Apple Talks up Security

Apple has posted a new page on the Apple site dedicated to Snow Leopard security. Some claim this is Apple's acknowledgement that security issues impact Macs as well. While it is true that security issues impact Mac as well as PCs, it doesn't seem clear that this is why Apple has taken this about face. Indeed, the Snow Leopard security page reads less like an acknowledgement that Mac malware exists and more like a marketing pitch to assure users that Macs come with built in safety features. In fact, except for the title mention of Snow Leopard at the top of the page, the remainder of the page simply refers to "OS X" and thus gives the mistaken impression that the security features discussed apply to all versions of Mac OS.

Despite the word play, the most basic of Mac security features is still missing from Snow Leopard (and previous versions) - the Mac firewall is still not enabled by default. Almost as bad as not having it turned on - when users do enable it they won't be getting the level of protection typical of nearly any other firewall on the market. Instead, basic features such as 'stealth mode' (not responding to unsolicited inbound requests) won't be enabled when the firewall is turned on and must be configured separately.

Even fully configured, Mac firewalls leave much to be desired. Mac OS versions prior to 10.5.1 don't even include an application level firewall - a feature standard in most PC firewalls today. And while an application level firewall is offered in 10.5.1 and above, it doesn't offer the ease of permission-based access afforded by the most rudimentary firewalls available to PC users.

On the plus side, Apple is at least acknowledging that Macs aren't immune to malware and that Mac antivirus is a good idea. But that footnote is far less pronounced than the Apple lead in that "Mac OS X is designed with security in mind. Its built-in defenses help keep you safe from viruses and malware without the hassle of constant alerts and sweeps." I would argue that Mac OS X Leopard appears to be marketed with security as a sales pitch. Its most basic built-in defense - the firewall - isn't enabled by default and its features are lacking.