Chester Wisniewski warns that Apple’s minimal anti-malware by stealth isn’t comprehensively effective even against the tiny proportion of Mac-targeting malware it has detection for: Apple’s XProtect updated in OS X 10.6.7.
While in Apple users left to defend themselves against certificate attacks, Chet also summarizes some research by Mike Shannon on how to configure a Mac so as to mitigate the impact of fraudulent SSL certificates by enabling certification revocation status checking. (It’s all very well a company like Comodo acting promptly to revoke certificates obtained fraudulently, but you really want your browser to know about the revocation.) He describes how Safari and Chrome can be configured using Keychain. Opera and Firefox have OCSP (which Comodo supports) enabled by default, but he also describes how to import Certificate Revocation Lists manually for certs that don’t support OCSP.
More links about the Comodo certs issue:
Back in the world of malware, Lee of Security FAQs asks: With The New Beta Backdoor Trojan For OS X, Is It Time For Mac Users To Start Worrying? He doesn’t counsel panic, but does suggest rational risk evaluation, and I’m not going to argue with that. More on those beta Trojans at http://macviruscom.wordpress.com/?s=darkcomet.
David Harley CITP FBCS CISSP
Small Blue-Green World