Apple Sneaks in Malware Protection in Mac OS X 10.6.4

By Ed Oswald | Friday, June 18, 2010 at 12:06 pm

It’s no secret that Apple prides itself on OS X being “much more secure” than its Windows counterpart, so the fact that the company didn’t publicize the fact that it has added some additional malware protection in Mac OS X 10.6.4 shouldn’t be that surprising. Security firm Sophos discovered the changes while peering around the code of Cupertino’s latest update.

The additional protection was found in a file called XProtect.plist, a list of threats to Apple’s operating system. It is intended to protect against what they call HellRTS, a Trojan horse that comes disgused as iPhoto. Infected computers could find their computers sending out spam, have screenshots taken of their computer activity, and access files among other issues.

Sophos was not too happy that Apple did not announce these changes, saying Mac users should know about this potentially dangerous Trojan. “You have to wonder whether their keeping quiet about an anti-malware security update like this was for marketing reasons,” senior technology consultant Graham Cluley said. He added many users are oblivious to the fact that Mac viruses do indeed exist.

I do not run anti-virus software on my Mac, as I like many have felt that the operating system is pretty much impervious to attack. However, it seems as time goes on, and Macs gets much more popular, so could writing viruses and malware for the OS.

Maybe its time to invest in some protection?

6 Comments

Read more: antivirus, Mac OS X, trojan horse

6 Comments For This Post

Alan Says:
June 18th, 2010 at 1:02 pm

Great post. After all Mac’s are not invincible! 😉

Hamranhansenhansen Says:
June 18th, 2010 at 2:47 pm

I don’t think the list is new, it just has a new addition. There are essentially 3 apps that Snow Leopard won’t run now because they’re malicious.

You already invested in protection by getting a Mac. It comes with protection so doesn’t require the kind of aftermarket security Sophos sells. What you’re seeing here is Software Update working to cripple malware. If there is a new malicious app, Apple will add it to this list. If something more serious happens, Apple will take steps against that through Software Update. They can patch 75% of the Mac platform within a week and the rest within a month. This is a huge disincentive for malware authors. Their work can only ever be short-lived. It’s like when you paint over graffiti immediately every time the graffiti stops. There’s no point in spending a ton of time making something nobody will ever see. Each version of Mac OS only lasts a few months before the whole platform moves on. By comparison, Windows stands still, version after version, in spite of a flurry of patches. They end up inconsistently applied and systems stay vulnerable.

It’s not magic that keeps Macs safe, it’s basics.

Aktariel Says:
June 18th, 2010 at 3:37 pm

Also, Unix.

lava Says:
June 19th, 2010 at 1:54 pm

It’s also a shame, Ed, that you are being conned by Sopho’s deliberate confusion of the terms “Trojan” and “virus.”

What Apple has done here is make sure some known Trojan’s can’t be run, even if the user tries to do it. Anyone can make a Trojan for any platform because BY DEFINITION Trojan’s seek out the user’s permission to run.

A virus doesn’t. To date, there are no known viruses on Mac OS X.

It’s funny how the OS X platform has doubled and doubled again over the years, yet writers like you still think OS X gains security through obscurity. How many tens of millions of users does it take before the platform is big enough that you finally wake up and realize the platform isn’t “obscure?’

Rather, as Hamranhansenhansen note, Apple users update their software so quickly and rapidly that no matter how large the platform is becoming, Apple has really de-incentivized virus writers from the platform even as Mac OS X continues to grow 30-40% per year.

sadandmad Says:
July 27th, 2010 at 4:13 pm

Strange, but I've heard about viruses for Mac. Moreover I've heard about anti-viruses!
The quantity of viruses for macs will grow as the number of mac users grow.

As for me, I use secure delete mac tool for avoiding malware.

Invisible_Jester25 Says:
August 22nd, 2010 at 11:54 am

What I think is just sad is that Mac users continue to ignore a growing problem. Eventually, you won't be able to patch the system fast enough, or else there will come a virus that can impede patching.

Five years ago, Microsoft was slow to respond to viruses and other malware threats. Now their system is considered "unsafe". Now Apple has the same problem. For the love of God, you guys say your system is so much better than a PC's system, so prove it by acknowledging you aren't perfect. Macs are not perfect, nobody is perfect, and the computer wars are quite frankly silly.

Also, Linux is barely used; I think mainly servers use it anyway. Oh, and there was a trojan discovered for a release of a Linux distro, too, so let's not get too cocky, now. 🙂

Alan Says:
June 18th, 2010 at 1:02 pm
Great post. After all Mac’s are not invincible! 😉
Hamranhansenhansen Says:
June 18th, 2010 at 2:47 pm
I don’t think the list is new, it just has a new addition. There are essentially 3 apps that Snow Leopard won’t run now because they’re malicious.

You already invested in protection by getting a Mac. It comes with protection so doesn’t require the kind of aftermarket security Sophos sells. What you’re seeing here is Software Update working to cripple malware. If there is a new malicious app, Apple will add it to this list. If something more serious happens, Apple will take steps against that through Software Update. They can patch 75% of the Mac platform within a week and the rest within a month. This is a huge disincentive for malware authors. Their work can only ever be short-lived. It’s like when you paint over graffiti immediately every time the graffiti stops. There’s no point in spending a ton of time making something nobody will ever see. Each version of Mac OS only lasts a few months before the whole platform moves on. By comparison, Windows stands still, version after version, in spite of a flurry of patches. They end up inconsistently applied and systems stay vulnerable.

It’s not magic that keeps Macs safe, it’s basics.
Aktariel Says:
June 18th, 2010 at 3:37 pm
Also, Unix.
lava Says:
June 19th, 2010 at 1:54 pm
It’s also a shame, Ed, that you are being conned by Sopho’s deliberate confusion of the terms “Trojan” and “virus.”

What Apple has done here is make sure some known Trojan’s can’t be run, even if the user tries to do it. Anyone can make a Trojan for any platform because BY DEFINITION Trojan’s seek out the user’s permission to run.

A virus doesn’t. To date, there are no known viruses on Mac OS X.

It’s funny how the OS X platform has doubled and doubled again over the years, yet writers like you still think OS X gains security through obscurity. How many tens of millions of users does it take before the platform is big enough that you finally wake up and realize the platform isn’t “obscure?’

Rather, as Hamranhansenhansen note, Apple users update their software so quickly and rapidly that no matter how large the platform is becoming, Apple has really de-incentivized virus writers from the platform even as Mac OS X continues to grow 30-40% per year.
sadandmad Says:
July 27th, 2010 at 4:13 pm
Strange, but I've heard about viruses for Mac. Moreover I've heard about anti-viruses!
The quantity of viruses for macs will grow as the number of mac users grow.

As for me, I use secure delete mac tool for avoiding malware.
Invisible_Jester25 Says:
August 22nd, 2010 at 11:54 am
What I think is just sad is that Mac users continue to ignore a growing problem. Eventually, you won't be able to patch the system fast enough, or else there will come a virus that can impede patching.

Five years ago, Microsoft was slow to respond to viruses and other malware threats. Now their system is considered "unsafe". Now Apple has the same problem. For the love of God, you guys say your system is so much better than a PC's system, so prove it by acknowledging you aren't perfect. Macs are not perfect, nobody is perfect, and the computer wars are quite frankly silly.

Also, Linux is barely used; I think mainly servers use it anyway. Oh, and there was a trojan discovered for a release of a Linux distro, too, so let's not get too cocky, now. 🙂

The Weird History of Windows
Laptopia: Twenty-One Totally Bizarre Laptops
Fifteen Classic Game Console Design Mistakes
The Thirteen Greatest Error Messages of All Time
When the Muppets Worked for IBM
Tech Products That Were Brilliant. And Doomed
The Legend of the Legend of Zelda
15 Breakthrough Products That Went Absolutely Nowhere
The 25 Most Notable Quotes in Tech History
How 1940s Whiskey Ads Predicted the Future
The Great Operating System Games
The Weird Secret Origin of Tech's Favorite Insult

Technologizer by Harry McCracken

Apple Sneaks in Malware Protection in Mac OS X 10.6.4

6 Comments For This Post

The Weird History of Windows

Laptopia: Twenty-One Totally Bizarre Laptops

Fifteen Classic Game Console Design Mistakes

The Thirteen Greatest Error Messages of All Time

When the Muppets Worked for IBM

Tech Products That Were Brilliant. And Doomed

The Legend of the Legend of Zelda

15 Breakthrough Products That Went Absolutely Nowhere

The 25 Most Notable Quotes in Tech History

How 1940s Whiskey Ads Predicted the Future

The Great Operating System Games

The Weird Secret Origin of Tech's Favorite Insult

Technologizer Info

Technologizer Everywhere

Technologizer Topics