(ISC)² Links

(ISC)² Twitter Updates

  • (ISC)² Twitter Updates

    CATEGORIES

    Archives

    More...

    About the
    (ISC)² Blog

    • (ISC)² believes in the importance of open dialogue and collaboration, between both (ISC)², its certified members and members of business and society.

      (ISC)² established this blog to provide a voice to its certified members, who have significant knowledge and valuable insights to share that can benefit the information security industry, the people in it and the public at large.

      The postings on this site are the author's own and don't necessarily represent
      (ISC)²'s positions, strategies or opinions. (ISC)² does not control, monitor, or endorse any links provided in this blog and makes no warranty or statement regarding the content on any linked website.

      Those who post comments to blogs should ensure their comments are focused on the topic at hand. (ISC)² reserves the right to remove any post or comment from this site.

      Should you find objectionable content in this blog, please notify us as soon as possible at blog@isc2.org.

      Please click here for FAQs.

      Please click here for the Blog guidelines.

    « Should the CISSP CBK be improved to place greater emphasis on “human factors” in information security? Definitely Yes! | Main | Cloud Computing - My concerns »

    27 August 2009

    Bundling Security with the OS

    Mac OS 10.6 (Snow Leopard) is being released tomorrow, and with it a much-improved version of File Quarantine, security software bundled with OS X.  CNET posted an early review of the OS and states "File Quarantine checks for known malware signatures and displays an alert dialog if it finds a known offender and will be automatically updated via Mac OS X's software update as new malware signatures are found in the wild."  This levels the playing field somewhat between it and the latest versions of Windows because, the article continues, "Leopard has some ASLR but everything is not randomized and Leopard has no DEP."

    So I am wondering if the best security software for an OS is that which is bundled with the OS.  Why?  It's akin to complaints made by software vendors since Windows 95, that Microsoft knew all the secret hooks and APIs of their OS but only shared some of them, reserving the best ones for their own software, which gave them an unfair advantage (so the complaint goes.)  Perhaps in a perfect world OS providers would share everything with everyone and so any vendor had the chance to create the best-running software for an OS.  But not everything is Linux and open source (sorry, couldn't resist.)

    So, since Apple knows OS X best, who better to develop security software for that platform?  The same goes for Microsoft and Windows. 

    But where does this leave security software companies?  Perhaps if Apple and Microsoft partnered closely with these vendors, all would benefit, including the customer.  Otherwise, we hope Microsoft will bundle the best possible security software with Windows (the beta version of Microsoft Security Essentials is getting great reviews) and Apple's OS 10.6 really delivers some improved security tools. Snow Leopard will be interesting from a security perspective, regardless of what OS you are a fan of.

    Posted by on 27 August 2009 at 10:29 AM in Franke, InfoSecurity Sales & Marketing, Malware, Secure Software, Software Development |

    TrackBack

    TrackBack URL for this entry:
    http://www.typepad.com/services/trackback/6a00e54f109b6788340120a57be7f6970c

    Listed below are links to weblogs that reference Bundling Security with the OS:

    Comments

    Thanks, this is a very informative post. Hope that Microsoft will have a strong security for the protection of our pc and our private files.

    Posted by: Dentist Thousand Oaks | 23 September 2009 at 02:23 AM

    The comments to this entry are closed.

    Enter your email address:

    Delivered by FeedBurner

    Recent Contributors

    Past Contributors