Do you think apple should release an indepedent app to keep system secure?

[clevin]

expanding user base, switching to intel chip, and bootcamp are all causes for rising security risk, and in recent years, OSX's flaws are found in faster speed.

being isolated from windows for a long time, like some ppl said about the bugs from apple's safari for win's: "this is the type of a flaw you probably no longer even test for because it seems too obvious..." and "...what rock did Safari developers hide under for the past 8 years or so?"

In face of changing situation, I found that I do not have a way to control the security of the system by myself, rather, only way is to wait for apple's security patch, which is NOT that transparent, neither is it very rapid (only for windows products?) Its like When I was under windows, I know what I can do to be safe, under OSX, now Im facing unknow with little information about the risk.

I would like apple to release some sort of security app, like windows defender or AV or others.

What suggestions do you have to make OSX user base more aware of possible risk and way of dealing with it?

PS.
No need to argue OSX is safer than windows, I admit that.
Plz just ignore this post if you think its a windows way of thinking and deserve no attention. Im proposing this post for constructive suggestions, not arguement

 

[djstarrock]

Well for a start the firewall should be on by default. I guess they could produce an AV but there just not any big threats at this moment of time and there improving the security so often.

 

[mkrishnan]

Well for a start the firewall should be on by default.

The counterargument to this is that OS X may ship with the firewall down, but it also has central configuration of all services, and all services are turned off by default, meaning that having the firewall down does not cause any loss of security.

In terms of what Apple can do beyond this... I don't think they should release a new app. I think it's better off being in system prefs. I do have suggestions:

1) Putting ClamAV in Tiger Server was a great idea. Even if it's shipped turned off, they ought to just roll Clam into all versions of Leopard. Perhaps also incorporate a way to have Clam check Windows partitions on the Mac.

2) I do see some merit in adding the kind of outgoing transmission firewall coverage that ZoneAlarm and LittleSnitch have right into the OS X GUI implementation of ipfw.

3) I guess they could also purchase and incorporate MacScan or something of the like, but this is more difficult because there's nothing to detect -- there's no reason for Windows spyware to get onto a Mac, even though it doesn't do anything anyways. At least with viruses there are foreseeable situations in which a Windows virus gets on a Mac.

 

[xUKHCx]

2.) I do see some merit in adding the kind of outgoing transmission firewall coverage that ZoneAlarm and LittleSnitch have right into the OS X GUI implementation of ipfw.

I use LittleSnitch and i would love to see it or some form of it integrated into the Operating system, hopefully it would give more specific details about what is trying to do what. A couple of times i have had very obscure messages coming up and have had to a do research to find out what it all means before allwoing it.

 

[Michael Smith]

Well for a start the firewall should be on by default.

Why? What do you think it would be achieving?

Seriously; a firewall on a client system has very limited use. Feel free to offer up your justifications so that they can be vindicated or put to rest.

= Mike

 

[zioxide]

Why? What do you think it would be achieving?

Seriously; a firewall on a client system has very limited use. Feel free to offer up your justifications so that they can be vindicated or put to rest.

= Mike

I agree. Software firewalls are more of a nuisance than anything else. They just waste processor power when processing the data going through the network. I don't even run them on any of my computers. The router has a hardware firewall, and that's all you need.

 

[Scarlet Fever]

safari 3 is flawed because it is beta software. Apple specifically state it is a beta version of the software. If you can't cope with instabilities, don't download beta software.

 

[Michael Smith]

The router has a hardware firewall, and that's all you need.

Regardless of whether the router has a hardware firewall (unlikely) or a software one of its own, there are limited reasons why you'd want one there, either.

= Mike

 

[matthew24]

Apple needs to stay vigilant and pro-active, and they are, that will be sufficient because the OS architecture is a perfect safeguard in itself. (AntiVirus/Spy software is proof of a wrong OS concept.)
Besides this, I did read somewhere that in Leopard there will be a possibility to run apps in protected space, this means that a buffer overflow bug can no longer be exploited. This feature can be turned off because I suspect it will demand more memory.