Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Adds Memory Randomization To Leopard

Posted by kdawson on from the shuffling-the-wormholes dept.

.mack notes a ZDNet blog outlining some of the security features added to OSX Leopard (10.5). Here's Apple's brief description of all 11 new security features. "Apple has announced plans to add code-scrambling diversity to Mac OS X Leopard, a move aimed at making the operating system more resilient to virus and worm attacks. The security technology, known as ASLR (address space layout randomization), randomly arranges the positions of key data areas to prevent malware authors from predicting target addresses. Another new feature coming in Leopard is Sandboxing (systrace), which limits an application's access to the system by enforcing access policies for system calls."

6 of 311 comments (clear)

  1. Re:Even Windows does this by BadAnalogyGuy · · Score: 4, Insightful

    It works like this: Everyone cheers on the guy that they like and boo the guy they don't like, but in the end they are having beers with the winner who is pretty much never the guy that they like.

    Just look at the U.S. election this year. Everyone and their brother loves Colbert because he is cool and hip and represents a stick in the eye to every other goddamned POLITICIAN out there who can't help but pander to big money and special interest groups. But come election day, it ain't OSX you're putting on your servers.

    Know what I mean?

  2. These are just bandaids by Cthefuture · · Score: 3, Insightful

    All measures like this are just bandaids and may in fact open up more holes because it adds complexity to an already complex beast.

    There is just no way to do this in software. The future is going to be implementing these types of features in well proven hardware. Things like the no-execute bit, virtualization extensions and such are steps in the right direction but eventually I think we will see some really good security measures put into hardware.

    --
    The ratio of people to cake is too big
    1. Re:These are just bandaids by suv4x4 · · Score: 3, Insightful

      All measures like this are just bandaids and may in fact open up more holes because it adds complexity to an already complex beast.

      99% of security is bandaid and "obscurity" under cover. Even cryptography with large prime numbers is just obscurity: they give you the number and if you could factor is quickly, you can break it. You just can't break it quickly yet.

      Still though, it's the nature of the beast. It's in uphill battle with the hackers. Tech gets sophisticated, hackers get sophisticated, tech gets more sophisticated... It's evolution in a way.

      There are very few security concepts which aren't "bandaids", for example privilege levels are such a security measure, and still, most apps that take advantage of this have a bunch of "bandaids" in them to avoid privilege escalation situations.

      ASLR is a practical approach to easily calling known adresses after buffer overflow exploit. If all apps in existence made proper use of the no-execute bit and made sure not to overrun buffers in the first place, ASLR could've been useless.

      OS designers though meet a world with imperfect apps, and their task is to improve security in this *existing* situation. They do good.

  3. Re:Woo! by suv4x4 · · Score: 4, Insightful

    Apple is finally catching up with BSD, Linux and Vista!

    Hehe, you were modded +5 Funny, but if it was the other way around:

    "Vista is finally catching up with BSD, Linux and OSX!"

    You would be modded +5 Insightful... Where are the scores of Microsoft fanboys bashing Apple, damn it!

  4. Re:Why? by tiocsti · · Score: 5, Insightful

    "Changing the memory address layout is roughly akin to doing home security by locking different doors on different nights, but always leaving one unlocked. The would-be burglar just has to try all the doors to get in. Doing this kind of thing is trivial on a computer."

    Yes, it's just like that, except you have millions of doors, and a intruder can only try to open one door per night, and the unlocked door changes randomly every night.

    "People really need to stop adding these kinds of things that increase complexity and do not address the real issue, which in this case is access to the memory space of another application without some sort of credential or approval. When the real problem is addressed, this overly complex and fundamentally useless random memory address layout 'feature' will be left in to cause bugs and complexity forever."

    This has nothing to do with access to the memory space of another application.

  5. Re:I hope they let you disable this junk. by NatasRevol · · Score: 4, Insightful

    the appalling 'Open "safe" files after downloading' feature in Safari. Seriously? This is one of your 'real' security holes? This one comes turned off by default AND HAS A CHECKBOX IF YOU WANT TO TURN IT OFF.

    --
    There are two types of people in the world: Those who crave closure