…..Apple has hired Kaspersky Labs (a maker of ant-virus software) to help them analyze what security vulnerabilities OS X has. The Kaspersky CTO has begun "talking out of class" about those vulnerabilities as the analysis proceeds; also,   doesn't seem to know who owns JAVA and thinks Apple is responsible for fixing it……. 


…from:
http://www.computing.co.uk/ctg/news/2174190/apple-vulnerable-claims-kaspersky-lab-cto

Apple OS "really vulnerable", claims Kaspersky Lab CTO

14 May 2012
apple-store-2
Apple has invited security company Kaspersky Lab to advise it on the security of its Mac OS – according to the security provider's chief technology officer.
Speaking exclusively to Computing, Kaspersky CTO Nikolai Grebennikov said his firm had recently begun the process of analysing the Mac OS platform at Apple's request.
Further reading
"Mac OS is really vulnerable," he claimed, "and Apple recently invited us to improve its security. We've begun an analysis of its vulnerabilities, and the malware targeting it," said Grebennikov.
Grebennikov claimed that, in his personal view, Apple does not take security seriously enough.
"Our first investigations show Apple doesn't pay enough attention to security. For example, Oracle closed a vulnerability in Java, which was a target for a major botnet several months ago."
Earlier this year, a botnet of 600,000 Macs was found to have been infected by the flashback Trojan, which exploited the Java vulnerability.
"Apple blocked Oracle from updating Java on Mac OS, and they perform all the udpates themselves. They only released the patch a few weeks ago – two or three months after the Oracle patch. That's far too long," he said.
Grebennikov pointed to the existence of the botnet as evidence that Apple needs help with its security.
"This botnet, which the security community identified, is a huge sign that Apple's security model isn't perfect," he said.
Kaspersky has often been quoted as criticising the security of various Apple platforms, and now will have the opportunity to improve at least one of them.
This appears to be the successful culmination of a long-term Kaspersky strategy to work with Apple. A year ago, Grebennikov told Computing that Apple could not hope to keep its mobile platform iOS locked down without outside expertise.
While he admitted that no iOS-specific malware has yet been identified, Grebennikov stated that he expects to see iPads and iPhones being infected by malware in the next year.
"Our experience tells us that in the near future, perhaps in a year or so, we will see the first malware targeting iOS."