Comment Articles

The Apple of Symantec's eye

Fran Foo ZDNet Australia

Published: 28 Sep 2005 17:05 BST

...keep mum in such instances. As clearly stated on its Web site: "For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available". It was Symantec and the French Security Incident Response Team that labelled the flaws "critical".

The media is used to the silent treatment from Apple.

When the recent Symantec report was released, I asked Apple to counter the allegations made by the antivirus company.

The response was plain disappointing. "Apple does not comment on another company's claims. We expect users to be vigilant about security and take whatever steps are necessary to secure their operating environment. According to Sophos, the top 10 viruses listed do not impact Mac OS X," Apple Australia spokesperson Debbie Kruger said.

Apple didn't respond when asked if OSX/Weapox was such a menace — as Symantec claimed — to its users.

Of course, there's more to security threats than viruses and worms.

Antivirus firm Sophos believes the malicious software Renepo (alias Opener) is plain nasty. "It turns off system accounting, turns off the OS 10 firewall, turns off auto updates, turns file-sharing on, opens an SSH back door, downloads and installs an open source video conferencing program and opens it in 'do not advise the user mode'," Paul Ducklin, Sophos Asia-Pacific head of technology, told ZDNet Australia in a previous interview.

While Macs are safer compared with Windows, Ducklin thinks the existence of Renepo should be a "sanitary reminder" that bad things can happen.

There's not doubt that Mac users believe they operate on a superior platform — when you pay for a BMW, you expect a luxury car, not a scooter — but to allude that OS X customers are living in a world of fantasy is fancy on any vendors' part. If Symantec or anyone else hopes to "educate" Mac users on security, here's a word of advice: don't go it alone; speak to Apple and let the voices at Apple carry the message.

Antivirus makers like Sophos and Symantec have thrived under the auspices of Microsoft — the vulnerability of Windows and related products have helped create and sustain these companies. Isn't it blindingly obvious why Mac users are immune to the "advice" from these players?

Do Mac users think they are immune to security problems or is Symantec and others fishing for a new revenue stream? Do you think Apple should start following Microsoft's model by rating vulnerabilities and patches? Use talkback below to let us know what you think.