OS X

Snow Leopard Malware Protection a Growing Pain for Mac OS X

Snow Leopard
Mac users have long relished the fact that malware is nearly a foreign concept to them. Yet, in a tacit acknowledgment of the growing threat of malware on the Mac platform, Apple has added some rudimentary malware protection into Snow Leopard.

Malware is a virtually constant plague for Windows users and an entire industry has been built around protecting the Windows operating system from viruses, worms, Trojans, and other malware threats. Microsoft-bashers claim it's a function of poor design and insecure coding by Microsoft, but security experts have also debated whether or not it is more a function of the virtual monopoly Windows has enjoyed as a desktop operating system.

Apple demonstrated an increased concern for malware on the Mac OS X operating system by including malware detection as one of the many updates in Snow Leopard. It seems that Apple realizes that the size of the bullseye painted on the operating system is in direct proportion to the number of systems using the operating system.

It makes sense. Arguments of superior design and security aside, malware is a business. If you were designing a wonder-widget, would you want to target it at a broad audience of millions around the world, or build your wonder-widgets for a small niche audience? Similarly, if you are trying to maximize the profit potential of your malware, would you write a virus that targets millions of Windows systems around the world, or invest your time exploiting holes in the relatively niche Mac OS X operating system?

Well, now that niche is hitting the mainstream. Redmond doesn't need to be too paranoid about Snow Leopard taking over the desktop market any time soon, but the fact of the matter is that the operating system has matured and Snow Leopard in particular introduces a number of updates and features that make it more viable for both consumers and businesses.

Hopefully Apple's newfound malware concern is misguided though since the malware detection in Snow Leopard offers nothing to actually block or remove any threats. Essentially, the antimalware feature in Snow Leopard is simply a modification of the Mac OS X File Quarantine feature. It takes the File Quarantine process one step farther by comparing files against a database of known threats to notify the user that the file may be malware.

Should a user ignore the warnings, or if a threat comes through that is not recognized as a known threat in the database, Snow Leopard could still become compromised by the malware. To actually scan and clean Snow Leopard systems users will have to look into third-party malware protection tools.

Tony Bradley is an information security and unified communications expert with more than a decade of enterprise IT experience. He tweets as @PCSecurityNews and provides tips, advice and reviews on information security and unified communications technologies on his site at tonybradley.com.

Subscribe to the Best of PCWorld Newsletter

Comments