Mac OS X Maximum Security

honestpuck writes "Security has long been a concern for Unix administrators who find themselves connected to the sometimes dark and dirty world of the Internet. With the advent of personal operating systems with file sharing, remote login and built-in web servers, and the spread of broadband networks with their always-on connectivity, it should now be a concern for everyone." Specifically, honestpuck is talking here about Mac OS X; read on for his review of Sams Publishing's Mac OS X Maximum Security. Mac OS X Maximum Security author John Ray and William C Ray pages 768 publisher Sams rating 7 reviewer Tony Williams ISBN 0672323818 summary Comprehensive but sometimes long winded book that covers securit on your Mac well

It really didn't concern me until one day when I was checking the logs on my Mac OS X box while developing a web app and discovered dozens of entries from all over the globe probing my box to see if it was an insecure IIS server. I then decided I needed to pay attention to security alerts and the help of a book like Macintosh OS X Maximum Security to help me understand and fix any holes.

The Good

The book is divided into four sections. Part 1 is about learning to think about security, covering such topics as physical security and protection from your users and bad guys. Part II, 'Vulnerabilities and Exposures,' covers the various sorts of attack such as password attacks, trojans and worms, sniffers and spoofing. Part III, 'Specific Mac OS X Resources and How To Secure Them,' covers just that, the various servers such as FTP, mail, Apache and SSH and how to go about making them safe. The final part covers attack prevention, detection, reaction and recovery with topics such as firewalls, alarm systems, logs and disaster planning.

Macintosh OS X Maximum Security is a large, extremely comprehensive volume. For the average person who wants to protect a small home network the information it provides is probably overkill. To make matters worse, the style is fairly verbose, particularly in the first section. Of course, if you want to secure a company network then you may need to know all the information -- and so all this background material is useful, if only so you can reach the right level of paranoia and suspicion.

The book is not a 'recipe' book that tells you "take these steps and you will have a secure machine"; rather it takes you through the possible holes and how to fix them. This approach seems much better for security, since it teaches you a respect for the places you have to open up and a methodical approach to doing so that will hopefully carry over beyond the specifics addressed. Any recipe is bound to have flaws since the operating system and the services are all changing, I'm hoping the methods and style this book have imparted to me will last beyond any changes.

The book also deals well with all the Macintosh-specific stuff, informing you well about such topics as Rendezvous, Apple Remote Desktop, using NetInfo and the like. One aspect that isn't well covered is Airport; securing an 802.11 network is barely touched on.

The Bad

The information provided in all areas of the book is quite detailed, and includes many links to further places to look for more (and more recent) information. Once again, for a book in an ever-changing field like security, this is a huge benefit. I would have appreciated some sort of a small website devoted to the book with the links mentioned gathered together and perhaps some notes on how things may have changed since the book's publication. Unfortunately the Sams Publishing site has a broken link to the book and while the authors say "we are creating a security section for the www.macosxunleashed.com website," no such section exists as I was writing this review. Frankly I am disappointed at this, I think with a book on this sort of topic it behooves either the publisher or author to provide a place for errata, discussion and notes. The best you can do is go to Amazon where you can see the Table of Contents and one chapter. [Ed. Note: The site's errata section is currently up and running.]

My only real complaint with the book itself is the huge size, and the long-winded nature of some of the material. I found the first two sections in particular almost tedious and definitely lecturing in tone. I would have rated this book higher if the editors at Sams had taken a large red pencil to slabs of the first section. Overall, I'd say that while not a 'must buy,' this book will have to do till I find something better, and I expect to loan my copy to several friends.

You can purchase Mac OS X Maximum Security from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

max security???

[stonebeat.org]

doesn't that mean turning off the power to computer, and deassembling it, and taking apart the HardDrive so that no data is recoverable?

Re:max security???

[artemis67]

...and then hunting down the Darwin and OS X development teams at Apple and terminating them "Arnie-style" before they document anything more about the OS.

Alternatively, you could just nuke Apple's Cupertino campus.

Question

[devphaeton]

Any UNIX admins messed around wit OS X?

How secure is it, how secure can it be?

I've read a few articles describing certain features that it has (ease of use and gee-whiz stuff) that sounded to me like a potential vulnerability.

It seemed that a lot of these things were enabled by default and wide open.

I seriously hope this isn't the case. Apple's better than that, right?

I'm not trolling, i'm asking sincerely. With all the "OS X IS UNIX(tm)!!!" fanfare loudly touted in the press, i'd hate to see a major outbreak of compromised OSX machines to blacken the name of all things *nix.

Bottom line: If you're on the internet, paying attention to security is mandatory. Regardless of platform.

Re:Question

[computerme]

everything is turned off by default.

apple has been very responsive to sec alerts and networking passwords are encrypted.

you can also ftp over ssh. (sftp) type stuff if you need to move a files over... there is also apple remote desktop and timbuktu to let you control the machine in all its aqua glory..

i do believe (for what its worth as I am comparing this to win and top tier linuxes) its the most secure out of the box..

insert blah blah no system is totally secure statement here

of course this is true, but out of the box and over the past 2 years OSX has been and is a reamrkable product...

Re:Question

[Halo1]

I've read a few articles describing certain features that it has (ease of use and gee-whiz stuff) that sounded to me like a potential vulnerability.

It seemed that a lot of these things were enabled by default and wide open.

The ease of use and gee-whiz stuff is indeed enabled by default and wide open. All network services (ssh, ftp, samba, apple filesharing, printer sharing aka cups, ...) are disabled by default though.

Re:Question

[JediJeeper]

Agreed with the other comments offered already. Apple has really taken the initiative on security and met things pretty squarely. Out of the box it is quite secure, almost everything is locked down via the built in tools. Incidentally, I speak from the experience of being Sys-Admin of many Solaris, Windows and Linux boxes. Most of the things Apple has had to deal with actually derive from security holes that have sprung up in third party products such as Apache and PHP (which are really quite solid products). There was recently a security vulnerability with a password buffer overflow on the GUI login screen, but that hack required physical access to the box, and as we all know physical access IS ACCESS, period.

In my opinion they, Apple, have put forth a considerable amount of effort to avoid the black eyes that a certain Redmond-based company has been prone to, mainly because any significant stumbles could spell certain doom for an OS that only enjoys 5 percent of the overall desktop market.

Anyway, thats my two cents worth on it. Blast away!

Re:Question

[FireBreathingDog]

I have OS X 10.2.6 and have been running OS X since before 10.1.

I do not know what "ease of use" and "gee-whiz" stuff is "wide open".

This is not meant to be a flame, but I'm curious: what exactly is enabled by default that poses a security risk?

Re:Question

[Halo1]

I do not know what "ease of use" and "gee-whiz" stuff is "wide open".

This is not meant to be a flame, but I'm curious: what exactly is enabled by default that poses a security risk?

Nothing, afaik. The mods just didn't appreciate my irony, it seems :) I just wanted to say that it's true that Mac OS X by default is user friendly and that it has a lot of gee whiz stuff that is readily accessible, but that otoh the standard network security holes are (virtually?) non-existant, as all services are turned off by default.

Re:Question

[FireBreathingDog]

Oh...sorry! Too easy to miss subtle stuff like that in the written word...thanks for straightening me out.

Re:Question

[Maserati]

All the Rendezvous services (printer sharing, iTunes, iChat et al) are off by default. You have to tell it you're online, you have to tun on msuic sharing.

It's all off. In the sense that I haven't read the book. Yet.

XXXXX Maximum Security

We need more of these. And more people to read them. How about Outlook Maximum Security?

Re:XXXXX Maximum Security

[the+MaD+HuNGaRIaN]

I was working on my manuscript for "DCOM Maximum Security", but then my computer told me it was going to reboot because the RPC service terminated unexpectedly--and I lost all my work.

Re:XXXXX Maximum Security

[artemis67]

It would be a very short book. The first (and only) page would read, "Use Thunderbird instead."

Re:XXXXX Maximum Security

I actually like Outlook... I just wish it were a little less bulky. You can't even use the scheduling without setting up some account, and the last time I checked, you can't set up an IMAP account on the initial setup. By the way.. I have been using Thunderbird for almost a week, and I'm loving an email client that's.. ahem... an email client.

Re:XXXXX Maximum Security

Outlook Maximum Security Isn't that an oxymoron?

Re:XXXXX Maximum Security

Cool, thunderbird can work with exchange servers and do shared calendaring now? It must be in CVS, is it?

Re:XXXXX Maximum Security

[WNight]

Does IIS run Apache modules? No!? Shameful.

Standard email programs don't connect to buggy proprietary email servers? The horror!

Oddly enough..

[cK-Gunslinger]

.. when I think of OS X "Maximum Security", I can help but to think of the translucent plastic jail cell they kept Magneto in.

this book doesn't sound too useful

[kaan]

From the origial post:

It really didn't concern me until one day when I was checking the logs on my Mac OS X box while developing a web app and discovered dozens of entries from all over the globe probing my box to see if it was an insecure IIS server.

I think that pretty much sums it up - IIS can easily be insecure, just like the rest of the Windows world. But why does that mean that the Mac's web server (Apache) should be a cause for concern?

I've been using OS X for about a year and a half, and I don't see how a "Mac specific" book on security is worth the cash outlay. Sure, there are pretty UI widgets to interface with things like Apache, ipfw, the ftp server, etc., and a how-to book might be useful for a novice. But I don't see why a book like this will distinguish itself given that most of the real security info is way more Unix-centric that it is Mac-centric.

From what I recall, most of the OS X system defaults were set to reasonable, fairly secure settings, unlike Windows where a basic install will leave a zillion services running on your machine, all of which are listening to the outside world, exposing some heinous portion of the OS to components that have no right messing with it in the first place.

Re:this book doesn't sound too useful

[asv108]

From what I recall, most of the OS X system defaults were set to reasonable, fairly secure settings, unlike Windows where a basic install will leave a zillion services running on your machine

For fun a decided to compare open ports on default but updated installs of OSX and XP.

Windows XP Box Port Scan

Interesting ports on 192.168.1.103:
(The 1639 ports scanned but not shown below are in state: closed)
Port State Service
135/tcp open loc-srv
139/tcp open netbios-ssn
445/tcp open microsoft-ds
1025/tcp open NFS-or-IIS
5000/tcp open UPnP

Max OSX Port Scan

All 1644 scanned ports on 192.168.1.105 are: closed

Nmap run completed -- 1 IP address (1 host up) scanned in 20.910 seconds

Gentoo Port Scan

All 1644 scanned ports on 192.168.1.101 are: closed

Nmap run completed -- 1 IP address (1 host up) scanned in 0.357 seconds

Re:this book doesn't sound too useful

[xanadu-xtroot.com]

It really didn't concern me until one day when I was checking the logs on my Mac OS X box while developing a web app and discovered dozens of entries from all over the globe probing my box to see if it was an insecure IIS server.

I think that pretty much sums it up - IIS can easily be insecure, just like the rest of the Windows world. But why does that mean that the Mac's web server (Apache) should be a cause for concern?

This part had me stumpped too. He was able to "watch" his box trying to be gotten into and the requests were being denied. He was able to CHECK HIS LOGS! THE REQUESTS WERE BEING DENIED! (I'm sorry to yell, but...) That's a good part of the point of all this *NIX retoric of ours, I thought...

Re:this book doesn't sound too useful

[daeley]

Ooooh, 192.168.1.103 is a vulnerable Windows box! Time for some hacking! I'll show asv108 who's....

What the--

Re:this book doesn't sound too useful

[Willtor]

I think that pretty much sums it up - IIS can easily be insecure, just like the rest of the Windows world. But why does that mean that the Mac's web server (Apache) should be a cause for concern?

His point is that he was simply using his personal computer, and there were people port scanning him. For a good long while (far too long), I was convinced I had security through obscurity. Why would anyone want to crack my computer? He probably had much the same perspective. With his logs, he was clearly wrong. It wasn't so much that Apache was a cause for concern in and of itself (or because IIS is more full of holes than Swiss cheese), but that he was missing the element of security on which he had previously been relying.

-wml

Re:this book doesn't sound too useful

Nmap run completed -- 1 IP address (1 host up) scanned in 20.910 seconds

Nmap run completed -- 1 IP address (1 host up) scanned in 0.357 seconds

HA HA !! Look how long it took to scan the OS X box! Macs SUCK!

:-) <-this means I'm joking, dear moderator

Re:this book doesn't sound too useful

[valkraider]

All jokes aside, I would think it is a good thing to slow down port scanners, makes it harder to hack as many boxes if they all take 20 seconds to finish the port scan, right?

Re:this book doesn't sound too useful

[asv108]

The gentoo portscan was to the localhost, the mac port scan went through a wifi, thats why there was a speed difference.

[In]Secure IIS server?

[cant_get_a_good_nick]

and discovered dozens of entries from all over the globe probing my box to see if it was an insecure IIS server.

Maybe they were looking for a secure IIS server. Ripley's "Believe it or not" is starting production again, maybe they needed material?

Re:How secure can it be if it's PROPRIETARY?

[falcon5768]

WOW you have a bug up your ass about Apple

First off your right the windowing enviroment is not KDE or GNOME, its designed with a OS 9 and prior user in mind. BUT it doesnt preclude the use of X apps since you can infact run X apps no problem with X11 which is a free download FROM APPLE!!!! Panther will actually have this built in BTW.

Second unless you have been living under a rock Darwin has a huge thriving open community and has full access to a lot of the OS from Apple.

Third Mach is neXt NOT Apple, yes owned by Steve, but the true story on how they came to use is is actually a really interesting read and has more to do with the man who created OS X than it does anything Apple told the team to do (Apple had their own kernal that was trashed by the guy)

And everything in netinfo is able to be done in terminal so dont open your mouth unless you know what the hell your talking about.

And of course they locked users in.... THEY ARE A HARDWARE COMPANY NOT A SOFTWARE COMPANY!!!! I hate when people miss the fact that Apple supports its self on hardware, NOT software. Why the hell do you think they killed off the clones, they where losing money big time to the point of going under.

The daily Nimda reminder

one day when I was checking the logs on my Mac OS X box while developing a web app and discovered dozens of entries from all over the globe probing my box to see if it was an insecure IIS server

There is nothing like the daily reminder of the Nimda worm to get us all a little paranoid at first. But over time, I've just tuned it out. I now find myself using "cat access_log | grep -v winnt" all the time.

Are you daft?

[goombah99]

your're kidding right? using a database rather than spewing custom format poorly documented text config files, how is that not an imporvement?. the data base allows reporducible installs and uninstalls, extensibility, remote admin, and automated scripting that hand edited text files could never be counted on to perform reilably (e.g. I edit a config script and now my custom perl sys admin tool cant properly edit it). also apparently you are not aware that the apple system does support most of the test based config files as an extention to netinfo and that using nidump and niload you can workd with the data base in those formats if you cant figure out how to use a database. finally even apple is relegating netinfo to the past and moving on to ldap like systems.

X11 is not a modern windows system. and its not approriate to the apple model either with all its hidden text file tweaks. In use its pretty good but quartz is much better it would appear (I only can observe the finished product not the nuts and bolts).

as for mach-O they have laready proven their worth in the seemless portability of next code across multiple platforms and cpu. ELF was not as mature as it is now when NeXT was derived from BSD, so its not a evil conspiracy but a rational choice they made to free themselves to make a seemless platform without having to keep it compatible with a hodgepodge of non standard ELF binaries. why should apple abandon a proven success now.

Review of the review

The Bad: It's a really really big book
The Good: It's got four parts!

Drop the fairly from "fairly verbose". That's a bit...wordy.

Just kidding, thanks for the review!

Moderators on crack again (5core : 5, insightful)

If that was

Windows? Secuirty? What an oxymoron

then it would be 5, funny. AND IT WOULD! DON'T LIE. If you get metamods, please mod this post unfair!

OS X: off to a pretty good start

[gobbo]

Just came through the ms.blaster anxiety pox without a drop of sweat, as we're using OS X and one win98 box [now I'm glad that IT was too incompetent to put win2K on it...]. It got me thinking about the last time I saw a mac virus, oh, about 11 years ago, and how easy it was to fix with freeware by John Norstad, and about the "Crack a Mac" contest in '97. Things were pretty secure on classic macs. Now, I still feel pretty secure, indicated by the way the gloating bubbled up when I warned compadres to lock down their XP boxes. I'm happy to see that built-in firewall loaded, when I occasionally reboot, and there's always snort if I get paranoid--plus all the other *nixy goodness.

When I received one box back from servicing today, a botched update completed itself upon booting, and a warning came up that a particular video driver file may be compromising the OS's security, did I want to fix and use, not use, or just use it? Nice. All I have to do is run software update. I want more of that caution built in, but as things stand, keep it up Cupertino.

Re:OS X: off to a pretty good start

[EnVisiCrypt]

Windows 98 is vulnerable to the overflow condition that Blaster exploits as well, not just 2K.

Re:OS X: off to a pretty good start

[Zebra_X]

>Just came through the ms.blaster anxiety pox >without a drop of sweat.

Yeah - me too. I PATCHED MY MACHINES, A MONTH AGO

Enough said.

Re:OS X: off to a pretty good start

"Yeah - me too. I PATCHED MY MACHINES, A MONTH AGO"

And a month from now you'll have to do another one, and then another one, and then another one, and oops you missed one and there goes a day's work, and then another month goes by and another one and another one.

Enough said.

Re:OS X: off to a pretty good start

[GutBomb]

how is this different than installing apple's monthly security updates?

Re:OS X: off to a pretty good start

" how is this different than installing apple's monthly security updates?"

With Windows, if you don't patch it right away you are likely to get hit and lose time. With OS X, you can skip the update and you'll probably be fine.

Re:OS X: off to a pretty good start

That's because there are so few OS X boxes out there that hackers don't bother attacking them. It's called "security through obscurity".

Re:OS X: off to a pretty good start

[Zebra_X]

Patching is simply a fact of life - bugs happen.

Apple releases a significant number of patches for their software, through software update. It is the same process on the WinBlows machine - and infact, no action is needed on my WinBlows machine - the *critical* patches are automatically installed.

I realize that software updater has this feature as well, but there were several patches in the past that I downloaded that caused trouble. Also, there are updates which Software Update insits on such as iDVD, and iPod Software Updater, that I do not NEED or WANT - becuase I don't have the hardware for it. Why should it be installed if I don't have it? Not only that - the updates are frequently of a rediculous size (25 Megs). Recently, Apple recently develiverd an update to iTunes that significantly changed the burning functionality of the software. As a result, I don't feel that I should let Apple automatically update my machine. As a result, Software Updater is not a feature that should run unsupervisied on a machine.

Microsoft has been making inroads in delivering updates to their software in a timely, regular manner. In fact, the only group of people to blame for this blaster worm - are the people who did not take the 1 minute out of their day to update their software. Better yet - turn on automatic update. M$ is NOT blameless for failing to test their software more thoroughly. That is however, a discussion in it's own right. As users of computers we will have to patch - regardless of platform choice. It is the ease with which we can recieve these updates and make them that is important.

a very good question

[SweetAndSourJesus]

I think OS X is fairly secure because it's easy to secure.

Apple releases security updates fairly quickly, and their Software Update system makes them available and easy to install for the average user. If I recall correctly, Mac OS X defaults to checking for updates weekly. Installation of updates may require an administrator password, but other than that it's as simple as a couple of clicks.

With my FreeBSD system, I subscribe to freebsd-security-notifications to keep abreast of updates. Knowing when updates are available and knowing how to apply them is probably beyond the average user's ability.

Re:Security is a Myth.

I read the book, its only 2 pages long and most of it is pictures.

Re:How secure can it be if it's PROPRIETARY?

[Knife_Edge]

Looking under the hood, it gets worse. While all other *nixes use standard ELF binaries, Darwin (Apple's name for their proprietary "Unix" kernel) does not. It uses Mach-O, an unproven format that is proprietary to Apple. The moribund FreeBSD, off which OS X is based, uses ELF, so clearly Apple went to the extra effort of "switching" (heh) simply to break compatibility. Additionally, Apple has moved most configuration info from human readable text files into a proprietary database called "NetInfo", which is much like the Windows registry we all loathe. Why? These are only a few of the ways that Apple has deliberately broken compatibility with other systems, presumably in order to lock users in to expensive Mac hardware.

Sure, this guy is a troll. But these are legitimate criticisms, with at least a grain of truth to them anyway. I especially hate the poorly documented NetInfo, and I'd like to add that it is impossible to cross-compile with OS X as a target, due mostly to their unconventional binary format. Very trollish tone, I'll admit, but we should all remember that OS X is set up as a closed system from many perspectives. I recall another fellow who was moderated as a troll for criticizing the iTunes music store as being evidence of Jobs desire to turn the computer into a digital shopping mall.

And I suppose the rebuttal is that hey, Apple is a company, and their goal is to make money, so all this is ok. Well, unfortunately I do not regard 'making money any way you can' as the highest and noblest pursuit of humanity. If Microsoft is any evidence, maybe the problem in the software industry is that being nice does not work to make money. Still, I am less than pleased with Apple taking exclusionary steps towards the freedom of their users. I like the way Aqua looks, and I have no problem with it, but NetInfo? What is the purpose of NetInfo? It certainly isn't an improvement, and actually has some fairly serious security problems, in that any user with shell access can view the entire database with nidump, including passwords of any other user.

As for the binary formats and cross-compilation issues, Apple's attitude is that if you want to develop for OS X, better have an OS X system! I think their business is being hurt a lot by being built around the need to sell their proprietary hardware.

Why Apple didn't use X for the window system

[mpaque]

> they don't even use X at all!

What Apple is providing is an Apple-original window system that is graphics model agnostic, as well as a vector drawing system that maps very well to PDF, which is a sort of PostScript without the non-graphical operators. This is packaged under the name 'Quartz' for easy reference by Marketing types.

The window system is designed to support both buffered (like an offscreen PixMap) and unbuffered windows, and is graphics model agnostic, working equally well with QuickDraw, OpenGL, the Quartz drawing engine, X11, and third party solutions, and managing window geometry for the Classic, Carbon, and Cocoa environments. The server portion is a hybridization of screen arbiter and compositor models (and if that's all Geek to you, don't worry about it).

The Quartz drawing engine supports drawing primitives similar to the graphics primitives that might be found in the DPSClient single-operator primitives library for X and NeXTSTEP. There are no math and flow control primitives, as these can be done more efficiently in the native
compiled code. There are no DPS or PS wrappers, as this optimization for server-side graphics is not needed in the Quartz client-side graphics model.

The operations provide imaging and path construction and filling operations as well as some interesting other bits that map well into the direction that 2D drawing is headed. (See Longhorn, or the X raster projects.) The drawing engine can output to rasters (like a window!), as well as PS and PDF streams to feed printers. The Mac OS X printing system takes advantage of the capabilities of Quartz to support all sorts of printers, and make the life of printer driver developers much, much easier.

Things we'd need to add/extend in X Window software (protocol+server+manager+fonts+...):

1) Extend font server and services to vend outlines and antialiased masks, support more font types, handle font subsetting.
2) Extend drawing primitives to include PS-like path operations.
3) Add dithering and phase controls.
4) Add ColorSync support for drawing and imaging operations, display calibration
5) Add broad alpha channel support and Porter-Duff compositing, both for drawing in a window and for interactions between windows.
6) Add support for general affine transforms of windows
7) Add support for mesh-warps of windows
8) Make sure that OpenGL and special video playback hardware support is integrated, and behaves well with all above changes.
9) We find that we typically stream 200 Mb/sec of commands and textures for interactive OpenGL use, so transport efficiency could be an issue.

So, yes, it looks like we can use X for Quartz. All we need do is define extensions for and upgrade the font server, add dithering with phase controls to the X marking engine, add a transparency model to X imaging with Porter-Duff compositing support, make sure GLX gets in, upgrade the window buffering to include transparency, mesh warps, and really good resampling, and maybe augment the transport layer a bit.

Ummm... There doesn't appear to be much code left from the original X server in the drawing path or windowing machinery, and it doesn't appear that apps relying on these extensions can work with any other X server. Just what did we gain from this?

Oh, yeah. My mom can run an xterm session on her desktop now without downloading the Apple X11 package, a shareware X server or buying a software package.

Been there, evaluated that.

Re:Why Apple didn't use X for the window system

[The+Ego]

FYI, the parent post appears to have been posted by Mike Paquette, who designed/wrote a good part of Quartz. His post is more than "+5 Informative", it should be "+10 Reference".

See a previous post of mine for references to Usenet posts from Mr. Paquette.

A shame

[stratjakt]

That backroom deals between Apple and Microsoft prevent them from ever bringing their OS out for the x86. They'd make a killing, it's about the only thing that could compete with Windows.

As for their hardware angle, if it's truly superior to off-the-shelf PC, it would still sell. But they wouldnt need it to, they'd be rolling in ridiculous wealth.

Of course, then slashdot would have to change it's slanted view of proprietary software, if MSFT was the underdog and Apple was on top. The world turned upside down for the frothing zealot, indeed.

Anyways, nice review, but redundant, I dont see why anyone should expect anything less than 100% security out of the box. After all, Mac OSX "just works", doesnt it?

Re:A shame

have you been hanging out with SCO or do you make stuff up on your own? What is the basis of this fictitious deal?

Re:A shame

Oh please, google for apple microsoft and non-compete. It's pretty obvious. Apple doesnt go after any of MSFTs pie, MSFT lets them keep their little fiefdom, and legitimizes it with ports of Office and the like.

You really think theres a MacOS port of Office because MSFT thinks that all the effort is worth it for 1% of the market? If so, why no linux/bsd ports?

Re:A shame

[sammaffei]

Actually the real reason Apple is not selling OS X on x86 (and Apple does in fact have this) is THEY SELL HARDWARE!!!

Why kill your hardware sales buy selling your OS on a cheaper platform?

OS X on x86 is a failsafe hardware manufacturing exit strategy. Nothing more.

Re:A shame

[SoTuA]

OS X on x86 is a failsafe hardware manufacturing exit strategy. Nothing more.

That's right on. Plus, if you start supporting x86 hardware, then you have to start supporting the infinite hardware configurations... with their current model, they only have to write a small amount of driver code, and focus their efforts on that "it works" :D. Maybe they could pull it off, but working with controlled hardware is IMHO the way they can assert that "it works". I would need a shot of some strong drink to say that with a straight face when my OS is supposed to run on a PCChips all-integrated POS mobo, or a SIS graphics decelerator. :)

Depends on what kind of "security" you need

[caveat]

I've read a few articles describing certain features that it has (ease of use and gee-whiz stuff) that sounded to me like a potential vulnerability.

It seemed that a lot of these things were enabled by default and wide open.

Of course they are, OS X is primarily a /desktop/ system. Ill bet that OS X Server is a hell of a lot more secure out-of-the-box, but as far as desktop usability goes, I doubt its half the system plain X is. Security and usabilty are a hard balance to strike (believe me, just setting up a sandboxed guest account for Windows idiots who fsck things up while keeping my account carte blanche is challenge enough), and I dont think Apple really has the time to make sure X is really secure, or X Server is really usable as a desktop OS.

That said, everybody does need to keep some level of control over their systems - I keep all my "sensitive" data double-encrypted (AES disk images are so handy), keep my ports controlled, check my logs, dont use telnet or allow anon FTP, yadda yadda. Of course, Im more computer-savvy (or OS X savvy at least) than most, maybe if you or some other admins can dink around a little and write a little script or app that asks you what services and features you want, then locks down the box accordingly..

(Oh, BTW, a lot of the gee-whiz features arent as vulnerble as they sound - the Keychain, for example, uses strong encryption and only allows access by a single service. Yes, it unlocks when you login, but if somebody has your login password, you have bigger things to worry about. Of course, you need to be careful what apps you allow access to the keychain, but its not inherently insecure.)

Re:Depends on what kind of "security" you need

[esper]

dont use telnet or allow anon FTP

Funny, on my systems, I allow only anon ftp. You are aware that non-anon ftp is just as bad as telnet, security-wise, aren't you? (Referring here strictly to ftp proper, not sftp or any other ftp-over-an-encrypted-channel variants.)

Use OS9 for secure server NOT OSX! Its 100% secure

Forget this book. Use OS9 for a secure server NOT OSX! Its 100% secure according to the massive BugTraq (SecurityFocus) exploit database.

Thats why many universities, and military websites used mac OS9. OS9 has never had an exploit, while OSX has had at least over 35 or so documented exploits.

It is a concrete fact that that no MacOS based webserver has ever been hacked into in the history of the internet.

The MacOS running WebStar and other webservers as has never been exploited or defaced, and are are unbreakable based on ample historical evidence.

In fact in the entire SecurityFocus (BugTraq) database history there has never been a Mac (classic Mac OS) exploited over the internet remotely. Scan it yourself, though I believe an uncommon 3rd party mac product from 1995 or so had one exploit.

I am not talking about FreeBSD derived MacOS X (which already had a more than a 35 exploits and potential exploits in BugTraq) I am talking about current Mac OS 9.x and earlier which are highly sophisticated abstract-OS models.

Why is is hack proof? These reasons :

1> No command shell. No shell means no way to hook or intercept the flow of control with many various shell oriented tricks found in Unix or NT. Apple uses an object model for procces to process communication that is heavily typed and "pipe-less"

2> No Root user. All mac developers know their code is always running at root. Not hing is higher (except undocumented microkernel stufff where you pass Gary Davidians birthday into certain registers and make a special call). By always being root there is no false sense of security, and programming is done carefully.

3> Pascal strings. ANSI C Strings are the number one way people exploit Linux and Wintel boxes. The mac avoids C strings historically in most of all of its OS. In fact even its roms originally used Pascal strings. As you know pascal strings are faster than C (because they have the length delimiter in the front and do not have to endlessly hunt for NULL), but the side effect is less buffer exploits. Individual 3rd party products may use C stings and bind to ANSI libraries, but many do not. In case you are not aware of what a "pascal string" is, it usually has no null byte terminator.

4> Macs running Webstar have ability to only run CGI placed in correct directory location and correctly file "typed" (not mere file name extension). File types on Macs are not easily settable by users, expecially remotely. Apache as you know has had many problems in earlier years preventing wayward execution.

5> Macs never run code ever merely based on how a file is named. ".exe" suffixes mean nothing! For example the file type is 4 characters of user-invisible attributes, along with many other invisible attributes, but these 4 bytes cannot be set by most tool oriented utilities that work with data files. For example file copy utilities preserve launchable file-types, but JPEG MPEG HTML TXT etc oriented tools are physically incapable by designof creating an executable file. The file type is not set to executable for hte hackers needs. In fact its even more secure than that. A mac cannot run a program unless it has TWO files. The second file is an invisible file associated with the data fork file and is called a resource fork. EVERY mac program has a resource fork file containing launch information. It needs to be present. Typically JPEG, HTML, MPEG, TXT, ZIP, C, etc are merely data files and lack resource fork files, and even if the y had them they would lack launch information. but the best part is that mac web programs and server tools do not create files with resource forks usually. TOTAL security.

4> Stack return address positioned in s afer location than some intel OSes. Buffer exploits take advantage of loser programmers lack of string length checking and clobber the return address to run thier exploit code instead. The Mac compilers usually place return address in front or out of context of where the b

Re:How secure can it be if it's PROPRIETARY?

[shawnce]

Wow... too much misinformation in this post to even bother correcting it.

Please put your tin foil hat back on.

FYI

[Srsen]

Apple has a Security Technology Brief which is a somewhat simplified but comprehensive overview of the hardware and software security features of Macs and Mac OS X.

http://a368.g.akamai.net/7/368/51/edcf434107944a /w ww.apple.com/macosx/pdfs/Security_TB.pdf

Re:Security is a Myth.

[sudnshok]

It's not that Macs are immune to attack, it's just that there are far less people writing exploits to attack Mac systems. Most people write exploits for Windows since Microsoft is so hated, and there are so many more Windows machines available to compromise. And exploits are written for Unix since it's been around for so long, and there are many tempting targets for people to hit on the net.

Now, I guess with OSX, some of those Unix hackers will be able to do some damage to Mac users, but Macs running OS9 don't have many attackers.

I'm not saying there are no attackers skilled at exploiting an OS9 box, but the ratio of these people to Win/Unix/Linux hackers has got to be miniscule.

So, while I agree that a 100% secure machine is not possible, I do think you are far less likely to be compromised on a pre-OSX Mac.

Re:Security is a Myth.

[cant_get_a_good_nick]

True, nothing is totally secure, but MacOS <= 9.x was pretty secure. Simply because it had no services. For a long time, macs were relatively uncommon on the internet. No exposure, no risk. Even when they did come online, mac had no exploitable command shell. The closest thing would be AppleScript, and i never heard of any exploits for it. Part of it may be the fact that you have to construct and manipulate objects, not just hand some command line text off to a shell, part of it due to the fact that exploit code on PowerPCs is a lot harder to write than for x86 (or 68K for that matter).

For years, mac viruses numbered in the in the tens while viruses for Windows numbered in the thousands. It was just harder to write good mac viruses, the barrier to entry was higher. In fact, there were so few viruses, the only needed anti-virus code was developed and maintainmed by a single person (go stomping foot!!).

Now that MacOS has entered the 90s (protected memory, an actual VM, preemptive multitasking) by using a descendent of the 70s (UNIX) a wakeup call for some folks is needed. The chance for work exploits is there (the apache worm) but they'll be insulated somewhat by the fact people will target x86 first, and that Apple has been fairly good about security updates.

No information please, we use Linux

The Bad

The information provided in all areas of the book is quite detailed, and includes many links to further places to look for more (and more recent) information

Yes, that is quite bad. How dare they provide information in a book. They should have buried it all in a HOWTO with the wrong name on an obscure website.

Re:No information please, we use Linux

[bjohnson]

Too bad you CAN'T READ apparently, since the *rest* of the sentence was '...but many of those links are broken'.

Re:The only secure Apple system

OS Joke Cliche Alert:

WARNING: The preceeding post has violated the OS Joke Cliche rule. This "joke" has taken the form of a cheap shot towards a familiar OS without any supporting detail substantiating the claim (possibly ruining the "joke"). In fact, the lack of supporting data causes the "joke" to be increasingly unfunny.

This particular "joke" relied on the following unsubstantiated data:

(___) Linux/Windows/OSX users are better than other users
(_X_) Linux/Windows/OSX is better than other operating systems
(___) Windows crashes all the time
(___) Microsoft spelled "Micro$oft" or "M$"
(___) Microsoft is out to get you
(___) Linux users are a bunch of smelly hippies

Re:Moderators on crack again (5core : 5, insightfu

[I8TheWorm]

relax... reread the header

OS X? Security? What an oxymoron (5core :5, funny) (Score:0)

He actually typed in the mod in the title. So no worries for the apple users, all is well, nobody that posts anything closely resembling Windows hype ever gets above a 3 here....

Cheaper at Amazon.com

It's cheaper at Amazon.com and there's free shipping, too. Posting AC to avoid karma whoring.

Re:Cheaper at Amazon.com

and have a warm fuzzy feeling supporting BS patents!

Re:Cheaper at Amazon.com

You mean posting as AC with your referrer code in the URL to be able to mod yourself up afterwards.

Re:Cheaper at Amazon.com

Well, it's offtopic, but *this* baby needs modding up.

Redundancy

[happyfunstuff]

and discovered dozens of entries from all over the globe probing my box to see if it was an insecure IIS server

Re:Redundancy

[error502]

Talk about redundancy. I always thought IIS stood for Insecure Internet Services.

Re:Redundancy

[UtSupra]

But Micro$oft loves doing that... Look at Windows 2000. It is based on "NT Technology" or "New Technology Technology"

Re:Redundancy

I though it was Nicked Technology.

Re:How secure can it be if it's PROPRIETARY?

[alchemist68]

Some of Apple's configuration infomation is stored as plain old XML which is viewable and editable in any text editor.

'nuff said. Why oh why do people troll?

Re:morons continue pummelling dead whores

morons continue pummelling dead whores

Nah, I think we'll leave your mother out of it this time.

Re:The only secure Apple system

Um...maybe that is why the United States Army moved their webserver from Windows to Mac OS. Your post was so not funny...

Virii? Bring 'em on!

I recall, late-98 or so, when a fairly adequate Mac virus actually surfaced. We were thrilled! What more proof did you need that Apple was back, than a virus attempting to take it down?

Meanwhile, the rest of you can stop with this "juicy target" stuff. There is, have never been, ANY OS more susceptible to virii than Win.

Back in the 8.5-9.x days, I used to spread my IP address all over Usenet, in hopes someone would bring down my computer, so I could learn something from the genius.

Now, I won't quite do THAT, but have little worries about putting an OS X box behind a Linkys router (helps deflect almost everything by itself).

If only my nights were not so clogged fixing all the neighbors' pathetic 98/2000 and XP boxes. I can't drink anywhere NEAR the volume of free beer I accumulate!

Re:Virii? Bring 'em on!

[leifm]

What doesn't a Linksys deflect? You can't even ping my ip, and I am using a Linksys 802.11b AP.

Re: Mac 6.6 times more common than linux

http://www.thecounter.com/stats/2003/May/os.php

Mac 6.6 times more common than linux measured by millions of browsers. (no one spoofs os, though some spoof browser brand).

1. Win 98 15416286 (40%)
2. Win 2000 11518338 (30%)
3. Win XP 7329054 (19%)
4. Win NT 1140924 (2%)
5. Mac 881868 (2%)
6. Win 95 844872 (2%)
7. Unknown 565197 (1%)
8. Win 3.x 188799 (0%)
9. Linux 132828 (0%)
10. WebTV 58173 (0%)
11. Unix 23838 (0%)
12. Win ME 10638 (0%)
13. OS/2 2118 (0%)
14. Amiga 648 (0%)

mac has been 7 times more popular than linux every years since 1995.

google knows this, as does www.thecounter.com

and now, so do you!

The us military uses mac os for webservers because Macintosh OS 9.x and earlier has never had a sinlge know exploit, while linux has had over 400 discovered exploits. Also the military websites were rooted no less than 3 times when running other non-apple osses.

Not flame : Mac OS9 100% secure not OSX

This valuable post in a larger form was recently downrated a flame by a linux zealot so I repost it here in verycondensed form with nothing but DATA and Informative post info. There is no reason to moderate down informative posts. To not be termed a "flame" I request that no one reply to my post. therefore it is not a troll by the DEFINITION of "troll".

It is a concrete fact that that no MacOS based webserver has ever been hacked into in the history of the internet.

The MacOS running WebStar and other webservers as has never been exploited or defaced, and are are unbreakable based on ample historical evidence.

In fact in the entire SecurityFocus (BugTraq) database history there has never been a Mac (classic Mac OS) exploited over the internet remotely. Scan it yourself, though I believe an uncommon 3rd party mac product from 1995 or so had one exploit.

I am not talking about FreeBSD derived MacOS X (which already had a more than a 35 exploits and potential exploits in BugTraq) I am talking about current Mac OS 9.x and earlier which are highly sophisticated abstract-OS models.

Why is is hack proof? These reasons :

1> No command shell. No shell means no way to hook or intercept the flow of control with many various shell oriented tricks found in Unix or NT. Apple uses an object model for procces to process communication that is heavily typed and "pipe-less"

2> No Root user. All mac developers know their code is always running at root. Not hing is higher (except undocumented microkernel stufff where you pass Gary Davidians birthday into certain registers and make a special call). By always being root there is no false sense of security, and programming is done carefully.

3> Pascal strings. ANSI C Strings are the number one way people exploit Linux and Wintel boxes. The mac avoids C strings historically in most of all of its OS. In fact even its roms originally used Pascal strings. As you know pascal strings are faster than C (because they have the length delimiter in the front and do not have to endlessly hunt for NULL), but the side effect is less buffer exploits. Individual 3rd party products may use C stings and bind to ANSI libraries, but many do not. In case you are not aware of what a "pascal string" is, it usually has no null byte terminator.

4> Macs running Webstar have ability to only run CGI placed in correct directory location and correctly file "typed" (not mere file name extension). File types on Macs are not easily settable by users, expecially remotely. Apache as you know has had many problems in earlier years preventing wayward execution.

5> Macs never run code ever merely based on how a file is named. ".exe" suffixes mean nothing! For example the file type is 4 characters of user-invisible attributes, along with many other invisible attributes, but these 4 bytes cannot be set by most tool oriented utilities that work with data files. For example file copy utilities preserve launchable file-types, but JPEG MPEG HTML TXT etc oriented tools are physically incapable by designof creating an executable file. The file type is not set to executable for hte hackers needs. In fact its even more secure than that. A mac cannot run a program unless it has TWO files. The second file is an invisible file associated with the data fork file and is called a resource fork. EVERY mac program has a resource fork file containing launch information. It needs to be present. Typically JPEG, HTML, MPEG, TXT, ZIP, C, etc are merely data files and lack resource fork files, and even if the y had them they would lack launch information. but the best part is that mac web programs and server tools do not create files with resource forks usually. TOTAL security.

4> Stack return address positioned in s afer location than some intel OSes. Buffer exploits take advantage of loser programmers lack of string length checking and clobber the return address to run thier exploit code instead. The Mac compilers usually place ret

Re:Not flame : Mac OS9 100% secure not OSX

[repetty]

I used to always ask people who insisted that the classic Mac OS was just as vulnerable as any other OS how they would get around the fact that the classic Mac OS had no command line.

That usually stopped them fast in their tracks.

They other thing that I asked anyone who was questioning the security of the classic Mac OS was to name one instance -- just one -- where a classic Mac OS machine had been cracked.

Of course, they couldn't.

You've written a nice post. I wish your grammer, spelling, and capitalization were better since your errors in prose cast a shadow on your technical credibility.

Rewrite/revise and resubmit.

--Richard

Re:Not flame : Mac OS9 100% secure not OSX

[TheNetAvenger]

First off, the security you state is way out of whack.

Secondly, who would trust a server that has poor memory management (80s technology), no modern OS features like: Journalled FS, Pre-Emptive Multitasking, Ability to use Large Partitions, Multiple CPUs, More than 2GB of RAM, Etc, Etc, Etc...

Give us a break, Mac OS9 is technically at the same level as Windows 3.1. Hence why Windows3.1 is not a high risk OS for the internet, there is not much in it to hack short of the Winsock add-on.

So we should all go back to DOS, Win3.1, and MacOS9, so that we don't get hacked. Give me a break...

With modern advances, there are security caveats, but limiting yourself to antiquated technology to avoid them is just ridiculous.

Secondly, do you even comprehend the performance differences between an OS like Mac System9 and *nix, NT or other platforms? There is a massive margin, and System9 falls quite short - especially as a Server.

If Mac System9 can't even play an MP3 in the background without skipping while you are working, how do you think it is going to handle 100,000 hits as a Server?

Take a computer class or spend your time spreading your ignorance to a group that doesn't know better.

Re:Not flame : Mac OS9 100% secure not OSX

I believe the facts speak for themselves NetAvenger. Or can you cite ** just 1 instance where the Mac Pre X/Webstar combo WAS hacked ** (other than the instance above which involved a third party plug-in exploit, 8 mth duration, and a 100,000SK incentive). By all means do identify any other os/server combo that stacks up in this context. I'm sure your learned perspective will prove quite enlightening. Cheers.

Re:Not flame : Mac OS9 100% secure not OSX

[TheNetAvenger]

believe the facts speak for themselves NetAvenger. Or can you cite ** just 1 instance where the Mac Pre X/Webstar combo WAS hacked ** (other than the instance above which involved a third party plug-in exploit, 8 mth duration, and a 100,000SK incentive). By all means do identify any other os/server combo that stacks up in this context. I'm sure your learned perspective will prove quite enlightening. Cheers.

I stand by my comments.

This is not about how many times someone can prove a Mac running System 9 or earlier was compromised.

The point is, Mac System 9 and earlier software is inherently insecure, has almost NO modern OS features, and is a poor choice for a server environment.

You would be better off running a Win3.1 box with a TCP/IP stack. It would be just as secure, as it also would not be a major target, and technologically, it is JUST as advanced as the core structure of Mac System Software prior to OSX. Period.

Mac System 9 and under have no file system level security, no kernel level security, and are seriously flawed in terms of features they offer for a server environment, and in many ways, even a desktop environment considering that technically it has a poor memory management system, an aged monolithic messaging cue, and is an application dependant cooperative multi-tasking OS. JUST LIKE WINDOWS 3.1 which was released in 1992.

OSX is light years ahead of Mac System software, just like Linux, FreeBSD, and WindowsNT which have true security built into the core/kernels of the OS. Also take into account that these non-Apple OSes where doing this stuff for over 10 years before Apple finally got around to giving us OSX. I remember the great IBM/Apple announcements and idea of having a real pre-emptive multitasking OS with security on Macs available in 1993 as planned. I was even eager for it to happen. It didn't. Microsoft Built NT, and the other *nix variants for the Intel Platform took off providing the features Apple (the great innovator *cough*) was supposed to have given us over 10 years ago.

And yet you are here trying to tell the world that Mac System 9 is better? I am truly amazed that you are so lost in your hyperbole.

Your logic amazes me. You are saying that just because Mac System 9 was 'seldom' hacked that it is superior. Using your logic, we should be using CPM, or DOS, or Win3.1 as they were never a major target and never hacked into either.

You are out of your league here; try some place other than Slashdot to bloviate about the wonders of Mac System 9 Software. Most people here know the history and the architectures of the major OSes, in addition to the technological shortcomings of Mac OS 9 - especially in a server capacity.

Geesh...

Re:Not flame : Mac OS9 100% secure not OSX

[TheNetAvenger]

I used to always ask people who insisted that the classic Mac OS was just as vulnerable as any other OS how they would get around the fact that the classic Mac OS had no command line.

That usually stopped them fast in their tracks.

They other thing that I asked anyone who was questioning the security of the classic Mac OS was to name one instance -- just one -- where a classic Mac OS machine had been cracked.

First off, there was a debug level command line, just because you may not have been bright enough to pop it open, does not mean it was not there. Additionally, what does a command line have to do with security? Telneting into supercomputers was VERY secure even in the 80s, which is a COMMAND LINE interface.

Secondly, there are MANY instances where Classic Macs were hacked into or compromised. Since the majority of the Mac life there was not an 'internet' that it could be hacked into from the outside world does not mean that local systems, and systems on LANs and even via AppleTalk were not compromised.

I worked for a technical consulting company that was a major provider for the 'graphic design' industry in the late 80s, early 90s. All too often people had their work lost or maliciously destroyed because of the inherent lack of ANY security at the console or LAN level on Macs.

Even Windows for Workgroups 3.1 had more security for local and LAN access, and it was also completely insecure as an OS. Just like the Mac System software, it was NEVER designed to be in a major networked system.

However products like NT, Solaris, Novell, many *nixs, and other major OSes during this same time period were built around a 'security model'.

I feel sorry for people that get caught in the 'old way' is the best, line of thinking.

Re:Not flame : Mac OS9 100% secure not OSX

[TheNetAvenger]

PS. I forgot to add http://www.securemac.com

- You will find the numerous Appletalk and other various TCP/IP based flaws/insecurites in System 9, 8, and even OSX that you seek and somehow haven't found and don't believe exist.

Cheers...

Re:Not flame : Mac OS9 100% secure not OSX

Hyperbole ? I'm not the one regurgitating a spec sheet. As for regressing to outdated technology, I made no such statement. My Question was: can you cite ** just 1 instance where the Mac Pre X/Webstar combo WAS hacked ** (other than the instance above..) What I'm asking for is evidence that flaws have been demonstrably exploited - as is the case with ALL other systems. If you can't provide such an example then I recommend you re-evaluate your waffle. The global Internet community has failed to provide such an example (except the above) - I doubt you're going to be the exception. Your own hyperbole is transparent to say the least.

Re:Not flame : Mac OS9 100% secure not OSX

[TheNetAvenger]

First off, even though you try to use it, you obviously have no idea what a hyperbole is. So run off to your dictionary...

Secondly, just go to www.securemac.com - there are MANY examples of insecurities in Mac OS 9, including many that are yet unfixed.

If you want an instance of someone using one of these exploits to hack a Mac OS9 System I suggest that you keep pissing people off on Shashdot with your ignorant (100% secure statements), and you will probably get a wave of them.

Securemac.com shows several vulnerabilities and insecurities in Mac OS 9, and that is all the proof a serious IT administrator should need.

Re:How secure can it be if it's PROPRIETARY?

Welcome to 1986, fucknut. Ever heard of NeXT?

Nice review . . .

[code+shady]

I've been thinking of picking up this book, specifically because it is geared towards Mac OS X, although i am not overall very fond of the maximum security series.

Anyone else looking for some good OS X secuity books shoudl chech out the latest edition of Practical Unix and Internet Security published by O'Reilly. I have the second edition, and its a great book, and the third edition specifically mentions OS X and solaris, in addition to the standard *BSD unix and Linux information.

news flash

[asv108]

Linux is the fastest growing SERVER os, so web browser statistics are useless and especially dependent on the counter code, which is usually flawed. My website counter misreads mozilla and linux.

while linux has had over 400 discovered exploits.

The Linux kernel or software running on Linux? In case you didn't know there is a big difference. I love how every apache, wuftpd, bind, etc... vulnerability gets categorized as a "Linux exploit.." This reply is simply pure fud..

Re:The only secure Apple system

[antadam]

Actually, the U.S. army when they moved their web server stuff to mac os, it was during the time of running classic, not os x and they chose to run it b/c it did not offer a command line so they felt it was more secure...you're gov't at work...stupid people should not be in charge.

Re:How secure can it be if it's PROPRIETARY?

Looking under the hood, it gets worse. While all other *nixes use standard ELF binaries, Darwin (Apple's name for their proprietary "Unix" kernel) does not. It uses Mach-O, an unproven format that is proprietary to Apple.

You use that word a lot. I do not think it means what you think it means.

Proprietary does not mean less common.

Re:How secure can it be if it's PROPRIETARY?

[code+shady]

[shadyserver: ~] shady% apropos netinfo

netinfo(3) - library routines for NetInfo calls
netinfod(8) - NetInfo daemon
nibindd(8) - NetInfo binder
nicl(1) - NetInfo command line utility
nidomain(8) - NetInfo domain utility
nidump(8) - extract text or flat-file-format data from NetInfo
nifind(1) - find a directory in the NetInfo hierarchy
nigrep(1) - search for a regular expression in the NetInfo hierarchy
niload(8) - load text or flat-file-format data into NetInfo
nireport(1) - print tables from the NetInfo hierarchy
niutil(1) - NetInfo utility

NetInfo is not really analogous to the windows registry. if you want to compare it to something in the windows world, a better comparison would be active directory.

NetInfo is basically a directory services manager, and is used for managing users, groups, machines, etc etc. It had read/write ability with LDAP v3, and read only ability for LDAP v2. It can also read its configuration from the standard bsd flat files, using the niload utility. You can even dump your netinfo configuration for printers, users, hosts and such to a standard bsd flat file using the nidump util.

But the best part of NetInfo is that it can integrate almsot seamlessly with an active directory domain, and get all its users and policy from your windows active directory server. once you get beyond the "its proprietary/i-dont-understand-it/im-scared-of-chan ge" line of thought, NetInfo is a very powerful tool.
For more refence, the great book "Mac OS X for Unix Geeks" has a whole chapter devoted to netinfo, what it is, and how it works. The Mac Dev center also recently published two articles on netinfo, and integrating it with Active Directory. Part 1 and Part 2

Re:Security is a Myth.

Flamebait! I call your moderation ability into question, good sir! So what if an improper homonym was used?

Re:Windows? Security? What an oxymoron! (5core : 5

LMAO! Bravo!

Re:How secure can it be if it's PROPRIETARY?

[jpkunst]

I especially hate the poorly documented NetInfo

I don't know how good it actually is (never studied it) but maybe Understanding and Using NetInfo (warning: PDF link) is useful?

JP

Re:How secure can it be if it's PROPRIETARY?

[twocoasttb]

Ignore this trolling moron; he posted the same idiotic diatribe in another topic a couple of weeks ago (see this if you must).

Re:Use OS9 for secure server NOT OSX! Its 100% sec

[sqlrob]

2> No Root user. All mac developers know their code is always running at root. Not hing is higher (except undocumented microkernel stufff where you pass Gary Davidians birthday into certain registers and make a special call). By always being root there is no false sense of security, and programming is done carefully.

And all 98 developers know their code runs as root. Has that helped?

why?

[Iowaguy]

Ok, I'll ask it. I am not an IT guy. I have no idea why the above post is flaimbait? Is it untrue, it seems to check out with my memory of events. Is it because any non-nix is not allowed to have a good feature on slashdot? Just curious.

-Iowa

Re:why?

because it's a bunch of halftruths and it's vague.

Re:why?

[turvalon]

Vague? did you even read it?

Re:why?

[dr.badass]

It's flamebait because it's meant to be flamebait, not necessarily because it's untrue.

It's an old troll that I think even predates Mac OS X. The AC that posted it probably just pasted it in from his collection of trolls and added a few lines to make it a better fit. Take out the few lines that explicitly refer to Mac OS X and you've still got most of the post. Try the NetCraft link and you'll see that www.army.mil runs Mac OS X.

Also, lines like this : --- too bad the linux community is so stubborn that they refuse to understand that the Mac has always been the most secure OS for servers. are 100% flamebait.

Re:How secure can it be if it's PROPRIETARY?

[NaugaHunter]

I think their business is being hurt a lot by being built around the need to sell their proprietary hardware.

So, their business of selling hardware is being hurt by their need to sell hardware? No wonder they're always beleaguered.

And since mid-march, it runs OSX

[Ayanami+Rei]

They must have bought the book!!! :-)

Re:Security is a Myth.

[bill_mcgonigle]

There was an AppleScript worm. I suppose you could call it 'the applescript worm'. Of course, it required a Microsoft mailer to propogate.

Re:The only secure Apple system

[piggy]

According to Netcraft, the Army is currently using WebSTAR on OS X to serve www.army.mil. You are right that they did use Classic at one point, but they switched to Windows, and then switched back to Mac OS X.

Russell

Re:Market share

[90XDoubleSide]

That's true, bou can't downplay how much it matters to have all services off by default. Half of the Microsoft disasters could have been averted that way (obviously they would still affect the fraction of users who needed the service, but there would be no 'net-wide catastrophe), and Mac OS X now has a big enough market share that it couldn't get by just by being small. Plenty of worms have been very successful focusing on programs that have relatively few copies installed, but they have only been able to do so when they were services on by default in at least, say, a few respectably popular Linux distros. The area where market share does make a difference is in the fact that Mac OS X is not Windows, not Linux, and not x86, which is enough to baffle 90% of script kiddies. While most people realize the security advantage of being on non-x86 hardware, running on something other than Windows or Linux is also a very good deterrent: if you look at SANS's intruder rating scale, running BSD or OS X would put an attacker at 4/5 or 5/5 in the OS category.

Re:Security is a Myth.

[repetty]

"It's not that Macs are immune to attack, it's just that there are far less people writing exploits to attack Mac systems."

I sure wish I had a better memory... Last spring, a study was published on this exact claim.

Turns out that even when volume weighting adjustments are considered, Macs ARE more secure than Windows (as was Unix/Linux).

It's time to put this myth to bed.

--Richard

Helpful book idea

[tinypillar]

I'm not going to get into all the 'what is secure and what is not secure' back and forth posted earlier. The reason I think the idea of a MacOS X security book is a good idea, is mostly due to the number of OS 9 users that are upgrading to X. Some of these users have never used a unix environment, and have never really needed to know anything about securing their computers (with 9). At least with a title like this on the shelf, it will bring to their attention that hey, even though you use a Mac, you still need to be aware of how to secure it. Anything to help educate others on security, I can only see as a good thing.

Re:How secure can it be if it's PROPRIETARY?

[geggibus]

Don't forget:

[Luna: ~] pho% man lookupd
--cut--

LOOKUP STRATEGY
Internally, lookupd uses a set of software ``agents'' to get information.
There are agents for NetInfo, NIS, DNS, the files in /etc (also known as
the ``Flat Files'' ), an LDAP agent, and an agent which manages the
internal cache. There is also a special agent (the NILAgent) which
returns negative entries.

When lookupd searches for information about an item, it queries agents in
a specific order until the item is found or until all sources of informa-
tion have been consulted without finding the desired item. By default,
lookupd first queries its cache agent, and then NetInfo. If the item is
a host or network, lookupd will query the cache, then the DNS agent, and
NetInfo last. In some cases, lookupd creates lists of all the informa-
tion available about some sort of entity. For example, all printers or
all NFS mounts. In these cases lookupd queries each agent in turn and
concatenates all retrieved information into a single list.

The lookup order is configurable. For example, you might specify that
lookupd queries its internal cache, then NetInfo, then the Flat Files,
then NIS. You may also change the lookup order for a particular category
of item. The known categories are users, groups, hosts, networks, ser-
vices, protocols, rpcs, mounts, printers, bootparams, bootp, aliases, and
netgroups. You can set the lookup order (and other configuration
options) for all categories, and override them for individual categories.
Details on configuring lookupd are found in the CONFIGURATION section
below.

--cut--

So, to get rid of netinfo, just nidump and configure lookupd correctly.

Proven wrong by Good ole Google

Incorrect

This HAS been done before one time in particular that I am aware of, Mac Hack contest server was infact defaced by using an exploit in Lasso (an extension to FileMaker Pro server...)

Lemme dig up on it...

http://www.tbtf.com/archive/1997-08-18.html
bin go...Takes out the flyswatter *THAWCK*

(* and this is from an Apple supporter btw...Don't make outlandish claims...*)

Re:Proven wrong by Good ole Google

[MsGeek]

Yes, but that was not plain-vanilla WebStar on MacOS Classic...that was WebStar+Lasso+FileMaker Pro. If the target site were just serving static pages off of WebStar you wouldn't have a prayer of getting in and 0wnz0ring it. With WebStar or Apache on OS X, maybe you'd have a chance. But not WebStar on MacOS 9 or below.

BTW, here's a clickable link: http://www.tbtf.com/archive/1997-08-18.html. Thank me.

Re:How secure can it be if it's PROPRIETARY?

Why oh why do people troll?

Because they're haters and don't really know any better, or maybe looking to pick a fight.

Mods on crack alert...

WTF? This is 100% correct. Just because it shows that your precious MacOS X has vulnerabilities like any other xNIX which do not exist on pre-X MacOS? Christ...methinks thou doth protest too much. Windows has both OSes beat on sheer numbers of exploits. Compared to what most people run, someone running MacOS X (or Linux or *BSD, for that matter) is in great shape.

Re:Mods on crack alert...

WTF? This is 100% correct.

Except for the part where you (I mean he) says that www.army.mil runs WebStar on MacOS 9. Stick to linking to goatse, fvcktard.

It would be nice if...

[wfolta]

you'd specify the MacOS version, etc.

I've never seen a slow copy such as you're describing. (In earlier versions, I did see weird issues with copying thousands of files at once, though.)

Within my reach are 4 MacOS X machines, two mine and two my co-workers, and they're easier to use and more stable than the XP machines around here. Your mileage obviously varies.

Re:How secure can it be if it's PROPRIETARY?

[Graff]

Many Unix geeks, particularly on Slashdot, have praised Apple's decision to base Mac OS X off of the enterprise-ready BSD codebase.

Blah blah blah...

This is a cut-and-paste troll that has been answered dozens of times on Slashdot. Basically it boils down to a lot of FUD. Apple's X11 server is pretty much the same as all the X11 servers people use on other platforms. Apple's Mach-O format binaries are open, tested standards that several other operating systems use. MacOS X is extremely compatible with many of the open source standards out there and Apple contributes heavily to the open source movement. The DRM that Apple uses for the iTunes Music Store is by far one of the lightest DRMs possible and is hardly even noticeable, how many other DRMs let you burn as many normal, un-watermarked CDs of the music as you want?

So continue your cut-and-paste trolling, we all see that you can't even come up with original FUD about Apple because it is all blatantly ridiculous.

$4.50 CHEAPER

Amazon has it for $4.50 cheaper than bn!!

Re: Mac 6.6 times more common than linux

[WNight]

Actually, I spoof OS as well as browser. I always browse as IE6 on WinXP these days. I use this when I'm surfing in Linux with Mozilla, or Win2000 with Mozilla.

If I don't, I get browser identification code that tries to be helpful and never is. These days, pretty much the only thing that Moz won't do is run ActiveX controls, so very few sites need to actually do anything based on my browser. If I let them identify me they'll tell me to install IE, if I lie, the page works perfectly.

Creating an Encrypted Disk Image no MacOS X

[mh_cryptonomicon]

Readers interested in MacOS X security may want to check out this recent article at Cryptonomicon.Net: Creating an Encrypted Disk Image no MacOS X.

Re:How secure can it be if it's PROPRIETARY?

[macmastery]

Your points seem to be:
1. Aqua is proprietary and Apple's X11 is slow.
2. ELF is standard and mach-O is not
3. Netinfo holds most OS X configuration info and is non-standard.
4. Apple deliberately breaks compatibility

1. No Apple's X11 is hardware accelerated on the graphics cards Apple ships.
2. As others have pointed out, mach-O is an executable format from NeXT. Since Mac OS X runs the Mach kernel, perhaps this is a better choice. Mac OS X also supports the CFM (Code Fragment Manager) format used by legacy Mac OS X apps. There is also a PEF format, but I'm a little vague on whether that runs on OS X or not.
3. NetInfo is used for user records and some configuration information, but most is stored in plain old text files. They may not all be the standard UNIX files.
4. Apple tries very hard to be compatible, except where compatibility breaks standards-compliance. In Mail and Safari, for example, do you render broken MIME and HTML just because "It looks right on windows" despite being non-compliant? Apple keeps adding support for filename extensions, SMB file and print sharing, CUPS, IPSec, IPv6 and much, much more.

Perhaps if you post specific, relevant details instead of meandering rants, you'll give someone something they can investigate or disprove. Being vague helps nothing.

Apple Remote Desktop is not secure

[SimonDorfman.com]

Apple Remote Desktop uses UDP which can't be tunneled thru SSH. I understand Timbuktu can be tunneled thru SSH (it uses TCP), and I know for certain VNC can be tunneled thru SSH (that's what I have set up on my home OSX server now).

Re:How secure can it be if it's PROPRIETARY?

[XnetZERO]

Netinfo is going away. Everything points to OpenLDAP replacing it.

Re:How secure can it be if it's PROPRIETARY?

[steeviant]

Sure, this guy is a troll. But these are legitimate criticisms, with at least a grain of truth to them anyway.

A grain of truth perhaps, but no more.

Firstly, quartz is a low level graphic driver, it creates no more problems for running X than NVidea's closed source X driver for Linux, and even sits in the same place between the user and the OS, nor does it create any more moral dilemmas.

As for the binary format, Mach-O is not a proprietary binary format that is exclusive to Apple, but to the old variant of Mach that NeXT chose to base NeXTSTEP on. It was not deliberately made to break BSD compatibility, as the BSD Unix variant that was used in conjunction with the Mach microkernel as the basis of NeXTSTEP certainly did not support ELF binaries.

It's ridiculous to claim that "Apple has moved most configuration info into a proprietary database called netinfo" For starters, Netinfo is not a configuration repository like the Windows registry, but a distributed database which allows centralised management of the resources contained in it. In addition the entire source code to netinfo is available from Apple.

Most configuration files - such as those for applications, are contained in XML configuration files, something which other operating systems would do well to learn from.

Nothing is perfect, but I'd prefer people criticizing OS X and Apple to be able to cite facts rather than FUD.

Why is the terminal not able to send PgUp and PgDn? why can dock items not have static labels? why are we not able to control the appearance of the OS beyond skins? why does the OS not support DPI scaling throughout despite being fully based on scalable graphics? why does it still crash if unceremoniously disconnected from SMB shares? Why not license the OpenStep environment for other platforms?

The only legitimate concern raised by the author of the original parent comment in my opinion is that so much of the OS is still closed source, and I'm loathe to complain about that fact because Apple still lead all other commercial Unix vendors in the openness of their base OS.

Re:Use OS9 for secure server NOT OSX! Its 100% sec

[dr.badass]

http://uptime.netcraft.com/up/graph?site=www.army. mil ...is just one of many large SECURE classic MacOS distributed servers.

Except for the fact that it's not :
The site www.army.mil is running 4D_WebSTAR_S/5.3.0 (MacOS X) on MacOSX.

Secure Programming HOWTO

[dwheeler]

The book reviewed here is about how to SECURE a Mac OS X system given pre-canned applications. However, for information on how to write secure applications, you'll want more information. Please take a look at the Secure Programming for Linux and Unix HOWTO. It's free to download and redistribute (GFDL), and has lots of information on how to avoid common mistakes.

Re:How secure can it be if it's PROPRIETARY?

[BlackBolt]

Excellent and informative post. Damn, I love people who think! (and *no*, that's not an invitation of any kind)

Re:Use OS9 for secure server NOT OSX! Its 100% sec

"OSX has had at least over 35 or so documented exploits"

utter nonsense. Not unless you count Sendmail vulnerabilities--not the os.

MacOS 9 is no longer supported by Apple so is no longer a viable choice.

"It is a concrete fact that that no MacOS based webserver has ever been hacked into in the history of the internet."

Wrong
in one of the hack a mac contest a mac was compromised using a vulnerability in WebStar

"No Root user" disengenuous...classic mac is a single user system....the user is by definition root.

meaningless blather about resource forks...dosn't add or delete from security posture.

No source code...so what? No one can get the source code to Windows either, and there is a new exploit found everyday. You don't need source code to reverse engineer an operating system and find vulnerabilities

This guy dosn't know what he's talking about.

First of all if I have physical access to ANY box I own the box, even if its a classic mac.

Re:Use OS9 for secure server NOT OSX! Its 100% sec

you are full of crap.

1> Apple ships OS 9.2.2 on ALL of its g4 towers PERIOD and has for several months. Check apples website store or any compusa.

2> Apple os 9.2.2 is far different thatn the first 9.2.2 from a year ago. apple stopped incrementing the NUMBER just as microsfot stopped incrementing NT4, but keeps changing all the modules. Apple has changed hundreds of thousands of lines of code in the 9.2.2 deliverables between last summer and this early summer.

3>Steve jobs admitted on stage that on january 1 2003 there were only 500,000 osx daily users and 14 million os9 users. That was THIS YEAR. it was in his keynote wwdc speech and in the slide.

4> webstar has never had an exploit. you are thinking of lasso or some ancient 6 or 7 year old 3rd party thing

5> meaningless blather? resource forks are MANDATPRY to launch any code on a mac. it is security because web tools cannot normally create resource forks. learn to program. better yet, learn to hack.

6> lack of source is listed far at the end. and it is a well known fact that source AIDS in hacking you fool. Learn to program.

7> no root user is a key concept for security.

hack a mac never found a mac os exploit or a webstar exploit. thats why the army used mac os9 for years.

you are a liar and a fool. that post is 100% factual in all counts.

secure mac does not cite ANY default EXPLOITS

secure mac does not cite ANY default EXPLOITS in os9 you are full of crap netavenger. it lists lots of defects in applications adn lists defects in non-standard stuff but mainly lists numerous of OS X exploits.

not one os9

do not confuse ability to use a mac to boradcast or relay DoS packets as an exploit.

we are talking about REMOTE exploits, roots, defacements, etc of a mac webserver.

it has never been done and that is why SecurityFocus massive database of explotis lists NO exploits in the MacOS nor in webstar.

you are an ignorant fool.

scan BugTraq yourself.

or cite the urls to validated remote os9 exploits.

you know nothing. or better yet.. CITE ONE EXAMPLE of a mac webserver ever being defaced or rooted or exploited remotely.

and appletalk protocol is OFF on most mac webservers by the way. usually it has file sharing off (default), and tcpip on.

HA! the mac is 100% secure and the www consortium agreed!

thats why the army got fed up. they tried MS again in the fall on a test server and were instantly hacked with an 'unknown" exploit that surfaced a week later.

Ha!

Re:secure mac does not cite ANY default EXPLOITS

[TheNetAvenger]

it lists lots of defects in applications adn lists defects in non-standard

This is the definition of an exploit... If the OS is INCAPABLE of protecting itself from programs creating security invulnerabilities, it is the OS that is failing, not the software.

This is why the Windows9x series of OSes are so badly perceived, because even though their core code is quite stable, it has NO inherent security or mechanisms to protect itself from the software that runs on it. Developers could write software that broke other applications, mess with the system itself, and open exploits in the OS for failure. Just like your Mac OS9 software is incapable of protecting itself as well.

Additionally, the 'extras' and 'apps' you dismiss are very MUCH a part of what is the NORMAL usage in a 'Server' environment for Mac OS9.

Where are the MacOS 9 security ratings? There are none. It isn't even capable of a simple C2 level certification because of its inherent lack of login and system file security.

As for the ARMY getting fed up and moving to OS9, you have no idea what you are talking about. Most of the military that are using Mac Servers have already moved to OSX with plans for all Mac Servers to be replaced by other companies technologies or moved to OSX. Apple itself is working with the military in the transition to OSX, and they are PUSHING THEM AWAY from OS9 for SECURITY REASONS.

I am also not going to debate that OSX is the most secure Server OS either. Apple has a maturity period to catch up with many of the other *nix and OSes that have been doing security work for many years. Just keeping 'services' turned off by default and keeping 'ports' closed by default does not mean or make the OS secure. If it was secure, it could leave these services ON with security in place and not have to worry about these services failing. Period.

I am tired of this debate. I am an OS architectural engineer, and do not have time to educate kiddies about OSes.

Stick with your Mac OS9, I am happy that is your choice; however, I do feel sorry that your do not realize that there are 'better' solutions for OSes, especially servers.

If there weren't, Apple themselves would not have completely re-engineered their OS and would have stayed with the Mac System 9 platform. So apparently you think you know better than Apple themselves and the people that wrote Mac OS9. I suggest you write a letter to Jobs and ask him to resign and appoint you leader of the Mac future because of your 'vast' OS architectural understanding.

Re:Use OS9 for secure server NOT OSX! Its 100% sec

[randito]

one place where I used to work had their OS 9 network go down overnight because a book fell off a shelf above the server and was holding the mouse button down!

Re:How secure can it be if it's PROPRIETARY?

Well, if you look at it the other way, Microsoft has a vested interested in selling the most flawed system software they can so we'll have to buy the next version where they fix just enough minor things to keep us from torching Bill's house.