Apple Adds Memory Randomization To Leopard

.mack notes a ZDNet blog outlining some of the security features added to OSX Leopard (10.5). Here's Apple's brief description of all 11 new security features. "Apple has announced plans to add code-scrambling diversity to Mac OS X Leopard, a move aimed at making the operating system more resilient to virus and worm attacks. The security technology, known as ASLR (address space layout randomization), randomly arranges the positions of key data areas to prevent malware authors from predicting target addresses. Another new feature coming in Leopard is Sandboxing (systrace), which limits an application's access to the system by enforcing access policies for system calls."

Cool, but even better...

[Just+Some+Guy]

From the changelog:

CalDAV Group Scheduling
Schedule a meeting with colleagues, check availability, and book conference rooms when using iCal with a compatible CalDAV server like iCal Server.

Reserve Rooms and Equipment
Reserve meeting rooms and equipment as you create your meeting invitations. If your calendar is administered through a CalDAV server, iCal automatically displays availabilities when you add a room or resource to your meeting.

It sounds like a high-level player finally decided to take on Exchange. My biggest questions: are there Windows programs that support these features via CalDAV, and is there a CalDAV server in FreeBSD's ports?

Re:Cool, but even better...

Chandler Server is also a CalDAV server: http://chandlerproject.org/Developers/DownloadChandlerServer

Re:Cool, but even better...

[tcoady]

Yes, that's one of them - maybe mod up my parent? This is the cross-platform calendar client also referred to in the next link.
Also according to http://www.appleinsider.com/articles/07/10/18/study_iphone_already_nibbling_away_at_motorolas_dominance.html

Mozilla's Sunbird calendar and even Microsoft's Outlook--with the installation of a third party plugin--can be used with iCal Server. Boeing has also developed a CalDAV connector for Exchange Server. Microsoft itself has been quiet about supporting CalDAV. That may be related to the fear that an open market in calendaring would not help the company maintain its dominance over Windows-bound IT shops

ASLR == Windows Feature Since 3.1

ASLR or 'Address Space Layout Randomization' has seemingly been a 'feature' since Windows 3.1. You never know just *where* or *when* a blue-screen-of-death(tm) will occur. Microsoft should sue Apple for copying this 'valuable' feature :)

Ok, jokes aside, wouldn't this make debugging programs hell? If something crashes (oh wait, nothing on apple ever crashes)...crash dumps would be almost meaningless.

Or, another way of looking at this, target addresses can still be found, since the program must have some sort of debug hooks. (Unless debuggers have access to kernel protected areas)..

In other words, another kind of useless feature...Crash Different!

Re:ASLR == Windows Feature Since 3.1

[Tony+Hoyle]

When mac software crashes it usually just vanishes, with no user feedback at all. When the OS crashes it blackscreens (like, say, plugging in a firewire drive into Tiger, which they *still* haven't fixed) but I wouldn't say the information it gives is useful at all.. about as useful as a bluescreen.

Then there's the spinning beachball of death crashes which are a sore point with me.. they happen every time it decides it can't access a network resource* and the only way out is to pull the power cord (since if finder is dead you can't even power off or run the kill application). Got rather sick of doing that last night...

* Which happens rather a lot if you decide to use NFS. NFS under Tiger is broken on intel macs but works OK on ppc macs.. same OS version (allegedly), same NFS share, even the same damned cables.. different result every time.

Re:Woo!

[Corwn+of+Amber]

I, for one, am going to buy Leopard, the day it's out.
Then I'll put it on in a drawer.
Then I'll download the ISO of the version I'll install on my PC.

And I'll be a happy Apple customer :)

(I'm NOT going to buy a Mac unless I win the lottery or something. But I can spend $139 on the company that's produced the best OS for my use.)

crash logs (was Re:ASLR == Windows Feature...)

[WillAdams]

When I first started using Quark XPress 6.5 in Mac OS X here at my new job, it took a while to work out the kinks for a rather complex project (doing layout for a journal w/ a 24 hr. turn-around), to the point that I actually put up a ``crash log'' outside of my cubicle, so that people could gauge my mood before entering. It's been a year now, and while I've gotten the project in question worked out (had to train myself _never_ to undo re-sizing a text box &c.), the totals might be interesting to people:

2006:
Quark XPress: 207 crashes (as many as 9 per day)
Adobe Illustrator: 25
InDesign: 35
PhotoShop: 15
Acrobat: 65
Microsoft Word: 23
Macromedia FreeHand: 9
Mac OS X: 14 (this includes Mac OS X apps like Mail.app and Safari.app)

The totals for this year are a bit more reasonable --- Quark XPress v6.5: 26, v7: 46 (I had to move the afore-mentioned journal over to Quark 7 after a re-design and that involved a new set of things to work-around) --- but I find Mac OS X overall reliable and workable as an environment (thought not as nice, consistent and synergistic as NeXTstep).

William

Re:Woo!

[bhima]

I am being serious. I do think that Apple is changing the priorities of their software as evidenced by the AppleTV, iPod Touch, the iPhone and by various applications like iTunes and DVD app. Given Apple's recent pricing strategies I think it's a better bet to wait and see how whatever comes out fares for a few months.

I'm frustrated enough with the subtle restrictions in iTunes & iPod that I'm paying attention to Songbird's development with interest and it looks very, very promising.
After one too many inappropriate trailers on DVD's that my family was unable to skip, DVD app is no longer in use.
AppleTV essentially won't play content unless it's from the iTunes store (like fan-subbed anime) without hacking it.

There are some very interesting new features in Leopard that I am willing to pay to use, but I am not willing to put up with that loss of control spreading to other parts of the operating system. Nor am I going out and buying a new Mac Pro and an iMac just to see a substantial price drop a month or two after the release.

I've renewed the Mac OS family license for years and this year I'm irritated enough that I don't think I'm going to.

Sometimes Linus isn't practical

Yes, Linus rejected it as security through obscurity even though it has no significant cost and in general makes things safer. Its the whole theory/practice not exactly the same thing thing. Though redhat, etc. should do it on their own and it sucks they don't.

Re:Woo!

[kestasjk]

Safari asks. Most modern browsers have security settings that can do this. No as in any foreign executable, including executables downloaded via network shares, are flagged as foreign. This isn't the same as your browser asking "are you sure you want to download this executable file?"

It is called Little Snitch. It works great. Okay, but it wasn't part of the OS. We're talking about the OS here, not applications for the OS.

Nice feature, but if you were really concerned with security you would have memory encryption enabled anyhow. No problems with this when using encrypted memory. Encrypted memory? Can you elaborate on this? I'm guessing you're talking about encrypted swap files, but that doesn't make it any harder for foreign code to know where in the address space useful libraries are.

Public Key signing anyone? This has been around for decades - even on OSX! Manual public key signing isn't the same as automatic digitally signed binaries. Manual public key signing means that the user has to know to download the digital signature separately and check the executable, which is a big hassle and pretty unrealistic for most users.

These are not things that weren't available on OSX. They weren't gaping holes. Apple just decided to make them easier for the average user by including them out of the box and beefing them up a bit where necessary (like the memory randomization). They were already available? Where in Tiger is memory randomization, digitally signed binaries, flagged-as-new binaries, and the built in application-level firewall?

Re:Woo!

[Anpheus]

The problem is, there's no way for legacy apps to be smoothly updated with a new security framework without recompiling each of them with a new API. .NET apps, having been built with those requirements in mind, are able to, at compile time, determine what privileges they need and don't need.

Unfortunately I have yet to see the 'granularity' in .NET apps, I think most of the permissions are rather vague.

I think the point of a future Windows and .NET release will be to make security requirements part of the static analysis of code, probably required before execution. .NET compiled code is much easier to analyze after runtime than machine-code for only a few percentage points of a drop in throughput on a modern computer. Windows 7 might not even bother with reading the security information.

Re:Woo!

[MightyYar]

Re: Volume Shadow Copy

I might be mistaken, but isn't the Apple and MS implementation of this totally different? In the Mac implementation, you can get the history of a single file and resurrect any version of it.

In the MS implementation, if you want to resurrect a file you first have to restore the whole volume. This makes it useful for sytem backup, but not very practical for "oops, I just lost 15 minutes of work" file restore things.

So... I've never really bothered with Volume Shadow Copy but I will definitely be using Time Machine.