Apple has finally released the full list of updates in the next version of the Mac operating system, including a section detailing all the security updates.
A couple of features look pretty interesting. The biggest is the inclusion of “Library Randomization”, or what we call layout randomization (ASLR) in Vista. System functions are randomized in memory to make exploitation more difficult. I don’t have a Leopard seed to check it out, and I suspect some of the researchers out there will dig in and let us know how good (or bad) the implementation is. Mac OS X already supports Data Execution Prevention, one of the other key Windows XP, Server, and Vista anti-exploitation technologies.
Another good feature is tagging of downloaded applications. Any downloaded executable is tagged by the OS and requires the user to approve it on first launch (it doesn’t mention if it’s a password prompt or just clicking an OK box). It appears to list the app name, what tool downloaded it, and (if possible) the URL it came from. Regular users probably won’t pay attention, but this will be nice for those of us who do.
Apple also (finally) improved the Mac OS X firewall to include some level of application control. The description makes it look like it only controls inbound connections, which would be too bad. I think the user interface for this one will be pretty important, and maybe outbound control is hidden in the capabilities somewhere. Anyone up to date on ipfw that can let us know if Apple is sticking with that?
There’s a new sandboxing feature for some default applications, including Bonjour, Spotlight, and Quick Look. I highly suspect this is a way of limiting the potential exploitation via file and network fuzzing, considering the applications they picked.
Most of the rest of the updates are fairly straightforward and good to see. Application signing, 256 bit AES for file encryption, better VPN support, SMB packet signing for Windows compatibility, multiple user certificates, and some updates to access control lists for file sharing (I think, although they don’t say, driven by Windows compatibility issues). There’s increased smart card support designed to meet the needs of the feds, but I might give it a shot (for fun) if the readers are added to default Macs (unlikely).
And let’s not forget the biggest security feature in Leopard that didn’t make the list- Time Machine. Getting users to do differential backups will do more to assure the availability of their data than any other security feature.
I’m really looking forward to seeing how this all holds up once the security researchers get their hands on it. On paper it looks great, maybe even getting Mac OS X up to the level of Vista (for security- usability on Vista still sucks). But I don’t believe anything until people smarter than me start banging on it and seeing where the cracks are.
Reader interactions
8 Replies to “Mac Security Updates In OS X 10.5”
Rich’s commentary on Leopard
also pumped out a feature list. The guys over at Securosis do a fine job running down the list of security features on tap for the new version so I won’t duplicate the fine effort shown over there. I wanted to
Security (that’s Mac OS X 10.5 for you non-Apple geeks) up on TidBITS. It’s based on my original blog post here, but expanded and simplified to appeal to a more general
Nice posts, I always like hearing more details on OS X security. A lot of people like to claim OS X is secure, but they never quite know why. I my opinion, it’s not that it has been much more secure in the past (i.e., still a lot better than XP was), it’s just that it hasn’‘t had as many good hackers focus on finding bugs.
I’‘m lazy so I use WaterRoof. I’‘m really lazy, or I’‘d get off my rear and build a few rules sets for when I travel.
Rich’s commentary on Leopard
Mac Security Updates In OS X 10.5 “Leopard”
I’‘m 100% positive that ipfw is continuing it’s reign as the underlying firewall in Leopard. For most people, firewall rules are just too complex, even simple TCP/UDP port entries which is why Apple continues to dumb it down too far. That being said ipfw at the command line is easy and familiar for those who know a minimum of firewall security, and if it’s really that hard maybe they choose to use WaterRoof as a GUI replacement.
“…maybe even getting OS X up to the level of Vista…”—real funny!