Apple gives us a “sneak peek” at how Gatekeeper will work in Mountain Lion. It will have three basic settings:
- Install and run only apps from the Mac App Store
- Install and run apps from the Mac App Store and apps that have a Developer ID
- Install and run apps from anywhere.
Control-clicking allows the user to override his default setting, so the decision on whether to install remains with the user. Hmm. A bit reminiscent of Alan Solomon’s perfect antivirus, that. But it turns out that it doesn’t matter, because “While malware is one of the biggest security challenges on personal computers, it’s hardly an issue on a Mac.” If you say so, guys. Though 700,000 Flashback victims (allegedly) might not agree. Still, it appears that Apple was very quick off the mark when it came to addressing a technique for unlocking jailbroken iPhones using SAM. Quicker than it was at patching Java…
Talking of Flashback, Symantec throws in some research data , in this case on the financial motivation behind it: OSX.Flashback.K – The motivation behind the malware – $$$. Ryan Naraine’s article Mac botnet generated $10,000 a day for Flashback gang also refers.
Kaspersky gives us a summary of Bad Apples: Mac Malware through the Years, though actually, it consists of a few highlights, rather than a comprehensive history, covering somewhat similar ground to Sophos’s History of Mac malware: 1982 – 2011.
And Paul Wagenseil quotes Mikko Hypponen and Jonathan Zdziarski in response to Eugene Kaspersky’s observation that Apple is ten years behind Microsoft in security terms. Oddly, I’ve been asked three times for media comment on that, but none of it has appeared. If you’re interested in my opinion, you may have to wait until I put it up here. Which I rather think I will, some time this week.
David Harley CITP FBCS CISSP