Apple has long maintained that Mac users don't need to worry about viruses and other malicious software, so the...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
fact that its latest Mac OS X, Snow Leopard, includes new antimalware protection is quite a turn of events. Don't get too excited, though; it is by no means a full-featured antivirus program.
Out of the box, Snow Leopard will be able to detect just the two most common Mac Trojans: RSPlug.a and iService. The feat is accomplished by checking malware definitions stored in a new .plist file in the /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources folder. (Using the Mac's Software Update service, I assume that Apple will push definition updates to this file to add new malware signatures in the future.)
However, one glaring antimalware limitation is that only files downloaded using a few select applications, such as Safari, Firefox, iChat, Entourage, Mail and Thunderbird, are scanned for malicious code. This means that files obtained using any other applications, such as torrent clients or peer-to-peer (P2P) software, which are probably more likely to be sources of an infection, are not checked. iService, for example, piggybacks on pirated copies of iWork '09, which are downloadable from file-sharing sites. In addition, files that are on CDs or USB drives are also not scanned, so Macs can still be infected with either of these Trojans.
As you can see, the program doesn't provide system-wide protection, and if an infection occurs, it won't remove the malware. The added antimalware feature is a limited quick fix to combat the two most common Trojans on the Mac, but it does show that Apple recognizes that malware is not just a Windows problem. Maybe the company's intention is not to offer free protection for the more dubious applications out there. Anyway, for full peace of mind, it's still necessary to purchase real antimalware protection, such as Sophos Inc.'s Anti-Virus for Mac or McAfee Inc.'s VirusScan for Mac.
Other Snow Leopard antivirus defenses include sandboxing, which restricts the actions that programs can perform and files that can be accessed. Library randomization, which arranges the positions of key data areas to randomly assigned addresses, is a feature that brings the OS more in line with Windows Vista's level of security. Of course, the 64-bit applications in Snow Leopard are more secure from hackers and malware than the 32-bit versions. That's because 64-bit applications can use more advanced security techniques to fend off malicious code, such as strengthened checksums to prevent attacks that rely on corrupting memory.
If the Mac operating system becomes more popular, you can be sure that the amount of malware targeting it will increase. As a Mac user, be sure to monitor how seriously Apple takes your security. Marketing slogans will provide no defense against determined hackers.
Dig Deeper on Alternative operating system security
Related Q&A from Michael Cobb
A technique known as the GhostHook attack can get around PatchGuard, but Microsoft hasn't patched the flaw. Expert Michael Cobb explains why, as well...continue reading
Software developed by the hacking group Platinum takes advantage of Intel AMT to bypass the built-in Windows firewall. Expert Michael Cobb explains ...continue reading
Tensions between the U.S. and Russia have led to source code reviews on security products, but the process isn't new. Expert Michael Cobb explains ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.