Mac OS 10.6 (Snow Leopard) is being released tomorrow, and with it a much-improved version of File Quarantine, security software bundled with OS X. CNET posted an early review of the OS and states "File Quarantine checks for known malware signatures and displays an alert dialog if it finds a known offender and will be automatically updated via Mac OS X's software update as new malware signatures are found in the wild." This levels the playing field somewhat between it and the latest versions of Windows because, the article continues, "Leopard has some ASLR but everything is not randomized and Leopard has no DEP."
So I am wondering if the best security software for an OS is that which is bundled with the OS. Why? It's akin to complaints made by software vendors since Windows 95, that Microsoft knew all the secret hooks and APIs of their OS but only shared some of them, reserving the best ones for their own software, which gave them an unfair advantage (so the complaint goes.) Perhaps in a perfect world OS providers would share everything with everyone and so any vendor had the chance to create the best-running software for an OS. But not everything is Linux and open source (sorry, couldn't resist.)
So, since Apple knows OS X best, who better to develop security software for that platform? The same goes for Microsoft and Windows.
But where does this leave security software companies? Perhaps if Apple and Microsoft partnered closely with these vendors, all would benefit, including the customer. Otherwise, we hope Microsoft will bundle the best possible security software with Windows (the beta version of Microsoft Security Essentials is getting great reviews) and Apple's OS 10.6 really delivers some improved security tools. Snow Leopard will be interesting from a security perspective, regardless of what OS you are a fan of.
