For possibly the first time ever, Apple is recommending Mac OS X users deploy anti-virus solutions -- but it remains unclear exactly why.
"I almost fell out of my chair when I read that article (from Apple)," Kevin Finisterre, a security researcher who headed a project in 2006 that published an Apple vulnerability each day for a month, told SCMagazineUS.com. "I had some sort of little tune playing in my head triumphantly, no joke. I think it was a wise move. Support from Apple will go a long way in pushing mentality changes for Mac users."
Exactly why the computing giant decided to quietly issue the support note on Nov. 21 is unclear. But the move has some security experts praising the company, whose operating system has long avoided the wrath of malware that historically targeted Windows platforms.
"Apple encourages the widespread use of multiple anti-virus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus-writing process more difficult," the support note said. Apple recommended solutions from Intego, Symantec and McAfee. An Apple spokesperson did not return calls requesting comment on Tuesday.
Apple's market share is surely growing, buoyed by a series of "Mac vs. PC" commercials that billed the security of Mac machines as superior to that of Microsoft. But as the number of users grow -- research firm NPD in May estimated MacIntosh U.S. market share at 13.8 percent, up 9.5 percent from a year earlier -- cybercriminals will be paying attention, say observers.
"Increasingly it's becoming higher on the radar for the virus writers and trojan writers," said Mac enthusiast Joel Esler, a security consultant and incident handler for the SANS Internet Storm Center. "But I still haven't seen anything that is really threatening the OS X platform in terms of a worm or trojan. I haven't seen any real, true pieces of malware that come out there and affect every OS X machine that's on the internet."
Esler said Mac users are most at risk to Windows-based malware that is sent to them via email or by malware that is targeting third-party applications, such as Flash, within the OS X.
Still, the prevalence of Mac-specific malware appears on the rise. For example, Mac security firm Intego last month reported the circulation of a new variant of the RSPlug trojan, which was discovered on several pornographic websites.
Intego spokesman Peter James said malicious code written for the Mac OS X may be one reason why Apple is encouraging users to download anti-virus technology. Or, he said, it could be a suggestion from the legal department "as a kind of disclaimer" considering the commercials in which Apple flaunts its security.
Another possibility is that the company is responding to customer inquiries about which AV solution they should run. Or it could be a clear money-making ploy: Users can buy the security software from two of Apple's suggestions -- Intego and Symantec -- in its online store.
Whatever the reason, businesses, especially the larger ones, likely are already running security software on their machines, whether they are Macs or PCs, James said.
"They generally have a security policy where all client computers must have anti-virus software," he said. "The Macs inherit the security policies of the PCs."
Another mitigating factor for enterprises: The Mac OS X Server includes built-in protection from ClamAV, an open-source security product that scans emails for malware, Esler said.
See original article on scmagazineus.com
Apple advises Mac users to install anti-virus software
By Dan Kaplan on Dec 3, 2008 10:15AM