Apple has had lots of success thinking differently when it comes to technology - creating beautiful, fun-to-use products in category after category. But Apple is no innovator when it comes to Mac security. In fact, the best hope for the company’s Mac security efforts right now may be to emulate Microsoft Windows!
Fortunately, Mac OS X Mountain Lion, scheduled to ship in July, does exactly that. On Monday, Apple released an update for Mountain Lion Developer Preview 4 that introduces a new Security Update system. The update was made available through the Mac App Store, according to the MacRumors blog.
Mountain Lion Emulates Windows
With Mountain Lion, Mac OS X will check for security updates daily and give users the option of installing patches automatically or after restarting their systems. This common-sense security approach has been part of Windows for years.
Nevertheless, it’s a welcome addition in the wake of the infamous Flashback malware that compromised more than 600,000 Macs, roughly 1% of all in use, in April. The largest Mac infection ever occurred after Apple waited six weeks to release a patch for known vulnerabilities in the Java application platform. It seems Apple learned a hard lesson from that debacle.
Along with improving the update feature, Apple is making the connection between customers' Macs and its servers more secure. Microsoft recently did the same with the connection between Windows and its update servers after the discovery that the Flame cyberespionage virus used the Windows Update tool to spread within a corporate network. Flame is believed to have been created in Israel to steal information from Iranian computer systems.
So, now that Apple is finally getting with the security program, Mac lovers can sleep well at night, right? Yes and no.
Business Issues Remain
Consumers will certainly be better off with Mountain Lion, but businesses have yet to get what they need most – details about Mac vulnerabilities. Paul Henry, security and forensic analyst for vendor Lumension, says, “Apple seems to stay in the shadow of Microsoft when it comes to vulnerability management.”
While automatic updates are great for consumers, they work only for the smallest companies. Most businesses insist on testing updates before installing them to make sure the change doesn’t break anything. In addition, companies want to know whether the vulnerability being patched is important enough to warrant taking multiple systems down temporarily. None of that can be determined without lots of details, and Apple remains secretive when it comes to Mac vulnerabilities - even those being fixed.
“We have a long history of patches breaking things, and no one in the enterprise is simply going to turn on automated patching and walk away,” Henry says.
Apple has made security improvements to the Mac OS X kernel and to FileVault in Mountain Lion that are steps in the right direction for helping businesses. But experts say much more needs to be done.
Apple has certainly come a long way since the days - not so long ago - when it claimed the Mac “isn’t susceptible to the thousands of viruses plaguing Windows-based computers.” However, the company has yet to demonstrate its trademark innovation in Mac security. That approach hasn’t hurt Apple’s computer sales yet, but the company’s luck may not hold forever.