Snow Leopard Antimalware Feature Gaining Publicity

[MacRumors]

As we briefly mentioned yesterday, antivirus vendor Intego notes that it has received multiple tips that Apple's forthcoming Snow Leopard operating system appears to contain at least some rudimentary antimalware capabilities. According to screenshots of warning dialog boxes submitted by Snow Leopard users, the operating system is able to warn users that a downloaded file contains malware, specifically the OSX.RSPlug.A Trojan Horse first discovered in October 2007.

Quote:

We're not sure yet exactly how this works, but the above screen shot shows this feature working with a download made via Safari, detecting a version of the RSPlug Trojan horse in a downloaded disk image.

MacRumors received the first report of this Snow Leopard feature in February 2009, soon after the release of developer build 10A261. But while the feature appears to have been present in Snow Leopard builds since that time, little is known about the functionality and from where Snow Leopard is drawing its information for identifying malware.

Intego's posting regarding the feature implies that Apple is not licensing the information from that company, while ZDNet has confirmed that Apple is not using the open-source ClamAV engine. It is possible that Apple is licensing the functionality in part from another commercial antivirus company or developing its own system, but Apple has not revealed any details about the feature on its extensive security page for OS X Snow Leopard, referring only to the existing standard scan of downloaded files to determine if an application is included in a given package.

Article Link: Snow Leopard Antimalware Feature Gaining Publicity

[iOrlando]

weird. so is this a good or bad thing?

[mkrishnan]

Very interesting... I'm surprised no one has been able to crack what they're doing. After they put Clam into OS X Server, I almost thought they might eventually roll it out as a component of OS X, even though there's little need. Anyway, nice to have what little one needs in the way of anti-malware right in the package.

EDIT: It seems like a good thing to me -- the only caveat is that, were there actually to be a proliferation of malware, no one knows what Apple's update scheme is, etc, and it could be very confusing who is and who is not protected and from what....

[macJC50640]

Hmm...I'm sure this will come in helpful at some point in time...

[DELLsFan]

Quote:

Originally Posted by mkrishnan

Very interesting... I'm surprised no one has been able to crack what they're doing. After they put Clam into OS X Server, I almost thought they might eventually roll it out as a component of OS X, even though there's little need. Anyway, nice to have what little one needs in the way of anti-malware right in the package.

EDIT: It seems like a good thing to me -- the only caveat is that, were there actually to be a proliferation of malware, no one knows what Apple's update scheme is, etc, and it could be very confusing who is and who is not protected and from what....

There won't be a proliferation of malware - because Macs simply don't get virus', trojans, or suffer from malware like Windows machines do ... right?

Apologists will hail the news as a great proactive approach by Apple. The rest of us are wondering why Apple even bothered - considering how "in your face" Mac enthusiasts are about not being susceptible to malware - which is, of course, false.

[Eidorian]

It's a good thing but I think Apple should lay off the BUY A MAC NO MALWARE, IT JUST WORKS on the ad side.

I agree with mkrishnan on the updating scheme of things.

[greenhero]

This can only be a good thing. Personally I think they should also release this functionality ot Leopard as part of 10.5.9

[dwman]

If they start acknowledging the very premise on which they've built their "Macs don't get viruses" message since 2006, MS fanboys will start howling at the perceived hypocrisy.

Time for a new ad campaign.

[greenhero]

Quote:

Originally Posted by WG5516

Exactly...

No one with knowledge about macs has ever denied the fact that macs get viruses. It is just a marketing strategy of Apple to say they don't get viruses. But the fact is they are not effected by the same viruses that inflict damage on Windows systems.

[ltldrummerboy]

Viruses aren't a problem, but I fear trojans will soon become much more widespread than before. This looks like a good thing.

[Tallest Skil]

Quote:

Originally Posted by greenhero

No one with knowledge about macs has ever denied the fact that macs get viruses.

Don't know what a virus is, do you?

Quote:

It is just a marketing strategy of Apple to say they don't get viruses.

And they'd be sued if they were lying.

[greenhero]

Quote:

Originally Posted by dwman

If they start acknowledging the very premise on which they've built their "Macs don't get viruses" message since 2006, MS fanboys will start howling at the perceived hypocrisy.

Time for a new ad campaign.

Personally I think the aple adverts should focus on the features Macs have rather than all the flaws windows pcs have. Because if you dont want the windows issues you install Linux for free. Yes the fanboys of PCS, mainly Dells have already started to stir up trouble. Personally I have a strong dislike of Dell machines.

[lord patton]

Quote:

Originally Posted by Tallest Skil

Don't know what a virus is, do you?



And they'd be sued if they were lying.

Exactly. The last two "Get a Mac" ads referred to "viruses and headaches." Not "malware", which I'm sure is no accident.

[rented mule]

It wouldn't be very hard for Apple to build a system from scratch. There is very little malware on Mac OS X so I'm sure Apple can easily identify the first 3 existing malware and then add the one or two malware per year that gets released into the system.

[iStudentUK]

Interesting development.

This is a useful feature, but will it help or hurt Mac reputation? Could be said that Apple is acknowledging Mac OS is susceptible to enough malware that they need to take action, or that they are being extra security conscious and protecting users.

[SFStateStudent]

Oh well, not sure if it's smoke and mirrors; am I the only one that has never had a virus, worm, trojan or suffered the effects of malware on any of my Macs?

[bytethese]

Quote:

Originally Posted by greenhero

No one with knowledge about macs has ever denied the fact that macs get viruses. It is just a marketing strategy of Apple to say they don't get viruses. But the fact is they are not effected by the same viruses that inflict damage on Windows systems.

Strange, I have knowledge of Macs yet I deny that they ever get viruses. Can they be carriers? Sure. But they do not get infected. Perhaps I don't exist...

On another note, it makes it ironic that Apple commissioned the Mac vs PC commercial where the security guy for Vista was saying "Cancel or Allow" and OS X will now be doing this.

[Tallest Skil]

Quote:

Originally Posted by SFStateStudent

Oh well, not sure if it's smoke and mirrors; am I the only one that has never had a virus, worm, trojan or suffered the effects of malware on any of my Macs?

Nope, me as well.

Anyone intelligent about what they download won't ever have to deal with anything.

[DELLsFan]

Quote:

Originally Posted by ltldrummerboy

Viruses aren't a problem, but I fear trojans will soon become much more widespread than before. This looks like a good thing.

Good, but not as important as education and behavior awareness when computing. Unfortunately the ignoramuses inclined to click on things they shouldn't or open attachments from people they don't know are probably just as likely to infect their Mac as they would a PC.

[dwman]

Quote:

Originally Posted by lord patton

Exactly. The last two "Get a Mac" ads referred to "viruses and headaches." Not "malware",

I'm sure most people would consider malware a "headache"

[MacAerfen]

So Apple should change its stance on virus and malware because there have been two verifiable malware? both of which requires the user to authenticate their password before installing. We have the first one being the very trojan that the screenshot is from, which basically hijacks your DNS settings which people get by installing video players from questionable websites, which they have to install by hand using their admin password. The other malware was part of a pirate copy of iWork that people were downloading illegally that still required the admin password to install.

On it's own the Mac OS does not have the same risk currently that Windows users share by browsing the internet, and yes Windows has gotten better at protecting itself but it is still sorely lacking.

So unless you Windows users who are saying that Apple is lying when they say the macs don't get malware/viruses care to share the large list you all apparently have of the malware and viruses out there that can infect a mac on its own without the user doing it to themselves then you really need to stop saying it.

So far I have seen a ton of people post claims that the mac gets viruses and malware but none of them have backed that claim up with a concrete list of these so called viruses and malware thats gumming up all the macs out there.

Even if these two examples were able to get on the Mac on their own I would still use a mac simply because 2 viruses out there are a whole lot less than what could get on my Windows computer.

[NeverhadaPC]

Can I turn this feature off??

I do not want to have SL turn into Vista where my OS turns into a high-security prison.

Disallow or proceed?

[ilp]

Apple realizes that malware protection is inevitable. It seems that the MacOSX is much more secure by nature, so remote exploits are significantly more difficult. The easiest path of entry becomes trojans, where you execute bad stuff locally with admin privileges.

However, current AV products on Windows are just not that great to use. They are a hassle through and thru. Major players like Symantec AV and McAfee are fat slob pigs. Do you really want to put your users through such a user experience?

I really hope that this is Apple's own, in-house designed anti-malware solution. Because then it will not suck.

[ValSalva]

Malware is inevitable as Apple gains marketshare. Malware writers will attack OS X if they feel they can make money taking over enough systems. It's not a knock on OS X, it's just that malware writers are clever.

Who cares about advertising strategy? At least they are focused on security.

[TuffLuffJimmy]

Quote:

Originally Posted by NeverhadaPC

Can I turn this feature off??

I do not want to have SL turn into Vista where my OS turns into a high-security prison.

Disallow or proceed?

yeah, a warning box pop up when the OS detects malware really sounds like a Vista prison.