Filed under: Security, Snow Leopard
Malware detection coming in Snow Leopard?
As the post notes (and sites such as The Register and ZDnet corroborate), when a problematic DMG is downloaded or mounted -- containing one of two known malware components -- the Finder throws the alert pictured above, warning the user not to install the software in question and to throw away the disk image. While this is a nice touch for the two security risks in question, The Register notes that the filter appears to only catch files downloaded through some of the more common apps (Mail.app, Entourage, Safari, Firefox and iChat among them) but not files copied over from removable media. It doesn't cover the wider gamut of threats out there, nor would it detect or block Windows malware that a Mac user could unwittingly transmit; for all of those scenarios, a true AV app (paid or free) is what the doctor ordered.
You can keep up with all the latest Snow Leopard news via our category page.
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
Urbz said 9:27PM on 8-25-2009
If, as viruses/trojans/malware/spyware become more prevalent on the Mac, Apple stays on top of the game by protecting its users (who, might I add, pay them oodles of ca$h), then I seriously would think that despite aforementioned crud, Apple is STILL the way to go as far as computers are concerned.
Reply
Jeff Hesser said 8:21AM on 8-26-2009
no worries, so long as the majority of the world continues to ignore macs so will the malicious people that take the time to find and exploit security holes.
SinisterJoe said 9:48PM on 8-25-2009
This is the type of thing that has to be built into the OS to be effective and easy to use. If Microsoft had done this 10 years ago I suspect the Windows malware market would have never emerged. There just wouldn't be enough good targets to grow the market so quickly. Apple should back port this to 10.5 and maybe even 10.4 to cover all their bases. It's probably just a simple checksum/hash check.
Reply
Jordan said 1:47AM on 8-26-2009
Microsoft will soon be offering free antivirus and spyware. It's called Microsoft Security Essentials and it's actually really really good. But, do you think Microsoft will be allowed to ship it with the OS? No. Lawsuits would follow. Do you think average redneck Joes is going to go install it? No.
On the other hand Apple here is allowed to ship this with their OS. Seem fair? No.
Don't give me the monopoly crap. If it's something that Microsoft is providing free of charge to protect their OS, they should be allowed to ship it. They aren't trying to leverage into a new market to make money. They are providing it free and probably are losing money on it.
SinisterJoe said 2:03AM on 8-26-2009
The US DOJ has never forced Microsoft to remove anything from Windows -- including IE, Windows Media Player, tie-ins to Live/MSN/Bing/etc. I think it's unlikely they would change course on that policy. The EU is a different story but as long as Microsoft offers a version of Windows without it (which basically no OEM will ship anyway) they're probably safe there too. In both cases the overall message to Microsoft is bundling is OK but you have to play nice.
Steve B. said 3:43AM on 8-26-2009
@Jordan,
The One Thing that is Most Important that you neglected to add or understand is Microsoft Sells Software for Any PC. it Is there Business Model Selling Software.
Mac Is a Closed System With OSX, It Only Comes with A Mac and is not Supported by ALL General Everyday PC System's. Apple May due with it as they wish due to them producing the Hardware And Software as there Business Model.
Please Understand the Difference's of Both Entities, They are Not the Same, not by A Long Shot.
If Apple Sold OSX as a Stand Alone Product for Every NON Mac, then Yes it May be a Questionable Move, But at This Time It is Not, And Even the Courts Have Said So. So Apple May do with as it Pleases with there Own Closed Hardware & Software under there own Business Model, And it is Not Against the Law to have A "Supposed Monopoly" Own your Very Own Product.
That word has Been Tossed Around to much and seems like it is used by Just Anyone that Does Not Have A Clear Understanding of How a Business Model Is Treated And Recognized as a Comprehensive and Legal Plan, No Matter what SOME-ONES OWN PERSONAL THOUGHTS ARE.
It Is Legal For Apple At This Time Unless They Open OSX Up to The Masses.
Ryan Trevisol said 7:26AM on 8-26-2009
Next time, when you do Format -> Change case ..., try Sentence case.
Title Case Doesn't Work Well for Blog Comments.
Jon said 8:16AM on 8-26-2009
@Steve B,
Seriously, I couldn't even finish reading your comment.. I understand where you're coming from, but damn, don't capitalize letters that aren't supposed to be.
And due != do, no matter how much they sound the same. Two totally different meanings.
Jordan said 9:12AM on 8-26-2009
@Steve B:
Right, I understand Apple sells the package, Microsoft sells the software. But make the Anti-virus part of the OS and what's the difference? They're still selling the software.
NateF said 10:22PM on 8-25-2009
"The Register notes that the filter appears to only catch files downloaded through some of the more common apps (Mail.app, Entourage, Safari, Firefox and iChat among them) but not files copied over from removable media."
Well, if all computers involved in such a situation were Macs running Snow Leopard, so long as neither user opted to open the infected disk image and install the malware, they would be fine.
"It doesn't cover the wider gamut of threats out there, nor would it detect or block Windows malware that a Mac user could unwittingly transmit"
What would this 'wider gamut of threats [to Mac users] out there' entail?
Also, I don't think it's Apple's responsibility to tackle Windows' malware infestation. That would be quite a difficult, painstaking task that's Microsoft's to handle.
Nonetheless, this sounds like a great thing to implement on an OS level, rather than leaving it up to users.
Reply
nickux said 10:29PM on 8-25-2009
I don't understand how anyone could conceive this as a bad thing. More people buy Macs and hackers will no doubt start targeting the platform. Glad to see Apple's ad campaign hasn't gotten completely to their heads.
Reply
Binja said 10:32PM on 8-25-2009
It also throws out warnings about websites. I have gotten three of them so far.
Reply
mech said 12:27AM on 8-26-2009
i find this rather hilarious with the current apple ads propagating the serene mac existence. honestly, I think they are pissing off some virus-writers with those, who might just jump on apple software and write a few nasty programs...
Reply
Jordan said 1:49AM on 8-26-2009
I agree. I also find it hilarious the way they word it. "X will damage your computer. You should move it to the trash." Sounds exactly like it's playing directly into the fears of Mac users. Damage? OH NO! Better trash it!
SinisterJoe said 2:32PM on 8-26-2009
I would say objectively it is a far better way to handle things that provides a much better end user experience. You don't have to pay for AV software or pay for updates. It's not obtrusive at all. It's something the vast majority of people will never have to worry about. That's basically what Apple advertises.
William said 12:20PM on 8-26-2009
If true, this is interesting and a good step in the right direction. Does this mean Apple will pull the ads railing on malware on the PC, including the ones they just released? Or are they going to say, "we have fewer, so it's ok"?
Reply
Jash Sayani said 12:25PM on 8-26-2009
Nice step! Nifty feature.
Reply
Kjell said 11:27PM on 8-26-2009
Wrong step. This is like a invite to some virus coders.
Every lock has been broken in the past and it wont take too long and this will be too. Maybe i am wrong, but after 3 years Mac i still have my paranoia coming from 10 years Windows - and i've seen all good attempts fail.
And once it's broken this built-in feature is as good as nothing. Why is Apple entering that "contest" at all? Because of the handful trojans circulating in the depths of pirated software hell only.. i don't think so.
Anyway.. Just saying you shouldn't think you're saver now. As always, you will hear that your computer is probably compromised when it's on the news. ;-)
Reply