Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Closer Look At Apple Leopard Security

Posted by kdawson on from the changing-spots dept.

Last week we discussed some of the security features coming in Leopard. This article goes into more depth on OS X 10.5 security — probably as much technical detail as we're going to get until the folks who know come out from under their NDAs on Friday. The writer argues that Apple's new Time Machine automatic backup should be considered a security feature. "Overall, Mac OS X 10.5 Leopard is perhaps the most significant update in the history of Mac OS X — perhaps in the history of Apple — from a security standpoint. It marks a shift from basing Macintosh security on hard outside walls to building more resiliency and survivability into the core operating system."

8 of 267 comments (clear)

  1. Re:Security by jellomizer · · Score: 5, Insightful

    Well Linux and Apple people like seeing Microsoft with security holes. How many articles about microsoft security problems are tagged "HAHA". Windows People like seeing Apple and Linux security holes because then they don't feel as bad about choosing Windows. Linux people are not normally to happy to see Apple Security holes because it usually means Linux has a simular problem and vice versa.

    It is basicly a case if one can say I am more secure then you then I win.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  2. Re:It's to bad that 10.5 is not comeing out for al by AntEater · · Score: 5, Insightful

    "Mac OS X has the "it just works" reputation because of the limited number of hardware configurations on which it runs."

    I've heard this for years but I still haven't seen ANY hardware sample where Windows "just works". I'd put more value on the fact that Apple based the core of their OS on a unix-like system not the registry/spaghetti mess that has been windows for the past decade plus. I'm sure that eliminating poorly written drivers from the mix does help prevent some of the problems that plague windows but it's not the whole story by a long shot.

    Besides, with that argument, Linux should be even more unstable because very few of it's hardware drivers are written by the device manufacturers - many are reverse engineered.

    --
    Alex, I'll take keybindings not used by Emacs for $400....
  3. Re:Significance by ChronoReverse · · Score: 5, Informative

    I believe you mean no more cooperative multitasking. The modern desktop OS's are all preemptive IIRC.

  4. Re:Code randomization a bad idea by Potatomasher · · Score: 5, Informative

    "Virus writers will write something that searches around for the right place to patch"

    No, they won't be able to do that. At that point, they haven't gained execution yet.
    Buffer overflows require you to jump to code which is in a known place in memory (usually libraries), which in turn slingshots you back to the exploit code stored on the stack (or other). Without knowing where to jump to, your malicious code will just sit there in memory, not doing anything.

    --
    A million monkeys and this is the best sig they could come up with...
  5. Re:Code randomization a bad idea by bucky0 · · Score: 5, Insightful

    ASLR works using the dynamic linker. For the vast majority of programs (I can't think of any counter examples off the top of my head), the dynamic linker works transparently to match up in-program function calls with their proper library addresses. If ASLR adds bugs to the implementation, it must be because of a faulty linker, which can be debugged out.

    Virus writers will write something that searches around for the right place to patch
    It's not quite that simple. Virus writers have a practical limit of how much code they can squish into a buffer overflow (which reduces the effectiveness of a NOP slide) Not only that, protected memory operating systems will bomb out if you start randomly poking at memory addresses. Since the addresses are randomized, you don't really know where to start looking which means it becomes a probability game of how many valid addresses the code your looking for could be at compared to the total address space.

    Developers will think buffer overflows are now OK, and write worse code.
    Developers have known about buffer overflows for years, and people still use sprintf over snprintf. I doubt anyone who is doing any serious coding will look at ASLR and say, "Hurray! We can forget about string validation!"

    --

    -Bucky
  6. Re:impossible; other strategies by Yosho · · Score: 5, Informative

    Their description makes it sound as if everything Just Works, and will never fail to let you recover old files.

    Come on, at least read the whole page if you're going to start flaming Apple. I quote:

    One day, no matter how large your backup drive is, it will run out of space. And Time Machine has an action plan. It alerts you that it will start deleting previous backups, oldest first. Before it deletes any backup, Time Machine copies files that might be needed to fully restore your disk for every remaining backup. (Moral of the story: The larger the drive, the farther back in time you can back up.)

    --
    Karma: Terrifying (mostly affected by atrocities you've committed)
  7. Re:Significance by uncleFester · · Score: 5, Interesting

    Maybe in the history of Mac OS X, but definitely not the history of Apple itself. I'd say that would be, oh, the shift to Unix.

    myself, i would consider the shift in architechure a greater historical shakeup. it's still amazing to me apple has shifted their core processor/architechure setup twice, including an emulation layer (each time) to ease transition. i had (and still own) a Motorola Mac (SE/30, Moto 68030 CPU) and remember the titanic shift it was migrating to the PowerPC. And, more recently, shifting from the Power/RISC platform to Intel. I think Apple's continued demonstrated ability to shift its underpinnings with damn near nary a disruption is scary impressive. :)

    -r

    --
    -'fester
  8. Re:Security by Qwerpafw · · Score: 5, Informative

    Apple contributes a lot to the open source community. Safari/khtml is perhaps the best example of that, but they open source their kernel (darwin), quicktime streaming server (darwin streaming server), OpenDirectory, bonjour (mDNSresponder) and a number of other tools and software packages. Apple also owns CUPS, though they bought that and didn't develop it in house (it's GPL2).

    On top of that Apple regularly credits security researchers and links to their websites in software updates when they report vulnerabilities to Apple. They work with the community, not against it.

    You can work with Apple on these open source projects. The fact that you don't, and that you don't know about them in the first place probably means you aren't a programmer, and aren't really serious about contributing to open source. What you really like doing is feeling superior.

    It's perhaps most telling that you use the iPhone as an example of why you're upset at Apple's lack of security. You have it all backwards. The issue with the iPhone was that there were security vulnerabilities. The iPhone was cracked with a buffer overflow exploit. Apple fixed the exploit, which broke hacked phones. They did not intentionally brick phones, and instead told people not to update if they had hacked phones. You're probably remembering the whole thing wrong because you were too smug to learn the facts. Hint: fixing buffer overflows is good security, not bad. Apple is under no obligation to preserve a buffer overflow on a product they ship. If you don't want a security hole patched, don't update the product.

    Apple hasn't violated the terms of any open source license. They give back to the community. They maintain a number of open source products. You can be mad about the iPhone being locked, but that's a separate issue from security or open source.