Yesterday we reported that Mac OS X 10.6 Snow Leopard, due for release coming Friday, contained some form of malware and/or virus protection. Since the scope of this protective measure was not yet known - nor if it even existed at all - I thought it would be best to write another post detailing that yes, it's real, and yes, it's all relatively crude.
Post a Comment
Member since:
2005-07-13
Member since:2005-07-06
Member since:
2009-04-08
Member since:
2005-08-10
Would it have been so hard to include a real anti-virus/anti-malware solution instead of employing this laughably simple operation?
Does not the current Mac OS X Server come with Clam AV?
I'm certainly not making the claim that Macs are currently in great danger from viruses and the like, but within reason, more layers of security are a good thing.
Member since:2008-06-05
If you purchase AppleCare you can (or could, i'm not sure) download McAfee's Virex for free from Apple. In a sense they always encouraged installing virus protection, and so can you if you feel it's necessary.
Windows doesn't (yet) come with built-in virus protection, and Windows customers are very well trained to purchase a protection suite with each PC.
Member since:2007-12-26
Member since:
2006-04-03
...differently. When Microsoft started implementing their own anti-malware in Windows some people applauded them, others screamed like banshees that they were trying to take over the commercial space owned by those companies who derive profit from anti-malware solutions.
I sit somewhere in the middle, I'm (again scarily find myself agreeing with Thom) thinking that its good to see them making some effort, but I don't think it's quite far enough. Mounted devices - even if it was prompted - and maybe something that can use existing lists so it isn't up to Apple to keep it current, system files and processes that are "allowed" to directly interact with system components, and any applications supplied by Apple as part of the OS. But I don't think it should be their (Apple's) responsibility to protect everything - and there are other organisations who already do a good job of making products to do that anyway.
At the moment I use ClamXav and ClamXav Sentry and make sure all the apps I use download to a watched folder. That system seems to work well and wouldn't be hard for Apple to bundle with the OS. For the longer term though something more integrated that can be used in conjunction with whatever options the user wants to install would seem to be the solution. Microsoft's implementation works pretty well.
Member since:2007-10-26
Member since:
2007-03-30
Member since:2005-11-10
Member since:2005-07-08
Member since:2009-08-10
Member since:
2008-07-12
Apple makes a very rudimentary, and possibly quite simple to thwart anti-malware/virus feature and everyone applauds.
Where have your heads gone people?
Don't you remember the hundred comment long threads about how this very same idea of including anti-malware was a forced performance-killer in windows; that microsoft should just learn how to code better from the begining.
Suddenly Jobs does the same thing and its a great idea?
I'm disappointed everyone in this thread. The whole point of paying more the hardware is to feel smug about running the "superior" software stack. If I wanted to have an anti-malware program running to protect myself from the low hanging fruit I could have saved a grand (and possibly have donated that money to Thom's strippers of world domination fund).
Member since:2006-01-18
Member since:
2008-07-15
Let's think about this. Only files downloaded from the listed apps will be scanned at all. Funny, no torrent clients or p2p software is on that list. Now, one last question... where, exactly, do most people get pirated software and hense from where are the trojans most likely to come? The only word I can think of to describe this is: duh?
Member since:2007-04-23
Member since:2008-07-15
Member since:2007-02-17
Well that's their fault isn't it? Other than not scanning mounted media, every user oriented base is covered. People using torrent software or P2P to download pirated applications get what they deserve, and if they are not smart enough to know how to protect themselves in the first place they shouldn't be using either.
Why should Apple protect pirates? Why should any company? MS has to do it because unfortunately its not just pirates that are affected. Anything downloaded in windows has the potential of being some form of malware, which is a situation that MS created themselves with IE5/6 and its lack of security, as well as the fact that they don't seem to have the balls to tell 3rd party software NOT TO REQUIRE ADMIN RIGHTS! There should be no app that requires admin rights other than something the needs to do system wide changes. I shouldn't need admin rights to delete an icon from my f'ing desktop.
Anyway rant aside I think this is a good first step and its something that Apple controls completely which is probably the way they like it.
Member since:
2008-06-05
Since Apple is already verifying .dmg's using FSCK when mounting them, and the Archive Utility does some checksumming on .zips before extracting, it seems trivial to implement the Xprotect function in these toolchains too.
I can only imagine this is an easy update in 10.6.x if the need arises.
Member since:
2005-07-06
I was doing some stuff on Snow Leopard and it issus a message when mounting an image - it will be interesting to see how useful it is in the future and whether people start to ignore it after a while:
http://i990.photobucket.com/albums/af23/kawaiigardiner/SnowLeopardW...
Member since:2005-06-29
Member since:2005-07-06
My reaction as well; it seems that it only turns on on some images but not with others; does the checker look for malformed image header then after it detects that it then checks for the two common pieces of malware? that seems to be the scenario which unfortunately will scare the crap out of people who might have downloaded an image that was legitimate.
Member since:
2005-06-29
Member since:
2009-08-28
This info. source (SCforum.info), look like very good Security Forum ?!
http://www.SCforum.info
