Forgot your password?
typodupeerror
Security Businesses OS X Operating Systems Apple

Apple Adds Memory Randomization To Leopard 311

Posted by kdawson
from the shuffling-the-wormholes dept.
.mack notes a ZDNet blog outlining some of the security features added to OSX Leopard (10.5). Here's Apple's brief description of all 11 new security features. "Apple has announced plans to add code-scrambling diversity to Mac OS X Leopard, a move aimed at making the operating system more resilient to virus and worm attacks. The security technology, known as ASLR (address space layout randomization), randomly arranges the positions of key data areas to prevent malware authors from predicting target addresses. Another new feature coming in Leopard is Sandboxing (systrace), which limits an application's access to the system by enforcing access policies for system calls."
This discussion has been archived. No new comments can be posted.

Apple Adds Memory Randomization To Leopard

Comments Filter:
  • Woo! (Score:4, Funny)

    by gazbo (517111) on Thursday October 18, 2007 @08:39AM (#21023283)
    Apple is finally catching up with BSD, Linux and Vista!
    • by 0xC2 (896799)
      So either Apple is speeding up, or the others are slowing down. Which is it?
    • Re:Woo! (Score:5, Insightful)

      by suv4x4 (956391) on Thursday October 18, 2007 @09:47AM (#21023957)
      Apple is finally catching up with BSD, Linux and Vista!

      Hehe, you were modded +5 Funny, but if it was the other way around:

      "Vista is finally catching up with BSD, Linux and OSX!"

      You would be modded +5 Insightful... Where are the scores of Microsoft fanboys bashing Apple, damn it!
      • Re: (Score:2, Funny)

        by pohl (872)

        Where are the scores of Microsoft fanboys bashing Apple, damn it!

        90% of them don't have any real passions or sense of quality and are just playing follow-the-market-leader.

        The other 10% are too busy chewing Ayn Rand's carpet

        .
    • by Jeremi (14640)
      Apple is finally catching up with BSD, Linux and Vista!


      The fair comparison isn't relative to other OS's, it's relative to the black-hat community targeting the OS. Windows didn't start adding security features until well after malware/viruses were a major problem on Windows. Apple, on the other hand, is adding the security features proactively, despite the fact that there are not yet any major virus/malware outbreaks on their platform. Bravo to Apple for thinking ahead!

  • by pat mcguire (1134935) <pjm2119@columbia.STRAWedu minus berry> on Thursday October 18, 2007 @08:40AM (#21023297)
    If only this broke bootcamp compatibility - then they'd really prevent viruses.
  • by Just Some Guy (3352) <kirk+slashdot@strauser.com> on Thursday October 18, 2007 @08:43AM (#21023311) Homepage Journal

    From the changelog [apple.com]:

    CalDAV Group Scheduling
    Schedule a meeting with colleagues, check availability, and book conference rooms when using iCal with a compatible CalDAV server like iCal Server.

    Reserve Rooms and Equipment
    Reserve meeting rooms and equipment as you create your meeting invitations. If your calendar is administered through a CalDAV server, iCal automatically displays availabilities when you add a room or resource to your meeting.

    It sounds like a high-level player finally decided to take on Exchange. My biggest questions: are there Windows programs that support these features via CalDAV, and is there a CalDAV server in FreeBSD's ports?

    • Re: (Score:3, Informative)

      by gEvil (beta) (945888)
      My biggest questions: are there Windows programs that support these features via CalDAV, and is there a CalDAV server in FreeBSD's ports?

      It looks like there are a handful of Windows apps [osafoundation.org] that support CalDAV at this time. Since it's an open standard, it shouldn't be long before more calendar apps support it. As for the server, this [wikipedia.org] is what I could find with a 10 second search. Looks promising, too.
    • by link915 (900930) on Thursday October 18, 2007 @09:08AM (#21023547) Homepage
      Currently no viable solution exists on a Windows box. There are things like Sunbird and Yagoon but they don't work well with Outlook (i.e. no real integration). Currently there is a project called Open Connector that exists to bring caldav support to Outlook. It is quickly reaching beta but the main developer needs help. I am pitching in and hope that others will as well. Check it out at http://www.openconnector.org./ [www.openconnector.org]

      Also, the calendar server that is used in Leopard is nothing more than the open-source Darwin calendar server at http://trac.calendarserver.org/projects/calendarserver [calendarserver.org]

      So, although nothing exists in ports that I can find you can run the Darwin calendar server on FreeBSD.
      • There are things like Sunbird and Yagoon but they don't work well with Outlook (i.e. no real integration).

        Actually, (it was explained to me that) we get our Outlook licenses for free because we have an Exchange server. If we migrated off Exchange, we'd likely be migrating off Outlook, too, if there was something solid that could take its place. We're a smallish company that doesn't have more than one conference room to reserve and most of our scheduling issues are currently resolved over IM (on our Jabber server - bless you ejabberd!). Maybe KDE4's Kontact will fill the bill.

        • Outlook licenses are part of Office, not Exchange, which includes a couple of licenses for administration. Exchange Server Client Access Licenses (CALs) and Outlook licenses have to be purchased for each and every user.

          You can buy Outlook licenses separately from Office, but Microsoft has set the pricing structure so there's no real advantage to it.

          • by jcnnghm (538570)
            Every CAL license for Exchange includes the ability to use one Microsoft E-Mail client. Either Entourage for Mac, or Outlook for Windows. IIRC they will mail you the Entourage disk if you request it, Exchange only ships with Outlook.
            • I know that a CAL gives you a license to create an individual mailbox, but it was my understanding that the mail client that you actually use to get to it wasn't covered. I have the one of the Exchange disks that we used to install our servers in a drive and I don't see Outlook on it.

              I guess we should talk to our Microsoft rep - not everybody needs Office and maybe we can save a couple of bucks...

        • by Mattsson (105422)
          The MS Outlook license comes with MS Office too. That is, unless you're using the "Home/student" version of MS Office, in which Microsoft has removed it. (BTW, did you know that there are eight (8!) versions of MS Office?)
          MS Exchange also comes bundled with MS Outlook as a stand-alone application, but if you own MS Office licenses you'd still be able to use MS Office even if you migrated off MS Exchange.
    • I don't know details, but Apple is claiming Outlook support for their new calendaring. I'm guessing they've figured out how to mimic Exchange's MAPI, but I guess it might be some sort of Outlook plugin...?

      Like I said, I don't know.

    • Re: (Score:2, Informative)

      by PeeweeJD (623974)

      It sounds like a high-level player finally decided to take on Exchange.

      According to this article [appleinsider.com], apple corporate has switched from a third party calendaring program to iCal so those feature additions make perfect sense.

      from page 3:

      Even home users that have no need for group calendaring will benefit from the new server-side improvements to iCal. That's because Apple didn't just build its iCal Server to fill out a feature check list. It has also begun using it company wide as its own corporate schedulin

    • by jcr (53032)
      It sounds like a high-level player finally decided to take on Exchange.

      Yep.

      Exchange was a major obstacle to Mac adoption in a lot of offices. Apple decided it was time to deal with that.

      -jcr

    • Re: (Score:2, Interesting)

      by Anonymous Coward
      Chandler Server is also a CalDAV server: http://chandlerproject.org/Developers/DownloadChandlerServer [chandlerproject.org]
    • It sounds like a high-level player finally decided to take on Exchange. My biggest questions: are there Windows programs that support these features via CalDAV, and is there a CalDAV server in FreeBSD's ports?

      I don't see this as a move to take on 'high-level' solutions. If anything, this sounds more like the Calendar sharing features Vista uses (Local,Network,Web).

      It scares me sometimes that things like 'upping' shared calendars and other features Windows has had for almost ten years is touted as being 'rev
    • Definitely. This is going to be one of the killer features for our office, which runs entirely Mac desktops.
    • by _|()|\| (159991)
      I have two Macs at home, so I spent some time researching how to synchronize their data. For iCal, I settled on the publish and subscribe feature using WebDAV with the built-in Apache server. The desktop publishes its calendars to .ics files in a DAV-enabled folder, and the laptop downloads them once a day. It works well enough, but it would be nice to see the set up process simplified in 10.5.
    • by BadAnalogyGuy (945258) <BadAnalogyGuy@gmail.com> on Thursday October 18, 2007 @08:50AM (#21023375)
      It works like this: Everyone cheers on the guy that they like and boo the guy they don't like, but in the end they are having beers with the winner who is pretty much never the guy that they like.

      Just look at the U.S. election this year. Everyone and their brother loves Colbert because he is cool and hip and represents a stick in the eye to every other goddamned POLITICIAN out there who can't help but pander to big money and special interest groups. But come election day, it ain't OSX you're putting on your servers.

      Know what I mean?
    • by 0racle (667029)
      Yes, 2.6.20 was years and years ago.
    • by Just Some Guy (3352) <kirk+slashdot@strauser.com> on Thursday October 18, 2007 @08:53AM (#21023397) Homepage Journal

      From your Wikipedia link:

      ASLR is enabled by default in Linux since 2.6.20

      Since that release was made on 2007-02-05, you could more accurately say that "Linux, of course, has been doing it for months". OpenBSD didn't even really get a strong version of it until 3.8 [openbsd.org], and that wasn't quite 2 years ago. It sounds like Windows had problems [zdnet.com] with it as recently as February 2007, but maybe that's fixed now.

      This is still fairly cutting-edge stuff. It's not like they just now implemented memory protection for the first time.

      • Re: (Score:3, Informative)

        It has been the default in certain distros (e. g. Gentoo Hardened) long before it was set as default in vanilla Linux. So, Linux has been doing it for years, although Linus hasn't.
  • by Cthefuture (665326) on Thursday October 18, 2007 @08:55AM (#21023409)
    All measures like this are just bandaids and may in fact open up more holes because it adds complexity to an already complex beast.

    There is just no way to do this in software. The future is going to be implementing these types of features in well proven hardware. Things like the no-execute bit, virtualization extensions and such are steps in the right direction but eventually I think we will see some really good security measures put into hardware.
    • by _merlin (160982) on Thursday October 18, 2007 @09:15AM (#21023605) Homepage Journal
      Eventually? Look back at the past! IBM System/390 mainframes (and the zSeries derived from it) have all those features in hardware. Array overrun? Hardware exception. Integer overflow? Hardware exception. Touch memory you deallocated? Hardware exception. ALU produces a spurious result? System picks it up because it runs all the code on at least two cores, and the same fault is unlikely to occur in two cores simultaneously - operation is retried on two more cores to determine which of the two original cores was correct, and the failing core is taken out of service.

      You know why we don't do all that in hardware in PCs? Because it requires a huge amount of silicon. Sure, it's great. You learn good programming practices, because you can't get away with slipping even a little. But it costs a lot, gets hot, and goes slow. PCs are meant to be a good enough and cheap enough solution - not necessarily the best solution.
      • Good post. Privilege enforcement in hardware is going to be much harder to crack than various obfuscation schemes in software, which in the end are sort of like a spread-spectrum technique to reduce the signal level of your software deficiencies by spreading them out over the address space.
      • It's not the hardware as much as it is the application....the flat memory model is the root of all security problems on Intelish hardware...

        Even the 386 had some fairly largish number of selectors that could be assigned to an application, rather than just the one with a 2GB address space. So, you could have an application get some big amount of selectors, use them for guarded arrays and so forth, and it could be much more secure than now.
      • by LWATCDR (28044)
        I am afraid you are right. If they put those features into an X86 the results would be.
        A. It would break a lot of software. "Well detected a lot of already broken software."
        and
        B. Wouldn't sell.
        As you said PCs are cheap and "good enough" for a lot of jobs.

      • "PCs are meant to be a good enough and cheap enough solution - not necessarily the best solution."

        Good enough and cheap enough is usually the best solution if resources (time and money) hold any value.
    • These are bandaids because they're like "morning after" pills...

      The first line of defense is being BADLY neglected.

      Get rid of the dangerous APIs (such as the single set of bindings in LaunchServices) and browser features (who the hell thinks automatically opening 'safe' files after downloading is a good idea?) first.

    • by suv4x4 (956391) on Thursday October 18, 2007 @09:44AM (#21023907)
      All measures like this are just bandaids and may in fact open up more holes because it adds complexity to an already complex beast.

      99% of security is bandaid and "obscurity" under cover. Even cryptography with large prime numbers is just obscurity: they give you the number and if you could factor is quickly, you can break it. You just can't break it quickly yet.

      Still though, it's the nature of the beast. It's in uphill battle with the hackers. Tech gets sophisticated, hackers get sophisticated, tech gets more sophisticated... It's evolution in a way.

      There are very few security concepts which aren't "bandaids", for example privilege levels are such a security measure, and still, most apps that take advantage of this have a bunch of "bandaids" in them to avoid privilege escalation situations.

      ASLR is a practical approach to easily calling known adresses after buffer overflow exploit. If all apps in existence made proper use of the no-execute bit and made sure not to overrun buffers in the first place, ASLR could've been useless.

      OS designers though meet a world with imperfect apps, and their task is to improve security in this *existing* situation. They do good.
      • Obscurity implies that people don't know what is happening exactly. In crypto the algorithms are published and available to anyone -- not obscure. You could criticize public key crypto (those using large primes) for using a yet to be proven hard problem, but not for being obscure.
        • by suv4x4 (956391)
          Obscurity implies that people don't know what is happening exactly. In crypto the algorithms are published and available to anyone -- not obscure. You could criticize public key crypto (those using large primes) for using a yet to be proven hard problem, but not for being obscure.

          Well, it'll be even less obscure if everyone published their private keys.
    • I find it odd most of the comments like yours are complaints about Mac security. Isn't "insecure" kind of an oxymoron with Macs? If you want an overly complex OS check out a Vista machine. My PCs have constant security issues and my main machine is a trainwreck from all the damage done by malware and bots inspite of running constant checks. I've never done a single thing related to security with my Mac and I've yet to have a problem. The made thei system even more secure. Shouldn't they get a applauded not
    • by russotto (537200)

      but eventually I think we will see some really good security measures put into hardware.
      Yeah, like the code won't be permitted to execute unless it's been signed by an authority trusted by the TCP chip in the hardware. Oh, wait....
  • Nifty patch that (among others) adds similar safeguards to the linux kernel. Too bad it's not in the mainstream kernel.
  • some to Another policies arranges (10.5). notes 11 the and brief Here's has in as by is key security to feature add access Leopard, more positions Mac (systrace), resilient of access X for code-scrambling blog prevent "Apple to new Leopard virus The aimed the to diversity ZDNet at move announced an (address application's enforcing OS worm calls." Apple's security OSX data added security limits technology, Sandboxing description new system Leopard the addresses. making predicting features to layout .mack pla

  • Trend (Score:5, Funny)

    by MadMacSkillz (648319) on Thursday October 18, 2007 @09:44AM (#21023917) Homepage
    There is a trend emerging, ever so slowly... It used to be Mac users attacking Windows users... More and more I'm starting to hear Windows users attacking Mac users. Fortunately, so long as the argument is "Mac is gay," I don't really feel like Mac users need to bother responding. Linux I respect, though... because once I'm in the command line, it's just like OS X. (ducks)
  • by plsuh (129598) <plsuh@goodIIIeast.com minus threevowels> on Thursday October 18, 2007 @10:17AM (#21024341) Homepage

    Another new feature coming in Leopard is Sandboxing (systrace), which limits an application's access to the system by enforcing access policies for system calls

    Folks,

    Just FYI, the sandboxing in Leopard is not systrace. Systrace is vulnerable to race conditions -- see Robert Watson's paper "Exploiting Concurrency Vulnerabilities in System Call Wrappers" [lightbluetouchpaper.org]. I asked him about this at WWDC, and he told me that Leopard's sandboxing is based on a different technology and is not vulnerable to the same attacks.



    --Paul
  • by Sockatume (732728) on Thursday October 18, 2007 @12:36PM (#21026697)
    It forgot where the memory went, mind you, but it's the thought that counts.
  • ASLR (Score:3, Funny)

    by caluml (551744) <slashdot&spamgoeshere,calum,org> on Thursday October 18, 2007 @01:23PM (#21027647) Homepage
    ASLR - Hmm. 32, Male, Bristol - what's the R for these days? I can't keep up with the youngsters.

It is impossible to enjoy idling thoroughly unless one has plenty of work to do. -- Jerome Klapka Jerome

Working...