Sophos Questions Apple Mac OS Security

Dave Courbanou

June 22, 2010

Sophos, the endpoint security software company, is taking aim at Apple on the security front. Specifically, Sophos notes that Apple very quietly updated their XProtect.plist in Mac OS X 10.6.4 — which stores information about Mac malware. Sophos decrees that since there’s no mention of the update in Apple’s release notes, Apple is trying to quietly suggest that there are no threats to the OS X operating system and that Apple isn’t offering true virus protection. Here are the details…

On the upside, Apple has officially protected Macs against a potential threat that masks itself as iPhoto. The threat, if running on your Mac, opens your Mac to remote hijinks from a malicious hacker, including taking screen shots, sending e-mail and access to your all important files.

Still, Mac OS X remains open to threats, Sophos asserts. In a blog post on June 18th by Graham Cluley, Sophos says Apple is still not protecting against all threats in the wild despite the update. The blog entry also features a YouTube video that shows how Sophos’ anti-virus protection beats Apple’s protection. Cluley also notes that…

Mac users seem oblivious to security threats which can run on their computers. And that isn’t helped when Apple issues an anti-malware security update like this by stealth, rather than informing the public what it has done. You have to wonder whether their keeping quiet about an anti-malware security update like this was for marketing reasons. “Shh! Don’t tell folks that we have to protect against malware on Mac OS X!”

Cluley takes a very cavalier — nearly snarky — attitude towards the fact that Apple has ‘downplayed’ the virus scene and smugly notes:

And I’m afraid that although I welcome Apple doing something to reduce the malware problem on Mac OS X, I don’t consider it a replacement for real anti-virus software.

Cluley then details –much to his chagrin — the fact that Apple employees frequently tell potential customers that Macs “never” get viruses.

So let’s put things in perspective, especially since Sophos is an anti-virus company. What if Apple can make it so Macs never get viruses infected? It would be brilliant advertising, and indeed, marketing like Cluley suggests. If this one update is just the beginning to an OS X-wide built in security effort, then isn’t that good news?

Conversely, even if Apple doesn’t take a bigger step against malware, isn’t security through obscurity still valid? On the one hand, it seems everywhere people are quick to decree OS X isn’t safe enough and still prone to viruses. On the one hand, it seems that nowhere has there been any reporting of a Mac-wide pandemic of viruses or malware.

This blogger thinks it’s great that there are watchdogs looking to see what’s going on with OS X and Macs under the hood, but I believe that Apple is smart enough not to let malware tarnish their squeaky clean image, and may have something up their sleeve for 10.6.5 or 10.7 in general. Could you imagine an Apple store selling anti-virus software or even recommending it?

Not on Steve Jobs’ watch.

Sign up for The VAR Guy’s Newsletter; Webcasts and Resource Center; and via RSS; Facebook; Identi.ca; Twitter and VARtweet.

Read more about:

AgentsMSPsVARs/SIs
Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like