toggle

AAPL Stock: 111.78 ( -0.87 )

Printed from http://www.macnn.com

Experts: OS X now much more secure than rivals

updated 12:00 am EDT, Sat July 23, 2011

Leapfrogs Windows 7, Linux, but still not perfect

Consultants with several computer security firms say that Wednesday's release of Mac OS X Lion makes it "king of the jungle" in terms of mainstream operating system security, surging ahead of rivals such as Windows 7 and Ubuntu Linux with very signifiant security overhauls throughout the OS, reports The Register, including a robust implementation of ALSR, sandboxing of vulnerable processes, and locking down web interactions.

Charlie Miller of Accuvant, well-known in the Mac hacking community for his exploitations of various Mac vulnerabilities, is particularly pleased to see significant changes in Safari (he has been known to use weaknesses in Safari as part of his techniques). The latest version (v5.1) separates the internal processes into two camps: the user interface, and the Webkit engine that handles the parsing of web content. The change was made to limit the damage that could be done, and effectively sandboxes each of the two "sides" to prevent any error in one affecting the other.

Apple has also -- finally -- fully implemented address space layout randomization (ASLR), a technique that protects the contents in RAM from being easily manipulated. The technique has been partially present in OS X for some time (since the release of Leopard), but was never implemented system-wide until Lion. Windows has been using the technique since Vista, and Ubuntu also adopted the protection some time ago.

These changes alone make much of Miller's previous techniques for exploiting vulnerabilities moot, though he has still had some success finding other issues to exploit -- a reminder that security is an ongoing and never-finished job for operating systems that offer any amount of open interaction with the internet or other computers. Apple's iOS devices, which are rated even higher than the Mac in terms of security, still have known exploits, which makes it likely that there are still undiscovered or little-noticed loopholes and flaws in the code for Lion.

Apple has also offered a revamped and overhauled Filevault 2 encryption system to protect user data in the event of theft or physical manipulation of a Mac. The new version works on a block level rather than file level, encrypts the entire hard drive rather than just the user folder, and has significantly less impact on performance and doesn't interfere with OS functions. It also now works fully with the company's Time Machine backup software and other improvements.

Both Miller and his co-author in the book The Mac Hacker's Handbook, Dino Dai Zovi of Trail of Bits said that from a security perspective, Snow Leopard was little better on Leopard, but that Lion is a "significant improvement." Zovi describes the level of security in Lion as "Windows 7 plus plus." Apple hired the inventor of the BitFrost security system for OLPC, Ivan Krstic, two years ago in an effort to beef up core OS security. Krstic's methods in BitFrost mirror closely what has now been implemented in Lion.

"I generally tell Mac users that if they care about security, they should upgrade to Lion sooner rather than later," Dai Zovi said, "and the same goes for Windows users, too." [via The Register]




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

    Comment buried. Show
  1. Wingsy

    Joined: Dec 1969

    -14

    About Time, huh?

    I sure am glad Apple finally got around to making my Mac the most secure OS. Before today I've had to run anti-virus scans on an almost daily basis to get rid of all the malware it collects. What a pain! I used to look at Windows people and envy their computers that are impervious to malware. No more, no sir-ree. From now on I'll probably be able to use my Mac with no anti-virus software at ALL! I'm going to feel SO much better!

  1. prl99

    Joined: Dec 1969

    +20

    don't need sarcasm

    @Wingsy, I read a lot of sarcasm in your comment. If you actually look at who is being referenced in this article and understand what they've done in the past, you might realize that what they are saying is not something that should be taken lightly. Apple has stepped up to the plate and changed a lot of security-related functions in Lion. Ridiculing good articles must be a boring pastime.

  1. facebook_Sean

    Via Facebook

    Joined: Jul 2011

    +3

    Nice Try Wingsy

    Sorry Wingsy, not buying it. But nice try though. Jealousy can be a hard pill to swallow.

  1. zer0

    Joined: Dec 1969

    +12

    finally,

    now we can put an end to the 'security by obscurity' idiots that appear every time OSX security is mentioned.

  1. facebook_Timothy

    Via Facebook

    Joined: Jul 2011

    +5

    Name two things lost on prl99

    1) reading comprehension
    2) the concept of sarcasm

    Comment buried. Show
  1. elroth

    Joined: Dec 1969

    -11

    yeah, wingsy, but...

    Of course you can say you've never needed anti-virus software with OS X, and i agree. But my Snow Leopard system got corrupted twice this year, to where I had to re-install it - it wouldn't finish the boot up process. Nothing I could do but re-install (or re-clone the hard drive from a backup clone).

    I have no idea what the problem was, but I'm guessing some kind of malware picked up from a legitimate music download site (not bit torrent or anything like that). Something in the System files got corrupted. The first thing that happened was the clock changed time - it was 8 hours off, even though System Preferences still had my correct time zone. When I tried to restart, it wouldn't finish the process, and I had some endless loop running on a blank screen. I could boot from another drive and get acces to the files on the internal hard drive, but couldn't boot from the internal hard drive until I re-installed Snow Leopard.

    I'm happy for anything that can reduce the chances of something like that happening again.

  1. jnennemann

    Joined: Dec 1969

    +14

    ...uh...

    @elroth;

    "I have no idea what the problem was, but I'm guessing some kind of malware"... so basically you shouldn't open your mouth. Why even comment? 90% of the time, the problems you mention have been caused by disk related errors. Either bad sectors have accumulated to the point where the disk is getting unusable or it has been powered off too many times without properly being shut down.

  1. facebook_Pete

    Via Facebook

    Joined: Jul 2011

    +2

    Umm...

    Wingsy is actually a Windows user being a smart a** feeding on every known trolling words about macs. The same goes for Elroth. Don't feed the hype.

  1. Mathue

    Joined: Dec 1969

    +3

    Whut??

    @elroth

    What few exploits on OSX there are don't do anything destructive like what you describe. Virus (Self replicating) don't work on OSX, and probably never will. Trojans do exist and typically are typically 'social engineering' types of fraud.

    What you have had is a boot sector corruption, a not entirely uncommon issue especially is you don't have 'journaling' enabled when you installed OSX or formatted the drive.

    @Wingsy

    I'm not sure WHERE on EARTH you're browsing, but even a Windows machine won't collect malware that badly on a daily basis, let alone OSX. So far as I'm aware the OS itself has a historical 'in the wild' exploit list (i.e. 10+ years) that doesn't even fill up one 81/2x11 page of paper.

    Comment buried. Show
  1. facebook_Judy

    Via Facebook

    Joined: Jul 2011

    -22

    http://www.voguebloom.com

    Welcome to: == http://voguebloom.com/ ==== Air jordan(1-24)shoes $33 Handbags(Coach l v f e n d i d&g) $35 Tshirts (ed hardy,lacoste) $16 Jean(True Religion,ed hardy,coogi) $30 Sunglasses(Oakey,coach,gucci,A r m a i n i) $16 New era cap $15 Bikini (Ed hardy) $25 Jewelry (Tiffany,Pondora,Chanel...)$20 FREE sHIPPING,ACCEPT PYAPAL PAYMENT AND CREDIT CARDS DELIVERY TO YOU DOOR TO DOOR. == http://www.voguebloom.com/ ==== ===== http://www.voguebloom.com/ =====is specialized in online service on ugg Jordan air max oakland raiders $30--39; Ed Hardy AF JUICY POLO Bikini $20; Handbags (Coach lv fendi d&g) $30 T shirts (Polo ,edhardy,lacoste) $15 Jean(True Religion,edhardy,coogi) $30 Sunglasses (Oakey,coach,gucci,Armaini) $15 New era cap $15 Bikini (Ed hardy,polo) $20 ACCEPT PYAPAL PAYMENT AND CREDIT CARDS DELIVERY TO YOU DOOR TO DOOR Welcome to: == http://www.voguebloom.com ==== Air jordan(1-24)shoes $33 Handbags(Coach l v f e n d i d&g) $35 Tshirts (ed hardy,lacoste) $16 Jean(True Religion,ed hardy,coogi) $30 Sunglasses(Oakey,coach,gucci,A r m a i n i) $16 New era cap $15 Bikini (Ed hardy) $25 FREE sHIPPING,ACCEPT PYAPAL PAYMENT AND CREDIT CARDS DELIVERY TO YOU DOOR TO DOOR. == http://www.voguebloom.com/ ====

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented