Slashdot Mirror
How Encrypted Binaries Work In Mac OS X
An anonymous reader writes "By now we know that OS X uses encrypted binaries for some critical apps like Dock, Finder and LoginWindow. Amit Singh explains the implementation of this protection scheme which makes use of the AES crypto algorithm and a special memory pager in Mach. The so called Do Not Steal Mac OS X (DSMOS) kernel extension helps along the way by decrypting things for the special pager when apps get executed. A funny thing is that if you print the pointer at address 0xFFFF1600 in your own app you get as output Apple's karma poem for crackers! According to the article there are 8 protected binaries in OSX including Rosetta and Spotlight meta data demon. Interestingly Apple's window server is NOT one of those."
This is not the first "Do not steal Mac OS" they've done, although the first version never really got tested in action.
n tosh&story=Stolen_From_Apple.txt&sortOrder=Sort%20 by%20Date&detail=medium&search=stolen
:D
http://www.folklore.org/StoryView.py?project=Maci
History repeating!
"Good news, everyone!"
WM's are huge apps and decrypting one before every startup would add a lot of work that has to be done at boot. According to the article, "the SystemUIServer binary within SystemUIServer.app", is encrypted and that is presumably a larege component of the WM. Also, it's virtually useless without the the dock and finder anyway.
It doesn't really matter what they protect, they are simply trying to make copying OS X wholesale more cumbersome. Functionally, there is nothing in OS X that would be worth disassembling for anybody: there are already open source implementations of Spotlight, Finder, SystemUIServer, Doc, and all the other stuff, and arguably, the open source versions are technically better. The thing that makes Macs shine and sell is the packaging and integration, not the technology.
Actually they're up to about 6% marketshare in the USA, and I think about 8% in the EU. And as for relevance, Apple, like Google are figureheads. When Apple do something, the rest of the market take notice. Like Widgets in OS X 10.4.....after Apple released this, Microsoft weighed in with 'Gadgets' (Yes, I know widgets come from Konfabulator, but Apple made them famous, and after Apple did so, Yahoo! bought Konfabulator, something that wouldn't have happened without Apple copying it in Tiger). So what Apple do is important because you tend to find 6 months after Apple do something, everyone else does too. I wouldn't be at all surprised if Microsoft use the encrypted binary idea in Vista SP1 or whatever comes after Vista (too late to put in Vista). I also wouldn't be at all surprised if Microsoft totally screw it up.
The truth shall always be free: Boris Floricic is Tron.
By now we know that OS X uses encrypted binaries for some critical apps like Dock, Finder and LoginWindow.
Actually, I *didn't* know that. I'm not going to "steal" the OS, why is Apple hiding parts of it from me? What else is hiding in there?
Apple seems to be very slowly turning evil again. *sigh*
I think a patent was just filed for this kind of technology.
"Hi, I'm a PC."
"And I'm a Mac. My insides are all scrambled up. It protects me from dangerous crackers."
"All scrambled up?"
"Yep, that's right, my most important parts are very heavily scrambled."
"Does it hurt when you poop?"
"like you wouldn't believe"
ôó
The so called Do Not Steal Mac OS X (DSMOS) kernel extension...
DSMOS - Do Steal Mac OS?
Basilisk Digital
Actually, it's copy protection written into the firmware. By locking down the hardware side, and making their software incompatible with anything else, they've DRM'd the software while making you feel fresh all day. But we all know what that smell is covering up.
Is it just my observation, or are there way too many stupid people in the world?
Everyone, including Apple, knows that no copy/license protection system is foolproof. The best you can ask for is something that's difficult enough to break that it effectively deters the mainstream "casual pirate" - remember, even bank vaults are rated on how long it would take a skilled safecracker to open the lock, and never guaranteed to be impenetrable.
If you think imaginary property and real property are the same, when does your house become public domain?
Microsoft would love to do the same thing,
and would I guess that they are planning to, but letting Apple pull it first, as Apple can get away with it.
Microsoft: "Apple used DRM music first, so locking everyone into our music player with DRM/Encrypted-Music is no worse".
Microsoft: "Apple used DRM binaries first, so locking everyone into our OS and Applications with DRM/Encrypted-Binaries is no worse".
I'm running 10.2.8 - quite old. Printing 0xFFFF1600 as a string with printf causes a seg. fault on my box.
well that's one hell of an Easter egg!
Thank-you. Maybe I should expand on the question as: "This is a curious little piece of technology, and something similar could no-doubt be hacked into Linux or BSD with an a few hours' coding, but I doubt ordinary users of said OSs would use or tolerate such a thing. So, other than discouraging reverse-engineering and attempts to run OS X on non-Apple hardware, precisely how does this benefit those who will use the system? And does this really merit a Slashdot story?"
The thing is, Apple's implementation of Widgets is very well done. 10.5 is going to improve it with better memory management and the easy creation of widgets from any section of a webpage. The MS sidebar is a clunky and cumbersome implementation, probably because MS can't design a really good user interface to save their lives.
"Critical real estate on the menu bar"? Exactly how big is your Spotlight icon? Mine is less than half the size of my little fingernail on my 12" iBook, as big across as the menu bar is thick. I hardly call that "critical" but if that's your opinion, then so be it.
Government's idea of a balanced budget: take money from the right pocket to balance...oh who am I kidding?
Where do you think iPods come from?
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 is the magic number.
So you want to RE a proprietary solution specifically to sell it in a region which is known for its "loose" ethics toward piracy?
I'm not interested in re-selling the proprietary solution. I'm interested in selling detailed information about the proprietary solution.
Reverse engineering makes security holes more obvious (does it not? Otherwise, how do hackers find security holes?). This is of obvious interest to "industrial" crackers -- the ones who harness large botnets and sell them to the highest bidder. It's a multi-million dollar business.
Toronto-area transit rider? Rate your ride.
The fundamental purpose of Copyright law is to allow a creator to control how their works are disseminated. Obviously, Apple wants you to buy their hardware if you want to run their software, and they're perfectly within their rights to do so.
Say Chevy offers Radiohead $1 Million to use one of their recordings in a stupid truck ad, and Radiohead refuses. By your logic, Chevy should then have the right to use the recording anyway, because since Radiohead refused to sell them the song they're not losing any money.
You may think it's right, but hundreds of years of copyright law would disagree.
ENDUT! HOCH HECH!
Oh, I should also add that they are within the law, not "within their rights," as nobody possesses the innate right to prevent other people from copying ideas. Rather, copyright is an artificial (i.e. government-imposed) force to impinge on the rights of its citizenry in the interest of promoting something--here, software development.
--
Given enough personal experience, all stereotypes are shallow.
Er, no.. the fundamental purpose of copyright law is to enrich the public domain by providing an incentive to authors to create new works, which will eventually make their way into the public domain, where anyone--yes, even Chevrolet--can use them as they wish. Granting control over distribution can be part of that incentive, but it doesn't need to be; the fundamental purpose would be served just fine if Radiohead were legally required to sell the right to use their song in a truck ad, because $1 million is still a pretty big incentive.
Our legislators may have lost track of that fundamental purpose, but that doesn't mean we should forget it too.
Visual IRC: Fast. Powerful. Free.
The point is that if you are an Apple hardware buyer, then you'll never have to deal with false positives disabling your system, unlike WGA.
And if you are not an Apple hardware buyer, then they don't want you as a potential customer anyway.
A sentence you'll never see on an Internet discussion board: "You know what? You're right."
"Critical real estate on the menu bar"? Exactly how big is your Spotlight icon? Mine is less than half the size of my little fingernail on my 12" iBook, as big across as the menu bar is thick. I hardly call that "critical" but if that's your opinion, then so be it.
Maybe he's talking about placement. Corners are considered critical because the user can flick the mouse to them without having to get angle or distance right. Although, you can also set your mac to use these "critical" corners for expose, like I do. Then you always end up accidentally activating things when you try to click on corner icons. Doh!
OSX is denying the user one of the fundamental Freedoms. Although it is not the worst offender (*cough microsoft cough*) it is moving in the same direction as Vista. The user is not fully in control of the computer system. There are parts of the computer system about which the user is not permitted to know.
The US Treasury would disagree with you: http://www.ustreas.gov/education/faq/currency/lega l-tender.shtml#q1. Then again, what do they know?
"How is this stealing? I mean, if I'm willing to accept the somewhat unsound argument that if person X aquires a copy of a program from person Y instead of person Z (the owner of the program), then person Z is missing out on revenue from person X, and I'm willing to call that "stealing", even if that is all true, that isn't what is happening here. Person X can't by a copy of the program from person Z that will run on his PC. Person Z is refusing to sell it to him, so how is person Z losing out?'
Simple. When someone owns something and won't sell it to you, you don't have any right (legal OR moral) to take it from them without permission. Yes, even if you're just taking a copy.
"Brown University? We have one of those in Providence!" -- Outside Providence
Say I'm a black man. I go into a store to buy some bread to feed my family. The shop keep says "that bread aint for sale". I say I have a moral right to take it. Irrefutable.
Nice strawman. Because we all know, any attempt to control my property is equivalent to trying to starve a poor black family.
Your razor blade argument is equally crap. Those blades belong to the store owner. I don't care what you thought, you have no moral or legal right to steal more blades or to force him to give them to you. End of story. Irrefutable.
If you don't like it, shop somewhere else.
Clear, Dark Skies
The Spotlight menu bar item is infinitely large, as it occupies the top right corner (Fitt's Law).
The grandparent poster is aware of this, and would apparently like to populate it with something that they would utilize more than spotlight. Frankly, I agree, as I tend to key command to spotlight anyhow, then always bring up the window because I want to see the file path, not open the file.
Now, so that you understand why it is infinitely large:
Close your eyes. Move your mouse to the top and right. Give it enough movement to reach it and click. Open your eyes. You will have the spotlight menu open. (Unless you are not in Tiger, then you will have whatever is in the top-right corner)
Repeat this exercise, choosing different starting positions and different lengths of movement. Notice that you always end up on top of the Spotlight menu. (Unless you under-hit it, which is irrelevant because you don't have a penalty if you over shoot it.)
This is the reason the Mac menu bars are at the top- You only have to aim on the x axis, not the y. It is also why contextual menus are handy (you don't have to aim to get to where your cursor is _right now_).
They nicked it from Xerox.
Correction: Apple LICENSED technology from Xerox, and develeoped the GUI far beyond what Xerox had done.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
So why don't you have to jump through hoops to install OS X? It has no annoying activation or some Apple Genuine Advantage (tm) daemon or anything. All they really do is request you don't illegally redistribute it instead of assuming that you're going to redistribute it and stopping you at any cost.
'Yes, firefox is indeed greater than women. Can women block pops up for you? No. Can Firefox show you naked women? Yes.'
GUIs were around in academia long before Xerox. Xerox, not knowing what to do with all this stuff coming from the lab, invested in Apple and let them wander through. None of that made it into the myth, kinda anti-climatic.
Is there anything better than clicking through Microsoft ads on Slashdot?
OSX is denying the user one of the fundamental Freedoms.
Uh, it might be a "fundamental Freedom" if you had a "fundamental Right" of some sort to do as you wish with other people's IP. Unfortunately, you don't. A significant number of people make a good living for themselves and their families working for companies that, while being very understanding and supportive of the free software movement in its proper place, gain competitive advantage over their peers by employing the best intellectual talent to solve problems with technological solutions that if copied would eliminate any sort of advantage that company may have in solving a certain problem.
"Nature doesn't care how smart you are. You can still be wrong." - Richard Feynman
The right of a vendor to refuse sale to any person, excepting a few prescribed categories (e.g. racial discrimination) has been long established. (The Great Atlantic and Pacific Tea Co. vs Cream of Wheat Co., U.S.C.C.A. 2nd Ct., 1915 being the earliest I could find.) If you are quoted a fare to get on a bus, or for any other good or service, and you attempt to pay for it with some large bill, the vendor is not obligated to provide change. They could at that point inform you that they didn't have change, and wouldn't be required to give you the service or good for free -- that would be ridiculous. It amounts to legitimizing a theft of services, or requiring everyone to carry around change sufficient to break the largest available denomination of legal tender (in the U.S., several thousands of dollars); if it was true, everyone would be walking around with thousand-dollar bills. That you have been able to get away with it on public buses may be indicative of an internal policy of the bus company or their desire not to create a problem, but I do not see how they are legally obligated to let you ride.
If I go into a penny-candy store and ask to buy 5 cents worth of something, and try to pay with a $20, and the seller doesn't have 19.95 in change, I can't just demand the candy for free. In order to create the oral contract, both parties need to agree to the other party's offer. If my offer is "this candy for five cents," and your offer is "I've got a twenty and I want change," we haven't come to an agreement yet. Both parties make an offer, and then there is consideration, and then there might -- or might not -- be agreement. Only after both parties agree to the terms is there an oral contract of sale created. Just saying 'five cents' doesn't carry with it an implied promise of change from some arbitrarily large denomination of currency that you might want to use, and which could require the vendor to do any number of potentially time-consuming activities (close the store, go to the bank, get change, etc.).
It's not even clear that businesses are required in all U.S. states to accept cash as payment. There is at least one business I know of that absolutely refuses cash, and made it into the national press as a result. A lot of people questioned whether this was legal, and they were in the clear. (It was the cafe "Snap" in the Georgetown neighborhood of Washington, DC. Story here.) And this doesn't even get into the countless thousands of fast-food joints and gas stations which flatly refuse to accept large-denomination bills (usually $100s or larger, although some refuse $50s as well); I haven't heard of any problems with any of them.
If you're claiming that this widespread practice is illegal, then I think the onus is on you to come up with some factual evidence as to why it is.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
I'm getting pretty fed up with Apple's hardware. I don't like it. I don't like my Macbook Pro much at all, and if there was a legal way to run OS X on a Thinkpad I'd jump to it. Well, after dealing with bank account issues.
How about buying a Thinkpad and a Mac mini Core Duo, destroying the mini, and running that licensed copy of OS X on the Thinkpad?
Probably still illegal, but should be on firm ethical ground. Apple got their money, and I'm not running the OS on two machines.
If you purchase a physical item, do you still think of it as the seller's property after you've paid for it and taken it home?
When I purchase a car, the car is my property. Honda is not trampling on my liberties by not giving me all the CAD files and whatnot that were used to make my car.
The way I read it, portions of the app are actually encrypted with AES; which is interesting because it implies the decryption key must be part of the kernel, which implies the key is fixed.
So, I'm not sure what this actually accomplishes - I mean, it prevents you from easily disassembling binary, but how does it prevent you from running on non-Apple hardware?
Maybe the key is physically burned on some chip in the hardware?
Clear, Dark Skies
An interpreter script is a text file that traditionally begins with the #! characters followed by a path to the interpreter. Files not containing the #! line are treated as shell scripts--not by the kernel, but by the execvP stub in the C library. If the stub gets an ENOEXEC error from the kernel when such a file's execution is attempted, it reattempts execution by using "/bin/sh" as the first argument to execve() and the file as the next argument.
/bin/sh is pretty forgiving. I'm pretty sure if you told it to execute a saved email or HTML file it would happily try every line in the file looking for valid commands. It's not hard to imagine this feature being one link in the chain which enables some exploit. After all, it's relatively easily to get shell commands into a users mailbox or web cache files. Making it possible for the system to natively execute a mailbox or HTML file just seems dangerous. Maybe that's just me.
I think Linux does the same thing, although I haven't checked. Somehow, this just feels wrong to me. If it's not a valid binary, and doesn't start with #!, why not just fail? Why keep trying?
Full-quoting because it was inappropriately downmodded (and it saved me having to think enough to type essentially the same thing).
anoncow:What he said. :)
I can do this with my computer, too.
It's worth pointing out that reverse engineering and disassembling/decompiling are not the same thing. The latter might be useful for helping with the former, but the law doesn't say that anybody is required to make sure reverse engineering will be easy. It just says that that you're allowed to do it for various reasons. Nor do I think anyone has an ethical responsibility to make reverse engineering easy. In fact, if you're looking to reverse engineer something it's probably in your best interests to not disassemble any Apple binaries, since you'll want to be staying on the safe side of copyright law. This is why the Wine folks down't want anybody who has seen the source code to Windows getting involved in their project. Similarly, both AMD and Intel would probably think twice before hiring somebody who has worked on the other company's chip designs.
Probably. The problem here is that, whether we like it or not, software is sold as a licence rather than as a product. I'd personally expect EULAs to stand up in court simply because there'd be legal and financial pressure upon them to do so; at the moment, they're just "expected" to be valid.
I don't think contracts are going to leave, though. If EULAs are found to be invalid, it'll just change the way that they are distributed to something that's more legally sound, and very little else.
Underhanded? Probably. But I suppose that this is where the whole "vote with your feet" thing should (in a perfect world!) come in.
You're saying that they "would probably not have made enough money to survive" when Microsoft ended up doing the same thing and is now one of the richest companies in the world. There is money to be made in OS sales. A LOT of it. Apple can't sustain itself on OS sales as a niche player in the market, but the whole point of the discussion was saying that if there would have been Apple clones there's a very good chance they wouldn't have ended up as a niche player.
"People who think they know everything are very annoying to those of us who do."-Mark Twain