Apple Submits Mac OS X For Security Evaluation

ranger8x writes "Apple has submitted Mac OS X and Mac OS X Server to the U.S. government's National Information Assurance Partnership to evaluate various security features. It seems Apple is looking for some respect by the government, and to 'get more exposure.'"

Not look for holes

[gbooker]

The testing doesn't look for holes in the operating system, but rather evaluates what security features are built into it.

I guess they needed this so that Windows could be used.

If that is the case, OS X should not have any trouble at all. Let's look at some of the security features:

• Root disabled by default
• SSH remote login
• Telnet not easy to turn on (should use SSH instead)
• Can disable auto login
• Any major system changes require authentication even if the current user is an admin
• Built in Firewall

I know this is a short list, but it demonstrates the point well. OS X has many security features that are inherant of a unix based OS. It will be nice to see OS X more accepted amoung the government.

Re:What OS X needs for better security

[jeffy124]

excellent points, especially the username list & 8 char limit.

just a comment: the default install includes various servers, yet they're all disabled by default. only after a completed install can those services be enabled.

Re:What OS X needs for better security

[wka]

Even after showing name and password fields, the name of the last user who logged in is displayed by default in the username field. This tool from Apple allows you to turn this behavior off.