Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Submits Mac OS X For Security Evaluation

Posted by pudge on from the something-about-being-powered-off-and-buried-underground dept.

ranger8x writes "Apple has submitted Mac OS X and Mac OS X Server to the U.S. government's National Information Assurance Partnership to evaluate various security features. It seems Apple is looking for some respect by the government, and to 'get more exposure.'"

4 of 51 comments (clear)

  1. Not look for holes by gbooker · · Score: 5, Informative
    The testing doesn't look for holes in the operating system, but rather evaluates what security features are built into it.

    I guess they needed this so that Windows could be used.

    If that is the case, OS X should not have any trouble at all. Let's look at some of the security features:
    • Root disabled by default
    • SSH remote login
    • Telnet not easy to turn on (should use SSH instead)
    • Can disable auto login
    • Any major system changes require authentication even if the current user is an admin
    • Built in Firewall
    I know this is a short list, but it demonstrates the point well. OS X has many security features that are inherant of a unix based OS. It will be nice to see OS X more accepted amoung the government.
    --
    You see? It's like I've always said. You can get more with a kind word and a 2x4 than you can with just a kind word.
  2. Smart Move by toupsie · · Score: 5, Insightful
    Apple has been really turning around its marketing in the last few months. More agressive. I think when Steve Jobs came back to Apple, he saw that he needed to cement his base customers like a politician does when they start a political campaign. Preach to the converted, assure them of their choice and then reach out to the rest. Apple first started giving historical Mac users something to crow about -- Mac OS X, Dual G4s (proud owner) and lately, the iPod. Now Apple is gunning for the Windows user in its switch campaign.

    Now with this move, Jobs is deftly putting a thumb in the eye of Gates. Microsoft talks about 2006 for security, Apple says, "Hey, why not today?". Having a respected third party audit will ring loud against Microsoft's tight lipped security policy. Apple already exposes the base source code for Mac OS X called Darwin to anyone that wants to take the time to download it.

    I had something else important to point out but the FedEx guy just showed up with Warcraft III. I am sure you will understand...

    --
    Strange women lying in ponds distributing swords is no basis for a system of government.
  3. What OS X needs for better security by EccentricAnomaly · · Score: 5, Insightful
    OS X has good security, but it has lots of room for improvement. It needs:
    • longer than 8 character passwords
    • checking for good passwords, password expiration, etc.
    • let the user turn off the option where you can login with "John Doe" instead of your username
    • let the user turn off the 'helpful' feature that puts the last user's name on the login screen
    • put a checkbox in the installation process to install a system with maximum security options... stuff like no list of users on the login screen and no web server installed at all, etc.
    Just a few ideas...
    --
    There are 10 types of people in this world, those who can count in binary and those who can't.
    1. Re:What OS X needs for better security by wka · · Score: 4, Informative

      Even after showing name and password fields, the name of the last user who logged in is displayed by default in the username field. This tool from Apple allows you to turn this behavior off.