Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Why would a company that sells anti-malware solutions want to help make an OS more secure?

Probably for the same reason that OS X has, until this very moment, ZERO viruses in the wild - or iOS and its ZERO malware, for that matter.

How Apple could even consider contacting these Russian criminals for anything besides self-serving anti-malware POS software is beyond me.
 
Speaking exclusively to Computing, Kaspersky CTO Nikolai Grebennikov said his firm had recently begun the process of analysing the Mac OS platform at Apple's request.

"Mac OS is really vulnerable," he claimed, "and Apple recently invited us to improve its security.

If I had recently partnered with a security outfit, and they made a statement like this (regardless of whether or not it has a factual base), I would promptly fire them. Mr Grebennikov's statements are both objectionable and unprofessional.

F
 
IMO: there is no such thing as a perfectly secure system when a system is connected to the internet or uses any kind of software that is useful. I think that Apple does very well though things could be improved more, and I think the Apple software store is a big part of that.

However, the biggest surprise to me is this: Whether its true or not, why would a CTO rip his major clients in the press like this? Yes, Kaspersky will get some press out of this, but good luck keeping Apple as a client or gaining other serious clients if you talk about them in the media like this.

I'm pretty sure he had already publicly made those statements before this announcement of Apple seeking him out.
I give points to Apple for "inviting" him in, and points to him for not suddenly turning into a little suck up because of it.
 
I'd suggest writing Tim Cook a letter and asking him. Head it up with "Dear Fool...". A healthy dose of derision goes a long way towards showing people how smart you are.

What, me worry? :rolleyes:

----------

Can somebody name for me a single Mac OS X virus that can infect my system?

Shouldn't be too hard, right? There's so many out there, right?

Ask GGJStudios, he knows all of them. :D
 
The only known vulnerable thing about OS X is the old messy internal PDF reader/renderer implementation which it shares with iOS and which can be exploited (the way jailbreakme works). The Kaspersky guys are known to be very loud because they can't really sell any products for a secure OS.

Regarding Flashback - this is why Apple will delegate java Updates to Java makers in the future. The bug was not Apple's, it was Oracle's. Apple's fault was to wait with the patch for so long. The only thing Apple needs in regards to security is to improve its workflow in dealing with such things. They should create a department which would react to newly discovered exploits in quick matter. Till now, developers contacting Apple about an exploit didn't really have a direct contact.
 
Really vulnerable with less than 5 known threats? :rolleyes:

Despite the fact that Macs may have less then 5 known threats, It still doesn't mean It's not vulnerable from being hacked..

Not sure If you guys read up on it, but many people have very easily been able to gain root access of Mac OSX.. Thats where the issue lies..

Even though lack of marketshare may keep Mac OSX still safe from hackers these days, that could soon change..
 
I could see Apple wanting an elegant and integrated solution built into the OS. They could partner with Kaspersky, the two groups can come up with a custom solution. Expect to see Kaspersky built in and updating automatically.
 
Originally Posted by gwelmarten
It's good to hear they are fixing this, although I'm not sure I like them taking it out of house!
Fixing what?
Fixing perception for those that have fallen for the security racket. While OSX contains its share of security flaws, I do not see anything good coming out of this deal with Kaspersky. I also do not know (given the details in the article) that Apple and Kaspersky have a formal agreement. While the fault may lay on the article's author, I see a lot of weasel words.

Apple has invited security company Kaspersky.

I see no indication that this is a formal contract or business deal.

Nikolai Grebennikov said his firm had recently begun the process of analysing the Mac OS platform at Apple's request

I see no indication that this is a formal contract.

Grebennikov claimed that, in his personal view, Apple does not take security seriously enough.

I doubt that he would have made this statement had Apple actually signed a contract for money.

"Our first investigations show Apple doesn't pay enough attention to security. For example, Oracle closed a vulnerability in Java, which was a target for a major botnet several months ago."

Our first investigation consisted of reading the news.

Grebennikov pointed to the existence of the botnet as evidence that Apple needs help with its security.

I see this as evidence that Apple needs to be more expedient in releasing patches, and not as evidence that Apple has to pay money to scaremongers.

All in all, I get the distinct feeling that this business with Kaspersky is an informal "Apple didn't say No to us, so they must have said Yes" and that Grebennikov is still completely full of !@#$.

F
 
Fixing what?

Just their previous problems with security. I only use Mac's, and I appreciate Apple are not a security company, but when a threat is known about it should become a priority to deal with it.
I'm not saying that other things should go on hold, just that having a dedicated team to manage this sort of thing wouldn't be a bad thing. Perhaps this is where they are going in the long run - making OS X even more "All inclusive" (if that's even possible).
 
I was asked to consult by another company, the last thing I would do is start bad mouthing them in the press. That just seems like stupid business.
 
This is a company that has no credibility, has made several false claims in the past, and MOSR posts it as if it were a fact? In the headline?

And of course, we'll never see the retraction when it turns out they were lying.

Arnold, you're letting your baby go to hell.

This is becoming the weekly world news of mac rumors.
 
This is a company that has no credibility, has made several false claims in the past, and MOSR posts it as if it were a fact? In the headline?

Uh. Kaspersky is one of the more respected security companies in the world. Just because they've said some things that makes your Mac not look quite as secure as you've always believed it to be doesn't mean they have "no credibility".

And what false claims have they made in the past? Sure, they have a tendency to hype up problems, all AV companies ultimately do, but they've never flat out lied about one before.

edit: I'm sure I've said this before, but one thing I find amazing about the hardcore Mac people is how they all view all AV companies as "The Enemy", out to destroy the good name of Apple with these malicious claims of insecurity. There's a difference between having a computer you like, and having one you're so emotionally invested in that you take personal offense when someone doesn't shine it in the brightest of lights.
 
I see no indication that this is a formal contract or business deal.
...
I see no indication that this is a formal contract.

So what would it take for you to think that Kaspersky came to help Apple for money? A formal demand from Kaspersky that they be allowed through the pearly gates? Of course Apple INVITED them, why the hell would it be the other way around?

And if you think Kaspersky will offer their consulting services for free, you're sorely mistaken.
 
Probably for the same reason that OS X has, until this very moment, ZERO viruses in the wild - or iOS and its ZERO malware, for that matter.

How Apple could even consider contacting these Russian criminals for anything besides self-serving anti-malware POS software is beyond me.

I don't think there's really much to get excited about here. The fella is (unprofessionally) just using a tenuous relationship with Apple to peddle his wares.

What he failed to mention was that Apple probably contacted a lot of other companies with the same questions. If they're not talking to Microsoft I'd be very surprised because Microsoft knows more about malware and patching security holes than anyone. The difference is that Microsoft has better manners than to mouth off about it.

Reading his comments tells me that we are not going to see anything Kaspersky has written end up in any Apple product. He bangs on about the Java exploit, but remember that the same exploit also affected Linux and Windows to a lesser extent. The difference was that it was patched in good time on those platforms, which says that the problem is mostly down to Apple's poor processes, and not the operating system. That's where Kaspersky, and Microsoft and whoever else can help out: the processes.
On the software side, Apple needs expertise in detecting holes in their own operating system and detecting possible malware in submissions to the app stores. This is something they've let slide for far too long.

Honestly, this is all good. Apple has learned from its mistake and is trying to improve the situation. And it's good that they're seen to be doing something. It's just a shame that this chap chose to be a tool about it.
 
Last edited:
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.