Should Apple bundle ClamAV with Mac OS X? I have a yes, a no and plenty of maybes in store for you.
For years, the simple fact an operating system vendor would bundle anti-virus software with his product had me rolling on the carpet, in a fit of hysterical laughter - a scary sight, if there ever was one. Why? Because people charging others to fix problems they have created just seems to me the lowest ever form of business there can be.
Yet, I cannot help but think there might be some ground for bundling an open-source application like ClamAV into Mac OS X. Before you reach for the comments section and recommend some chemical compound, here are my thoughts in greater detail:
- ClamAV is an open-source product and, as such, integrating it would not oblige Apple to sell its soul to another company and would not raise questions on the necessity to keep an ongoing partnership - something the company’s tense relations with McAfee proved was a bad idea.
- Again, ClamAV being an open-source product, bundling it would not mean Apple would be favoring a commercial competitor in the anti-virus market. There is already a built-in Mac OS X firewall, with an easy to activate on/off switch, which does not prevent other companies from selling other solutions.
- ClamAV runs remarkably well on Mac OS X but its team lacks experience with this platform. Perhaps bringing in Apple’s expertise could help further improve the project and help it stay at the top of the virus game - provided, of course, this collaboration is based on mutual respect.
- ClamAV would not only help prevent against trojan horses (and alleviate social engineering risks), it could be tied into Apple Mail, iChat, Bluetooth file transfer and a user’s Drop Box, helping all users secure their computers by default. Apple’s knowledge of file system surveillance could make that integration seamless. All this could be controlled from a tab in the Sharing preferences pane — or Security.
- Apple already has a secure, authenticated update mechanism in Software Update, that does not rely on .Mac. Virex’ update mechanism was suicidal at best, murderous probably. ClamAV supports signed updates already, for everyone’s tranquility.
Of course, one could argue bundling an anti-virus daemon with the system would give the Apple engineers a false sense of security and maybe even discourage the company from adopting best practices. Yet, social engineering is something such applications are great at stopping and best practices cannot to anything against - or very little. My answer would therefore be that both are very complementary.
Before wrapping this up, I would like to salute Mark Allan and his excellent ClamXav application, about which we have written. I know Mark works very hard to make this application what it is and I would hope that, should Apple ever consider bundling ClamAV with Mac OS X client for real, they would ask him for his expertise and wisdom.
Disclaimer: I am in no way related to Mark, ClamAV or Mayonnaise producers. I do like the three of them, though, and for very different reasons.