A few years ago, we ran a huge event in Switzerland: We offered people in Switzerland to come to us (we were for a whole week at the airport in Zurich) with their PC and we check it for malware, patch it etc. We did this with a lot of partners and had live TV coverage at primetime in Swiss TV. A huge success and a lot of people came! However, we wanted to do it in partnership with Apple – well, I am not sure whether “partnership” would have been the right term: We offered them the Internet access, the network, the room, etc. They would just have had to bring the people.
The Swiss team seemed to me to have wanted to join in but the ww management decided that they do not want to do that “as Apple does not have a security problem”.
And then we had this funny event: Apple Recommends Running Multiple AV Engines and a day after Apple pulled the advisory Article was Bogus: Do Mac Users not need Anti-Virus Protection?
Honestly, the whole discussion is ridiculous as Cybercrime is a fact of life and so is malware. As soon as Apple users become a profitable target on some scale, they will be attacked. Everybody who thinks differently puts their head in the sand.
And now finally Apple arrived in today’s world: Apple Acknowledges OS X Malware and on their website they write:
The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100 percent immune from every threat, antivirus software may offer additional protection.
I think that this is a big and a very good move! I would now welcome Apple to join the industry communities like SafeCode to work jointly on getting products more secure or initiatives like 2CENTRE to train law enforcement. I am a big supporter of industry/government collaboration but when it comes to Law Enforcement, there are often not too many companies at the table.
Security to me is not only products and processes. It is about partnerships!
PingBack from http://securityandthe.net/2009/06/12/apple-admits-mac-os-users-can-get-viruses/
They say the Mac has "Library Randomization". What exactly does this mean? It sounds vaguely like ASLR but I was positive that doesn't exist on the Mac.