Will the Mac App Store keep malware at bay?

Filed Under: Apple, Malware, Vulnerability

App Store LogoThe blogosphere is abuzz with talk of convergence between the smartphone, tablet and laptop device markets. Apple, who have led innovation in at least two of those areas, took another step down that path today with the release of version 10.6.6 of OS X.

As well as fixing a vulnerability in the Software Update program, this new update introduces the Mac App Store.

App Store has been key to the success of iPhone and iPad. It turns the chore of finding, downloading and installing apps from a huge range of software vendors into a simple pleasure.

Because Apple also vet apps according to some very strict rules, it also takes much of the risk out of the process. Apple have so far proven very effective at keeping bad stuff out of the Store.

And last but not least, it also gives Apple a nice additional revenue stream. Apple are clearly hoping that the App Store's success will carry over to the Mac.

Others will no doubt comment on App Store's usability and content, but what does does it mean for security?

On the plus side, all software on the Mac App Store will be vetted by Apple, just like on their mobile platforms. The long list of rejection criteria ranges from the specific (Apps that request escalation to root privileges) to the vague (Apps that are not very useful). These rules have certainly been the source of controversy in the development community in the past, but for App Store users it allows them to buy and download Apps with peace of mind.

But App Store alone cannot provide complete protection.

On the iPhone and iPad, the App Store is the only authorized way for users to download and install new software. By creating a walled garden (or maybe a walled orchard) where only vetted Apps are admitted, Apple have created a very safe environment. Traditional binary malware attackers are locked out.
Screenshot of popular App Store appsOn the Mac, the App Store is just one more way of deploying software. You can still download and install software the old-fashioned way and so you still need to be on your guard.

Another area of concern is the black market for pirated apps. As the Android community has been discovering this is an almost inevitable consequence of the creation of a thriving legitimate marketplace. While users who are willing to pay for their Apps are likely to remain relatively safe, those who are prepared to run pirated software expose themselves to downloading fake or maliciously modified apps. To do this on an iPhone requires the irreversible and deliberate step of jailbreaking the phone, but not on the Mac.

Finally, many popular, serious and widely-used Mac applications will likely fall foul of the App Store's strict criteria. For example, applications like VMWare Fusion or Parallels rely on Kernel Extensions (kexts) and other banned techniques to interact with the operating system.

Security products are also likely to fall foul of these rules. Any anti-virus tools made available through the App Store will be limited to performing on-demand scans of files and folders that you can access without requiring elevated privileges. Without kernel extensions they cannot protect you as you download, copy or run stuff, and without using their own channels for updates they may have to compromise on the effectiveness of their scanning. They certainly can't claim to provide an effective barrier against infection.

So while the App Store certainly makes it easier to get hooked on the latest levels of Angry Birds, on its own it doesn't do much to address the security and privacy problems to which we are all exposed.

, , , , ,

You might like

3 Responses to Will the Mac App Store keep malware at bay?

  1. Amir · 1362 days ago

    Jailbreaking is reversible, I'm pretty sure it is
    anyways, unless they've changed it.

  2. Casper · 1360 days ago

    Sounds a bit like the Ubuntu Software Centre.

    • John Faux · 1359 days ago

      thank you the open source community have had this for a long time apple (and soon M$ are jest playing catch up) fyi im using a mac and i love it but i do realize a lot of the hype i mean if ubuntu could run adobe cs5 and a few other apps i would switch to it in a hart beat unfortunately ubuntu (and all forms of linux) are limited to the fact that there not popular and adobe will not and likely never make there higher end software for it :(

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Rich is a Senior Product Manager with responsibility for Web Protection across Sophos's product range. He has been with Sophos for so long that his first job involved mailing out anti-virus updates on 5¼" floppies. Feel free to contact him by email.