![]() Flashback to the Future, you might say. In 2012, OSX/Flashback pushed the number of infected machines way, way up to 600,000 – 700,000 or 2.1%, depending on whose blog and marketing literature you read. ![]() OS X has seen a steady trickle of generic malware with the occasional Flash Flood to keep the stats above water. In recent years, the handful of threats has not just increased in number, but has in at least one case affected dramatic numbers of users.In fact, the percentage increase in the number of threats over the last year or two has been dramatic but that is in part because the starting figure was so low. But there are testing scenarios that are more-or-less unique to Macs and OS X, and offer unique challenges. Windows testing has moved on from static testing – at least, the better testers have. How could Mac anti-malware testing be made easier and more similar to real-world scenarios? Can a test be less realistic and ‘real world’ yet more fair and accurate? So what features and scenarios make Mac testing so much trickier? Apple’s intensive work on enhancing OS X security with internal detection of known malware has inadvertently driven testers back towards the static testing model from which Windows testing has moved on. Testing with all known Mac malware may be almost as quick – for a static test, at least – as using a smaller percentage of the most prevalent samples or families. Surely Mac testing, with that tiny potential sample population must be less contentious, with few threat families and generally lower infection rates?That tiny population makes finding a statistically meaningful number of samples less difficult for a tester with a comprehensive, up-to-date collection. We were going to count them before we presented the paper, but forgot to bring the magnifying glass. But compared to the hundreds of thousands of Windows-targeting samples ESET’s lab sees on a daily basis, the total number of unique OS X samples is tiny. We’re not about to give an airing to the usual fanboi ‘Windoze bad, OS X impregnable’’ stuff. Of course, we encourage you to read the paper – Mac Hacking: the Way to Better Testing? But this is the first article in a blog series, based on the presentation rather than directly on the paper, giving a more concise summary of our views. That’s what it says in the abstract for our recent Virus Bulletin paper, but that’s because it happens to be what we think. But as both Macs and Mac malware increase in prevalence, the importance of testing software that’s intended to supplement the internal security of OS X increases, too. ![]() While Macs have fewer threats there are fewer prior tests on which to base test methodology, so establishing sound mainstream testing is trickier than your might think, not least because so few people have experience of it. As Mac malware increases in prevalence, testing security software that supplements OS X internal security gets more important and more difficult.Īnti-malware testing on the Windows platform remains highly controversial, even after almost two decades of regular and frequent testing using millions of malware samples.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |