Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Adds Memory Randomization To Leopard

Posted by kdawson on from the shuffling-the-wormholes dept.

.mack notes a ZDNet blog outlining some of the security features added to OSX Leopard (10.5). Here's Apple's brief description of all 11 new security features. "Apple has announced plans to add code-scrambling diversity to Mac OS X Leopard, a move aimed at making the operating system more resilient to virus and worm attacks. The security technology, known as ASLR (address space layout randomization), randomly arranges the positions of key data areas to prevent malware authors from predicting target addresses. Another new feature coming in Leopard is Sandboxing (systrace), which limits an application's access to the system by enforcing access policies for system calls."

7 of 311 comments (clear)

  1. Re:Woo! by skingers6894 · · Score: 0, Troll

    Yes in every way except number of actual viruses....

  2. Re:Woo! by Stooshie · · Score: 0, Troll

    Actually, weren't all these features available in XP?

    --
    America, Home of the Brave. ... .and the Squaw.
  3. Re:Woo! by bhima · · Score: 0, Troll

    I was planning on doing something a little different.
    I already have a quad G5 PowerMac. And I'm downloading Leopard when it hits the various torrent sites I frequent. After using it for a bit if it is not a complete cluster fuck and it does not try to control the way I use my computer (as the iPhone, iPod touch, and Apple TV do) then I'll upgrade. If it does, they can go fuck themselves and I'm moving to a BSD of some flavor.

    --
    Nothing in the world is more dangerous than sincere ignorance and conscientious stupidity.
  4. Why? by aldheorte · · Score: 0, Troll

    Changing the memory address layout is roughly akin to doing home security by locking different doors on different nights, but always leaving one unlocked. The would-be burglar just has to try all the doors to get in. Doing this kind of thing is trivial on a computer.

    People really need to stop adding these kinds of things that increase complexity and do not address the real issue, which in this case is access to the memory space of another application without some sort of credential or approval. When the real problem is addressed, this overly complex and fundamentally useless random memory address layout 'feature' will be left in to cause bugs and complexity forever.

    If there is an argument for this that is not security-based, then I'm willing to hear it out, otherwise, this is an anti-feature.

  5. Re:Woo! by suv4x4 · · Score: 0, Troll

    Nice to hear those Microsoft people are about to catch up with the Java sandbox model from 1997 ;)

    It's apparent you have no clue of the advantages of .NET over Java in this area.

  6. Never install 10.x.1 by ThatsNotFunny · · Score: 0, Troll

    I always wait until 10.x.3 before even considering installing a new 10.x

    Let some other sucker find out what programs don't work. By the time 10.5.3 comes out, most of the incompatibilites and bugs will be fixed.

    --
    "Was it a millionaire who said 'Imagine No Posessions?'" -- Elvis Costello
  7. Re:Woo! by ChrisA90278 · · Score: 0, Troll

    Chatching up with BSD? Mac OS is BSD. Most of what's in BSD makes it's way into Mac OS X. But Mac OS X does have a rather longer release cycle so things like this can take two years