes on ever Mac top to bottom, so that one doesn't have to decide on software differences on top of hardware options.

4) Hardware that is the definition of form complimenting function (and is gorgeous to look at). I can't even begin to explain how many high end Windows notebooks sacrifice battery life for power (a quad core lap-top is worthless if it can't even hold a two hour charge) and think its acceptable to have a body several inches thick or how many Windows all-in-ones that have piss poor video cards joined together with a small amount of soldered on RAM and sometimes a completely pointless touch screen.

5) Amazing integration and ease of use between both first and third party accessories and all of the improved productivity and lack of stress inherent to that system.

If we were to need to run anti-virus it would certainly mean Apple were slacking off, but it would by no means make it an abject failure.

But how can you catch them if you don't have any tools installed?

And why would Intego want people not to switch when they don't do Windows-only software?

Lol.

Halvri are you serious? Posting ads straight from Apple.com. What a joke. I hope you are kidding.

"If we were to need to run anti-virus it would certainly mean Apple were slacking off, but it would by no means make it an abject failure. "

Another idiot statement.

Talk about obscene lack of knowledge. I am suspecting Halvri is actually a robot. Or some sort of senior design project for CS, which has quite a ways to go before it sounds like an individual.

These types of people are why others view Mac users as tools.

That explains Halvri but it doesn't explain why you are a tool.

According to Macworld's Podcast #168, the number of Malware definitions Snow Leopard currently protects against: 2

The trojans are kept in a Preferences file called XProtect.plist. There really aren't a lot though it's hard to change the change of the trojan but it'll be annoying if Software Updater has me okay an update for this list every few days.

Note: We can't say that SL is protecting us from those files as it doesn't remove them. At point I think 'informs' is the most appropraite term.

I appreciate all the good things you have listed about Apple and Macs (good list).

It is the core function of an OS to be in charge and security is a defining function of any OS. To mis-quote Bertrand Serlet: "No user should ever have to know anything about that".

If we need anti-virus, then the OS is unfit for purpose, like a beautiful car without brakes. It is only because Microsoft is everywhere that anyone thinks such things are normal. I believe that Apple know this and do a good job, but it concerns me that a momentum of AV-use could build among users that could cause Apple to take their eye off the ball.

I believe that there's a TYPO in this page: It's "ClamXav", not "ClamAV", and I have been using it successfully for years now, on multiple Macs of mine.

R. S.

Yes I'm serious, there are, after all, reasons that people buy one kind of computer over another. I believe in the core reasons for owning a Mac in much the same way the my roommate believes in the core philosophy of Windows. If you don't understand the benefits of what you're buying, then you shouldn't be buying it and if you are so jaded that you think everything in the world is equal, then there's really no helping you. And none of that is from Apple's website, it's from personal experience.

And I'm glad you think I'm a robot, cause I think your tag alone tells me that you're an immature little kid (whose likely 35 years old or so) that only comes to these forums to start shit with other people cause you have nothing better to do.

I have plenty of complaints about some of the stuff that Apple does, but that doesn't mean I come to these forums just to talk about them. I also think that the next time you respond to me, you should elaborate on your "obscene lack of knowledge" and "another idiot statement" comments so that I can reply in kind or else you're adding nothing to the conversation.

And no, people like me are not what makes others think we're tools. You can usually find those people on other threads in this forum acting like owning a Mac is an extension to their penises and saying things like "PCs are teh suckz, Macs gets no viruses and pwns PCs in da faze" to a Windows fanboi who is literally mind boggled by the idea that people who simply and pointedly defend a company don't necessarily worship its every move.

Here's a list of things that piss me off about Macs if that will make you feel better:

1) Screens: I love the gloss but plenty of people absolutely hate it and there's no reason it shouldn't be a free option on all of the devices.

2) Advertising: I'm sick and tired of the Mac vs Pc commercials acting like the only thing they can talk about is viruses and crashes, the former of which makes it seem like it's the only reason to buy a Mac and the latter of which rarely happens on either side anymore. I wish Apple's marketing team would realize Microsoft isn't on Windows XP anymore.

3) Polycarbonate MacBook: I think it's a complete piece of shit. It cracks too much, it overheats too much and the price is, in my opinion, about $100 too high. Maybe the refresh AI reported will change my mind, but I'm skeptical until I see it.

4) Nvidia: Apple should never have partnered with them. They put out second rate video cards with numerous quality control issues and then try to demand more from every company they work with after the contract has been signed (Microsoft and Nintendo skipped over them for their game consoles for just that reason).

5) iPhone: I think Apple should enable better multitasking on the phone. At the same time, though, I own a Palm Pre and if you open more than two applications at once and don't turn the backlight way down, the battery dies insanely fast, so I can kinda understand why it doesn't.