Brian Mastenbrook: Financial incentives for Mac malware

Apple's days of flying under the radar are over: there are now serious financial incentives for Mac malware. These incentives will spur development of drive-by malware as it's significantly more effective than trojans. OS X does not provide sufficient defenses against browser-based threats: I've found too many issues that could be used for drive-by malware installation just through simple logic errors that should have been flagged in code review.

If you're a researcher and would like to see where the problem areas, I wrote up a guide to finding issues on OS X earlier this year. Everything listed in this article is still applicable on Snow Leopard.