I just recieved an email from eWeek Channel Insider with the subject line "Snow Leopard Tarnishes Apple Security" where the title of the top story was "Snow Leopard, Patches Take Security Shine Off Apple." Clever, but the author's assertions are false and not very well thought out. The multitude of Microsoft ads on the site should give some indication of which direction this publication leans. After all, they do make their money through advertising and not through the free subscriptions they dole out. You have to make the advertisers happy if you want to keep that business model rolling. Let's address the security issues that Larry Walsh raises and address where he is mistaken.
1. "For the first time, Apple included anti-virus software in an operating system. The inclusion of anti-virus protections in Snow Leopard has given some security pundits pause."
First, I would love to see the author's definition of "some" Is it one, two or an entire group. I suspect it is a really small number making up less than one percent of the field. The term "some" is to subject to interpretation.
I applaud Apple's inclusion of anti-virus software. It is a bold and justified move. Sure, I used to be one of those people who would slyly say things like "Why would I waste my money on anti-virus for Mac when there are no viruses for OSX?" But someone made a point to me that as an IT Director for a Microsoft Gold Partner really struck home. If I were to receive a virus on my Mac, I would not be affected. However, should I forward that message to a Windows user, nine times out of ten that user will infect themselves with the virus. It is a matter of being a good net-citizen. People call this same behavior in Open Source sofware a microcosm of communism, but I tend to agree that we should all try to help look out for the little guys who don't know better and are incapable of protecting themselves. Besides, it's not their fault that their operating system of choice is so ridden with vulnerabilities that you have to purchase a multitude of third party software products just to have an illusion of security.
2. "Snow Leopard came with the added headache of decreasing the security protections for those using Adobe Flash."
True. The version of Adobe Flash that ships with Snow Leopard is version 10.0.23.1 instead of the more secure 10.0.32.18. But why is that Apple's fault that Adobe provided them with a faulty version for distribution? If Windows shipped with a third party software product that had vulnerabilities, Microsoft would not be held accountable. People would be trashing the third party software vendor for not staying on track. Remember - Apple does not develop Flash. That is the exclusive domain of Adobe. Their software should be able to detect that it is a vulnerable piece of software and that there is an update available. That Adobe did not include any such mechanism in their software is the fault of one entity - Adobe.
3. "Just Yesterday, Apple released fixes for 15 security vulnerabilities in Java for Mac."
Allow me to use my same argument as with Adobe. Java is currently a product of Sun Microsystems and soon to be that of Oracle Corporation. Why is this Apple's responsibility? Java has a mechanism for security updates. Nobody seemed to mention that they published a Java update at about the same time for Windows machines that use the software. And it was not published by Microsoft, but by Java.
4. "Not only do Macs present an administrative headache for solution providers and IT administrators since they require separate management systems, they are far from being the security panacea that users would like to believe they are."
As an IT Director, I love my Mac. I use one at work and have two at home. I can do administrative tasks on the Mac that are not possible on Windows. And this just to manage Windows networks. I have yet to have any security issues with my Mac, but cannot count the number of issues I have had under Windows. And if a network administrator is familiar with their job, the only administrative headache they will have is with repairing issues for their Windows users.