Posted on 08/25/2009 6:20:54 PM PDT by Star Traveler
Intego Spots Malware Blocker in Snow Leopard
August 25th, 2009 at 5:40 PM
by Bryan Chaffin
Snow Leopard contains a malware blocker, according to Mac antivirus software developer Intego. The company posted a screenshot of a warning dialog box on its blog that it said was from Snow Leopard, the Mac OS X 10.6 upgrade Apple is shipping on Friday.
"We're not sure yet exactly how this works," the firm wrote, "but the above screen shot shows this feature working with a download made via Safari, detecting a version of the RSPlug Trojan horse in a downloaded disk image."
If the screen shot is legit, it would suggest that Apple has added some form of malware scanner into the operating system. Malware is typically used to describe applications that either tag along with otherwise legit downloads (or in pirated software), or are simply not the download they are purported to be.
The news coincides with the introduction of two new commercials from Apple that tout the Mac platform as being the answer for people tired of dealing with "thousands of viruses" and other hassles on their PCs.
While there are no known Mac viruses in the wild, there has been an increase in trojan horse malware aimed at Mac pirates in the last year. Such a tool in Snow Leopard could well further protect Mac users out of the box.
A built-in virus/malware checker in Snow Leopard?
Here’s the link for Intego VirusBarrier for the Macintosh OS X ...
http://www.intego.com/VirusBarrier/
But, I’m not saying that you need it... :-)
Mac needs a VirusBarrier?
No..., but companies still try to sell them anyway... LOL...
Actually, I have that particular one (called Intego VirusBarrier), and it doesn’t work... I’ve never gotten a peep out of it in year and years... :-)
Must be broke!
Where’s that Apple ping list? (he asked while eating fresh picked apples)
Ummm...., I may be wrong, but I don’t think it’s “swordfish”... :-)
Malware detection coming in Snow Leopard?
by Michael Rose
Aug 25th 2009 at 9:00PM
We usually look at news updates and blog posts from antivirus vendor Intego with a bit of a gimlet eye, since the company has been known to spread a little bit of that good old FUD when it comes to the everyday risk of malware faced by most Mac users (that is to say, pretty much none). Today, however, the Intego blog pointed out an unheralded feature of the forthcoming Mac OS X 10.6 Snow Leopard update: some basic malware checking built into the operating system, reported by users of the beta version.
As the post notes (and sites such as The Register and ZDnet corroborate), when a problematic DMG is downloaded or mounted — containing one of two known malware components — the Finder throws the alert pictured above, warning the user not to install the software in question and to throw away the disk image. While this is a nice touch for the two security risks in question, The Register notes that the filter appears to only catch files downloaded through some of the more common apps (Mail.app, Entourage, Safari, Firefox and iChat among them) but not files copied over from removable media. It doesn’t cover the wider gamut of threats out there, nor would it detect or block Windows malware that a Mac user could unwittingly transmit; for all of those scenarios, a true AV app (paid or free) is what the doctor ordered.
http://www.tuaw.com/2009/08/25/malware-detection-coming-in-snow-leopard/
Thanks, I’m drinkin’!
If you want on or off the Mac Ping List, Freepmail me.
To my way of thinking an OPERATING SYSTEM should protect the computer it is running from malware of all kinds and any other attempt at intrusion. If it can't do that, it's a pretty poor OS.
That’s seriously cool. Even on Windows, most of the viruses are actually Trojans. By checking installation packages out before installing, it can stop a lot of “social engineering.” Clever.
It’s a good idea, if true. Any OS is only as safe as the wetware behind the keyboard. Some folks got infected earlier in the last year or so by downloading infected images of commercial software from warez sites. After all, when you download “free” software and think you’re saving hundreds of dollars, you’re inclined to say “yes” to the authentication request that comes on install. Whoops— you just authenticated the installation of some Bad Stuff.
So, it’s a smart thing to build into an OS and/or into a browser. The former would make more sense—in the image or disk-mount module, to be specific—as it would protect any browser, torrent client, thumb drive or other vehicle the user might employ.
This is bad news for the antivirus/anti-malware folks, though. About the only thing their software has to do on OS X is pass judgment on disk files and images.
I’m using 10.5.8 and have wondered if I can forward malware in a email that I received to a pc user...
That commercial software you’re talking about was actually *free* anyway... It was one of Apple’s trial packages. Now, if you didn’t want a “trial package” you still had to get it anyway (the online version anyway, not the boxed version at the Apple Store), and then convert it over to the “paid version” with a number that Apple gave you after you paid online.
So, Apple was giving it away for free online anyway. Now, this was jamming up Apple’s servers, as everyone was “hitting it” right at the beginning and so, many times people will put up a copy on the P2P networks. So, what some guy did was add some bad code to it.
However, the problem was *not* that people were trying to download commercial software for free — because it was *free* already from Apple... LOL...
—
And in what else you were saying, I don’t think that this is going to put a crimp in the Anti-virus companies, because they’ve been selling their software anyway — even though no one has needed it before... :-)
Heck! I even got one copy from them, too (and I did that even though I knew I didn’t need it).
The only reason why I got it, was because I figured that it could scan my e-mail for *Windows* viruses, so I wouldn’t accidently send one on to another user, inadvertently... That sort of thing wouldn’t have any effect on a Macintosh, but it’s possible for it to remain in the e-mail and be sent on to another Windows user, if you forwarded it...
Oh... that’s weird... because I was just answering that in my last post... the answer is yes you can, as a Macintosh user, even though it will have absolutely no effect on you... (on the Macintosh)...
So, that’s why I have had a anti-virus checker checking on my e-mail... :-)
“Isn’t that what an OS SHOUD do? PING!”
Every time this issue comes up it sets me off. This is exactly what MSFT should have done from the start. Who else could have gotten away with a product so full of holes for so many years and leave it to third party vendors to try to resolve? If this is indeed a part of Snow Leopard, it’s brilliant! (On the other hand, why is this the first we’ve heard of it? Leaves me a bit suspicious. We’ll see on Friday.)
You can. Which troll do you have in mind?
Probably uses ClamAV to scan incoming downloads, the downloads folder, and desktop. It probably also triggers when a user attempts to open a downloaded application or disk image for the first time.
Didn’t Apple incorporate ClamAV into its server product? I think I remember seeing it in the documentation in regards to the email server.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.