Flashback Ends Mac's No-Virus Reputation

We're coming out with a Mac product soon but in the meantime, if you're using a Mac, it would be worth reading through this article to be aware of the Flashback threat. Apple has released a fix tool for it but I'm quoted in there with a few thoughts on what might be coming next:

http://securitywatch.pcmag.com/none/296449-flashback-ends-mac-s-no-virus-reputation-experts-say

Any discussion?

 

Spell "Macs" backwards. Slightly exaggerated but effective one word summation of my thoughts on Apple. Sorry.

Microsoft Windows has ALWAYS been infinitely more secure. And sadly, as far as Lion may have come code mitigation/hardening wise, Apple proves time and time again with their slow patching and idealist, flawed attitude on security, that their level of devotion towards keeping users safe is off by a long-shot.

They do make some good stuff no doubt, but I haven't any interest in their products.

 

Since you were quoted in the article as saying ""it is tantamount to security suicide to run without a fully featured security product on a Mac operating system", would you recommend running another product in the meantime?

I said that in jest, but the point stands that while you haven't got anything to offer Mac customers presently, how else are they to protect themselves?

I'd like to think the prevalence of the Flashback trojan may speed up development of the Mac product.

Note: I do not use a Mac.

 

Joe, any time frame for the Mac version? I'm going to get an iMac in about a month for development purposes. If the product isn't out by then, I'd be happy to beta test it.

Kind regards,

Geri

 

I don't know how the other Mac AV vendors responded to Flashback so I couldn't recommend one in particular, but one recommendation I would definitely make would be to remove Java from your Mac unless you use it very frequently.

We are working very hard on the Mac product and will have it released this year. We're developing it as a full cloud implementation like WSA so it's taking longer than just a simple signature database, but we feel that it's going to be a much stronger product that will allow us to be future-proofed against the next wave of threats.

 

Even if users don't need it frequently, they can still have it installed, while still protecting themselves.

Unfortunately, many users got no idea that are things called plug-ins, and that most likely the web browser they're using, will allow them to set with which domain names the plug-ins can be used.

Unfortunately, this info doesn't get to the millions of users out there. Then, we also got another problem, besides Oracle being late in patches, and in this case Apple aggravating this situation with their own delay as well. That problem is that many people may have it installed, without realizing they have it installed, and they may not even know what it is for. For all they care, it's just something that's needed to be there.

Many computer shops (All?) pre-install all the software they believe the client will need, even if the client has no idea whether or not he/she will need it.

 

Hi Joe,

As I will be getting my iMac this week, any update on when the mac version will be available for testing?

Kind regards.