Forgot your password?
typodupeerror
Security Businesses OS X Operating Systems Apple

Report That OS X Snow Leopard May Include Antivirus 335

Posted by kdawson
from the pinch-salt-toss-over-shoulder dept.
File this firmly in the "rumor" category for now. the JoshMeister writes (in the third person) "Mac antivirus company Intego broke the story this morning that Apple is apparently including antivirus functionality in its upcoming operating system, Snow Leopard. But which antivirus engine is Apple using? Security researcher Joshua Long discusses the likely candidates."
This discussion has been archived. No new comments can be posted.

Report That OS X Snow Leopard May Include Antivirus

Comments Filter:
  • by Anonymous Coward on Tuesday August 25, 2009 @04:05PM (#29191663)
    bah, what respectful virus author targets anything but the Microsoft OS ?
  • Snowing ? (Score:5, Funny)

    by HW_Hack (1031622) on Tuesday August 25, 2009 @04:05PM (#29191671)

    Can we get a weather report from Hell ?

  • laughing @Slashdot eldavojohn watches the last journalistic integrity ebb #apple #mac #antivirus #snowleopard #security
  • Scanning (Score:5, Funny)

    by schmidt349 (690948) on Tuesday August 25, 2009 @04:08PM (#29191715)

    At its core a virus scanner is just a wrapper around a multipattern byte matcher, so maybe it's better to ask whether they're using Aho-Corasick or Wu-Manber...

  • by ejdmoo (193585) on Tuesday August 25, 2009 @04:08PM (#29191725)

    Microsoft is soon to have free-for-consumers anti-virus and anti-malware software as well:
    http://www.microsoft.com/security_essentials/ [microsoft.com]

  • I use ClamXAV (Score:5, Informative)

    by Fallen Kell (165468) on Tuesday August 25, 2009 @04:08PM (#29191727)
    Personally I use ClamXAV and always have. Mainly because I have a tripple boot system (not that I use much more than OS X, but every once in a while I need to use Windows or Linux for testing something). Because of the fact that there are other operating systems on my box, I wanted an anti-virus in case somehow it could affect the other instances on the system.
    • by dltaylor (7510)

      For those uses, wouldn't a virtual machine make more sense?

      Parallels, at least, supports both Linux and Windows clients.

      • And also unfortunately, Parrallels does not have proper hardware level GPU access from systems running in the virtual machine. So no 3D hardware acceleration or CUDA programming support, which happens to usually be the reason(s) for me to try the other OS's.
        • And also unfortunately, Parrallels does not have proper hardware level GPU access from systems running in the virtual machine. So no 3D hardware acceleration or CUDA programming support, which happens to usually be the reason(s) for me to try the other OS's.

          Actually, Parallels does work with BootCamp though, so you can use the VM from within OS X when that is acceptable and roll it back to previous snapshots for security reasons, and still boot from the partition for those instances when you need to access the GPU directly, like for certain games. Of course it also costs money and it the security is not a concern for you, there's not a lot of reason to bother with it.

    • by v1 (525388)

      Doesn't OS X already run ClamAV internally? At least as of 10.4, Server does [oreillynet.com] but I haven't heard about client.

  • Nonsense (Score:5, Funny)

    by TerrenceCoggins (1601371) on Tuesday August 25, 2009 @04:11PM (#29191783)
    Virus protection? If Mac vs PC guy has taught me anything, it's that MAC'S DON'T GET VIRUSES! Don't lie to me...
    • Re: (Score:2, Funny)

      Well yes, that's what the anti-virus is for, to ensure Mac's don't get viruses ;)
      • Well yes, that's what the anti-virus is for, to ensure Mac's don't get viruses.

        Grammar Nazi says: "When your sentences' contain plural's, the plural's do not need apostrophe's. Apostrophe's are for possesive's and contraction's."

    • Re: (Score:3, Insightful)

      by Tibor the Hun (143056)

      I don't understand why you people think that any OS can be imprevious to a trojan?

      As an OS X user, this is great news.
      This way I don't have to wonder if my Apple using friends are downloading Photoshop from TPB and getting infected.

      But, no, as of yet, there are still no self-propagating viruses or worms for OS X.
      Even though my snide Windows friends keep sending me the sky is falling emails every month about OS X being just as vulnerable as Windows.

      • Re:Nonsense (Score:4, Insightful)

        by dkf (304284) <donal.k.fellows@manchester.ac.uk> on Tuesday August 25, 2009 @05:15PM (#29192819) Homepage

        I don't understand why you people think that any OS can be imprevious to a trojan?

        Nobody with half a brain thinks that. The only way to make an OS totally proof against trojans is to stop users from installing new apps, and that's something that general desktop computing hasn't gone down the road of.

        What's curious about OSX is that it doesn't have the sort of culture that leads to trojans being a problem. I'm not sure why this is; maybe it is because Mac users are more inclined to buy their software? (Indeed, they buy things that on other platforms would be free...) Accepting (apparently) legitimate payments is not a black hat sort of thing to do, because it is far too easy to trace back to a real identity.

        I suppose it also helps that there aren't that many "usability of security" issues in the supplied OSX core apps, so users are less likely to do something catastrophic by accident.

    • Re:Nonsense (Score:4, Informative)

      by tlhIngan (30335) <slashdot@wor f . n et> on Tuesday August 25, 2009 @05:01PM (#29192609)

      Virus protection? If Mac vs PC guy has taught me anything, it's that MAC'S DON'T GET VIRUSES! Don't lie to me...

      Heck, maybe it's also why Linux virus scanners exist. Besides the oddball Mac trojan, the Mac AV probably keeps up with PC viruses as well. Not because they can run them, but to avoid being a "carrier". If you use the Windows firesharing, many worms seek out the shares. It's possible those worms may find an open Mac share and infect files in there. The Mac won't get infected, but Windows PCs accessing those shares can become infected. Better the Mac catch it and quarantine...

  • San Francisco, AP
    In response to a sharp rise in popularity in 2014 (the year of the Linux desktop,) the Linux Foundation has announced that antivirus technology from McAffee will be built into all versions of the Linux kernel starting with v 2.6.45. When asked about this latest development, Linus Torvalds said, "I believe that adding 2,476,000 lines of antivirus code in order to protect Linux users is the most effective solution and can only benefit Linux users for years to come."

    That'll be the day that hell freezes over.

  • good for Apple (Score:4, Insightful)

    by pak9rabid (1011935) on Tuesday August 25, 2009 @04:16PM (#29191877)
    Better to get a head start on the AV game now rather than later. If Apple's dream does in fact come true and the majority of desktop users switch to Macs, I'd expect to see a sruge of malware targeted for the Mac platform. Anyone that thinks Macs (or any other platform) is immune to malware is living one helluva naive pipe dream.
    • Re:good for Apple (Score:5, Informative)

      by seanadams.com (463190) * on Tuesday August 25, 2009 @04:45PM (#29192361) Homepage

      Immune? No. Reasonably secure by design, yes.

    • Re:good for Apple (Score:5, Insightful)

      by SoupIsGood Food (1179) on Tuesday August 25, 2009 @04:48PM (#29192401)

      Dunno. While no platform is 100% secure, design does count for a lot. There are a lot of "proof of concept" hacks out there for the Mac, but very, very, very few "in the wild" 'sploits floating around, especially self-replicating ones like viruses and worms. The installed base of Internet-going Macs is a few dozen million at the least, and mostly personal computers with personal info and used to buy stuff online - prime targets for the big-shop black hats. I doubt very much it's not worth their while... I just think they can't go after a system with even a moderate level of security.

      I don't think this says something about Apple (see the part above about "proof of concept" hacks), I think this says a ton about Microsoft.

      I really don't buy "ecosystem" arguments - why is IIS and MSSQL pwnd on a regular basis by automated attacks, but Apache and MySQL only once in a blue moon (and Oracle almost never)?

      • Dunno. While no platform is 100% secure, design does count for a lot. There are a lot of "proof of concept" hacks out there for the Mac, but very, very, very few "in the wild" 'sploits floating around, especially self-replicating ones like viruses and worms.

        Well, there's apparently enough of them "in the wild" that Snow Leopard beta testers have discovered an unannounced anti-malware feature. Why not try to nip this in the bud?

    • and the majority of desktop users switch to Macs

      Yeah. Right. In what wet dream involving the great savior did you come up with that? ;)

      (P.S.: They should use that sentence instead of "citation needed". Would be much more fun. ^^)

  • From TFA "Regardless of whose engine is being used, it's exciting is that Apple may be including anti-virus functionality in its next-gen consumer OS..."

    Exciting? Not the word I would use...depressing maybe.

  • Bound to happen (Score:3, Interesting)

    by prof187 (235849) on Tuesday August 25, 2009 @04:22PM (#29192013) Homepage

    As OS X becomes more popular it's pretty much inevitable that people will *want* AV on their computers. Be it from the paranoid to the clueless who "heard from a friend of a friend that Macs are insecure" -- or just someone playing it safe -- a move like this would make sense to ease consumer fears. Yes, they already sell AV products from third-parties, but in the same way Windows has its own set of security tools this is Apple's way of showing that you don't just have to trust them, they're actively involved in proving the safety of their product.

  • McAfee (Score:5, Funny)

    by SnarfQuest (469614) on Tuesday August 25, 2009 @04:31PM (#29192139)

    Let them run McAfee. Those Macs run too fast as it is, and that should make those shooter games playable by us mere humans.

  • by Garbad Ropedink (1542973) on Tuesday August 25, 2009 @04:32PM (#29192149)

    It's time we came clean. Macs do get viruses. Actually they get a lot of viruses. Really the OS is basically viruses and itunes. We pretend like we can work on these systems but it's just a screen full of viruses all having sex with eachother. The reason you never heard about it because back in ought 3' we took an oath to never reveal that terrible terrible truth. We relied on Windows users hatred of Macs preventing them from finding out. But, now that it's out in the open I suppose we ought to move forward and try to rebuild, maybe accept the situation and try to secure our OS.

    So uhh.. Windows users... How do you make a *shudder* bug fix?

  • Security Details (Score:5, Insightful)

    by 99BottlesOfBeerInMyF (813746) on Tuesday August 25, 2009 @04:39PM (#29192249)

    Apple has been light on details they have made public about Snow Leopard. We know they implemented a CDSA security architecture, expanded use of the sandboxing, and now there is this report of actual malware scanning, but the info on Apple.com is basically nonexistent. I surmise this is intentional. Security people either have developer accounts or will read up on this stuff in technical papers when NDA's expire next week. For regular users, Apple doesn't even want to bring up security as an issue. They will make blanket marketing statements about it, but they would rather leave all the details to more technical venues. This was their policy for Leopard too, with most users having no clue that a full port of TrustedBSD's mandatory access controls was included and being used to sandbox certain potentially vulnerable services.

  • by Aphoxema (1088507) * on Tuesday August 25, 2009 @04:47PM (#29192381) Homepage Journal

    Problem with having a single, unified anti-virus (if ever such a thing is reliably possible), programmers will have an easier time guessing what protections they'll face when creating a virus.

    Windows might not be the most... or... almost... close to the most stable series of operating systems, but there sure is a fair bit of variety involved in each installation. A vulnerability that can hit any generic OS X installation hard will be able to hit every other generic OS X installation hard.

    This'll end in tears if Apple and friends don't keep vigilant on every threat. A problem with the die-hard proprietary and user friendly nature of Apple products is Apple are now the sole caretaker, the mother and father, the reason and the nonsense to every single computer they've made residency in. End users aren't encouraged to practice personal responsibility, they pay and trust... pay for trust...

    Think Different, Indeed.

    • by 99BottlesOfBeerInMyF (813746) on Tuesday August 25, 2009 @04:55PM (#29192509)

      Problem with having a single, unified anti-virus (if ever such a thing is reliably possible), programmers will have an easier time guessing what protections they'll face when creating a virus.

      I agree, to some extent. In terms of attacks on the antivirus system itself a single system may be more vulnerable. In terms of bypassing signatures, however, there is no reason centralized anti-malware cannot draw signatures from disparate feeds, the user subscribes to, be they supplied by Apple, open projects, or commercial companies, for free, or charge.

      That said, Apple including malware detection doesn't mean users can't install other malware detection services as well. ClamAV isn't going away just because Apple ships a built in competitor.

      End users aren't encouraged to practice personal responsibility, they pay and trust... pay for trust...

      From Apple's Snow Leopard Web site:

      Security Advice The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100 percent immune from every threat, antivirus software may offer additional protection. Here are some other ways to help keep your information as safe as possible:

      • Download files only from known and trusted websites.
      • Use FileVault to encrypt your most important documents.
      • Control access to your Mac by locking your screen after a period of inactivity.
      • Securely delete outdated sensitive files with the Secure Empty Trash command.

      That sounds to me like end users are being encouraged to practice personal responsibility.

  • by diamondsw (685967) on Tuesday August 25, 2009 @04:58PM (#29192553)

    ...and no such thing exists there, this would seem to be completely made up bullshit.

  • by MROD (101561) on Tuesday August 25, 2009 @05:07PM (#29192685) Homepage

    So, we have a Slashdot story speculating about the outcome of a story on another site which uses unknown, and not necessarily reliable source, about a possible feature in an unreleased OS.

    Can we please wait until there is real evidence before shouting that the sky's falling please.

    Oh, sorry, this is Slashdot! ;-)

    As for the article: *IF* it is true, fine! Who cares what anti-virus engine it uses as long as it works and is ready for any dangerous malware which does come along for MacOS?

    (And for those who wish to gloat, no OS is fully immune, especially from the security hole at the keyboard. Why does Linux need an anti-virus product like ClamAV?! Linux doesn't have any viruses.... ;-))

Real computer scientists don't comment their code. The identifiers are so long they can't afford the disk space.

Working...