Posted by: David Harley | March 14, 2013

Gatekeeper, Xprotect, and commercial AV

More comment from Intego on the Pintsize issue previously mentioned here (and many other places, in more detail…): More Details Surface About Recent Apple “Hack”

Almost as interesting is a comment made to that article from someone who suggests that if AV doesn’t detect unknown malware, that helps justify his not using it on his Mac. I’d say that’s a better justification for not relying on AV (or any other single layer of protection), and in fact that’s not too dissimilar to Lysa Myers’ response to that comment.

However, I suspect that what the first comment was about was the assumption that once a threat is known, Apple itself will build detection into OS X, as it has indeed been doing quite consistently for a while now. However, even if we can assume that Apple’s response will be as timely as that of a commercial product, I’m not sure you can assume it will be as effective in terms of heuristic detection of future variants as a specialist product. Perhaps I should come back to the Apple versus commercial AV product again: I’ve a feeling that argument will run and run…

David Harley 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: