Security vendors dismiss Snow Leopard anti-virus

Security vendors have been quick to dismiss the anti-virus capabilities in Apple's new Snow Leopard operating system.

Mac OS users will be notified if they are downloading malware with a message reading that the file "could damage your computer" and that users should "move it to Trash".

However, Rik Ferguson, senior security advisor at Trend Micro, said on the firm's Counter Measures blog that the malware detection in Snow Leopard uses rather basic pattern-matching techniques, and offers no real-time updates or scanning.

"Although I welcome any attempt by Apple to keep its growing user community safe and secure, the malware detection released with Snow Leopard can only be described as rudimentary at best. Files are only scanned at time of download and, even then, only when downloaded by certain applications," he wrote.

"Malware has existed on the Mac platform since pre-OS X days, as have anti-malware tools. However, the radical change in the nature of the malware industry, coupled with Apple's huge success in recent years, means it is a trend which is now far more likely to be exploited for malicious ends and at the financial cost of the end user in the coming months and years."

Graham Cluley, senior technology consultant at Sophos, also welcomed Apple's recognition of the growing malware problem, but was critical of the protection offered.

"The protection only covers two families of Mac Trojan, and is not equivalent to a true anti-virus product. It won't protect you if you try to copy an infected file from a USB stick, for instance, and doesn't offer clean-up facilities," he said in a blog post.

"Indeed, Apple is at pains to insist that people should not describe this as an anti-virus."