Websense and the Mac Threatscape

I apologise most insincerely to the pseudonym? family for commenting on an article that suggests there might be some point in protecting a Mac, but an article by Stephan Chenette seems to me to make some reasonable points, notably:

• the increasing volume of OS X vulnerabilities and patches
• the ability of the Weyland-Yutani crimeware kit to generate Mac malware

He talks at length about rogue AV for Mac, which will hardly be new to you, but is nevertheless not an issue to be ignored, and it’s a good summary. He also makes the point that these attacks on Mac users, not on the operating system. That’s not a new thought either, but I thought I’d point it out so that the brothers grimmly-pseudonymous? can go straight into a rant on why it only matters if it’s privilege escalation.

I don’t really agree, though, that Mac users are more vulnerable because Apple has less experience in security and product development. Apple may have a tendency to complacency and a three-wise-monkeys speak-no-evil-in-front-of-the-children attitude to security, but it has learned a lot over the last few years, and its security model is pretty good. But not impregnable.

And here’s a rather more sincere apology to David for getting in the line of fire of yet another fanboi broadside.

OldMacsAreTheBestHonestlyGuv Bloggit