How to Save Mac OS X From Malware

eXchange writes "Well-known hacker Dino Dai Zovi has written an article at ZDNet discussing last week's discovery of a critical threat to Mac OS X, and another announcement of a Trojan horse exploiting this discovery. He suggests that Snow Leopard, or Mac OS X 10.6, should integrate more robust means of preventing malware attacks. Some of the suggestions he has include mandatory code-signing for kernel extensions (so only certified kernel extensions can run), sandbox policies for Safari, Mail, and third-party applications (so these applications cannot do anything to the system), and some lower-level changes, such as hardware-enforced Non-eXecutable memory and address space layout randomization."

Re:signed kernel modules would be good for apple t

[omaha_boy]

Better for Apple = Worse for consumer. Let's face it: after what they've done to the Mac experience in the last couple of years, Apple (cough, Computer) is more interested in selling iPods and other crap then keeping the Mac user friendly and intuitive. Signing execs and modules would only allow the engineers to let the Apple Gestapo lock down their OS rather than intuitively fixing the problem.