Norton Returns: Malware and Anti-Malware on the Mac

 
 
By Larry Seltzer  |  Posted 2008-12-18
 
 
 

There's been some talk lately about malware on the Mac and whether users need anti-malware software. Clearly the situation is nothing like on Windows where going on the Internet without an anti-malware program is like taking a walk out on the Interstate; the question isn't if you'll get hit, but when.

There definitely is malware on the Mac and some users do get attacked by it, but in all likelihood the numbers are small. It's odd, since there's no technical difference between the Mac and Windows that would make the Mac more resistant to malware; malware writers just don't bother with the Mac. But one day that could change.

Symantec will try to convince users they need protection by releasing a new Norton Internet Security for Mac. It's a lot more than just anti-virus; even if you scoff at the notion of anti-virus for the Mac you must admit that Mac users are subjected to spam, phishing, network attacks, and other threats, and NIS for the Mac protects against these. The presentation I got focused more on the firewall than anything else. They're quite proud of the firewall, which they think is the best for the Mac.

There's another cool feature which would appeal to me as a Mac user who ran Windows in a VM: Norton Internet Security for Mac Dual Protection also includes a license for NIS for Windows to run in those VMs for only $10/year more. That's a smart product to offer.

What if some of the more talented Windows malware rackets decided to try to squeeze out some extra action by targeting the Mac? Almost all malware on Windows these days gains entry to the system through social engineering, and I'll assume that Mac users are no less gullible than Windows users. There are also plenty of ways one could specifically target Mac users, although I won't go into them here.

Were such a thing to happen it could be smallpox and the Indians all over again: A large and unprotected population could be devastated quickly. True, OS X has many safeguards built in, but there are ways around that, especially if a vulnerability is employed, and there are lots of vulnerabilities in OS X. One of the ways that vulnerabilities get contained in the Windows world is that anti-malware companies spread definitions of known attacks, so that even if you're not protected against the vulnerability you may be safe from the attack. This level of protection is absent among Mac users.

So it could happen, but the fact that it hasn't happened after all these years makes it hard to argue that it's about to happen. I keep hearing how Mac market share is increasing; I'm not sure it's that significant a change, but a marked increase in market share would make the difference to malware authors and they would begin to target it. Where's that number? 20% 30% Even today's numbers are very large in absolute terms.

I also don't know how well previous Norton products for the Mac have gone. I heard good things about the OS 9 generation of them, but the previous OS X versions were not well-received. The product was last released in 2003 and it looks as if Symantec had abandoned the Mac, probably because nobody was buying their software.

Do they know something? Probably not, but they guess, as I just have, that conditions could be ripe for security software on the Mac to be more important than it has been in the past. If all goes well, or badly depending on your point of view, the next step is enterprise Mac security products.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983.

For insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer's blog Cheap Hack

Rocket Fuel