Is Apple compromising the security of OS X by restricting some anti-virus applications from using its Mac App Store?
Once regarded as a safe platform, Apple’s Mac OS X has fallen victim to an increasing number of malicious programs as its popularity – and thus desirability and viability as a target for malicious coders – has increased.
While Apple has quietly changed the wording of its promotional statements about the operating system’s vulnerabilities (see photo, below) in the face of inconvenient and increasingly frequent news stories about new malware, anti-virus company Avast maintains that Apple could be doing more to make anti-virus software easier to distribute for Mac OS X.
[IMG ID=”169798f”]Apple changes claims regarding OS X security[/IMG]
Apple has recently changed its advertised statements regarding OS X’s security
Avast has a Mac version of its free anti-virus product, but, says Jan Gahura – program manager for non-Windows platforms, Apple’s Mac App Store stands in the way of anti-virus products that wish to provide real-time security.
According to the Mac App Store Review Guidelines, the store can’t be used to distribute apps that install kexts (loadable kernel modules, which are installed at a deep operating system level – and are required for Avast’s real-time virus scanning to work, among other features) or “use update mechanisms outside of the App Store”.
The latter means that the regular signature updates that anti-virus software relies upon to recognise the latest malicious updates can’t be delivered directly. In Avast’s case, updates are delivered in real time on average of 20 times a day. However, as every update would have to be individually submitted to and approved by the App Store – a process that can take weeks – your anti-virus suite’s signatures would be so far out of date as to render the software useless against the latest, constantly-evolving threats.
Avast – along with rivals including Symantec and Sophos – has opted to distribute its software independently via its own website rather than the App Store. However, this means that users who don’t feel comfortable installing software that hasn’t been checked and approved by Apple, or who don’t even think to look for independently distributed Mac software, are left out of the loop.
Some anti-virus makers have acceded to Apple’s criteria for inclusion in the Store, but have had to restrict their functionality to on-demand or scheduled scans only, without the realtime protection that’s common to most modern Windows security software.
It remains to be seen whether such restrictive App Store policies will hold up in the face of a future increase in OS X malware. Or whether Windows 8, with its own App Store, will start to move in this direction too.