A Closer Look At Apple Leopard Security 267
Last week we discussed some of the security features coming in Leopard. This article goes into more depth on OS X 10.5 security — probably as much technical detail as we're going to get until the folks who know come out from under their NDAs on Friday. The writer argues that Apple's new Time Machine automatic backup should be considered a security feature. "Overall, Mac OS X 10.5 Leopard is perhaps the most significant update in the history of Mac OS X — perhaps in the history of Apple — from a security standpoint. It marks a shift from basing Macintosh security on hard outside walls to building more resiliency and survivability into the core operating system."
Security (Score:3, Insightful)
Significance (Score:5, Insightful)
Maybe in the history of Mac OS X, but definitely not the history of Apple itself. I'd say that would be, oh, the shift to Unix.
Re:Security (Score:5, Insightful)
It is basicly a case if one can say I am more secure then you then I win.
Re:Security Conserns of Time Machiene? (Score:5, Insightful)
If it is an important file, why would you drop it in a public location in the first place, instead of just transferring it directly to that user or putting it in a password protected location or them? The scenario you envision is already a security problem because you're posting private data in public temporarily. I'd argue the right solution, is not to do that at all.
Re:It's to bad that 10.5 is not comeing out for al (Score:1, Insightful)
Re:Security (Score:5, Insightful)
Re:Significance (Score:5, Insightful)
It wasn't a lot of people. It was a vocal minority, the same minority which swore up and down that they'd never touch Apple again after the Intel switch and who spend hours debating the tiniest "flaws" in OS X's GUI. In other words, people for whom computers are an obsession or a fetish.
The the rest of us--people for whom computers are tools used to make money--OS X, and the features it brought, were long overdue. The switch was entirely worth it if only for the addition of a modern memory susbsyetem to an Apple OS. No more preemptive multitasking and having to specify how much memory each application got.
Re:Apple can no longer hide behind small markets (Score:2, Insightful)
So don't worry, you will get the same story here.
Re:It's to bad that 10.5 is not comeing out for al (Score:5, Insightful)
I've heard this for years but I still haven't seen ANY hardware sample where Windows "just works". I'd put more value on the fact that Apple based the core of their OS on a unix-like system not the registry/spaghetti mess that has been windows for the past decade plus. I'm sure that eliminating poorly written drivers from the mix does help prevent some of the problems that plague windows but it's not the whole story by a long shot.
Besides, with that argument, Linux should be even more unstable because very few of it's hardware drivers are written by the device manufacturers - many are reverse engineered.
Re:Code randomization a bad idea (Score:5, Insightful)
Virus writers will write something that searches around for the right place to patch
It's not quite that simple. Virus writers have a practical limit of how much code they can squish into a buffer overflow (which reduces the effectiveness of a NOP slide) Not only that, protected memory operating systems will bomb out if you start randomly poking at memory addresses. Since the addresses are randomized, you don't really know where to start looking which means it becomes a probability game of how many valid addresses the code your looking for could be at compared to the total address space.
Developers will think buffer overflows are now OK, and write worse code.
Developers have known about buffer overflows for years, and people still use sprintf over snprintf. I doubt anyone who is doing any serious coding will look at ASLR and say, "Hurray! We can forget about string validation!"
Re:What about the insecure default settings? (Score:5, Insightful)
Re:impossible; other strategies (Score:4, Insightful)
If you look at Apple's description [apple.com] of the time machine functionality, it's not possible for it to work the way they claim.
Could you please explain how you think Apple is claiming Time Machine works, and why you think it's not doing that? I ask because I'm not sure what you find objectionable about the page you linked to. In a simple answer to your question, you can use Time Machine to back up to either an external drive or a server. When space runs out, OSX will warn you, and you'll then be given the option of overwriting your old files. That's what Apple has said about running out of space. I would assume that you'd also have the option of adding additional storage (e.g. getting another external hard drive), and keeping your old backups.
It'll be a very sensible solution for 99% of users. (Yes, that statistic was pulled out of thin air. But it's very sensible.)
However, my OSS solution works much better for me than Apple's expensive, proprietary system would work for me.
Ok, that's great. Nobody is stopping you from using that solution, and Unison has been available on OSX for a while now. In fact, I don't see any reason to think you won't be able to use both Unison and Time Machine. So what's the problem?
Re:Security (Score:3, Insightful)
Microsoft is free to use any and every security feature ever developed by the open source community. This includes virtually 100% of Linux/bsd's development and lion's share of OSX's security features as well.
The reason we can't say the same for a Microsoft->open source is because for a lot of security in windows...no one has access at all.
Re:Security Conserns of Time Machiene? (Score:2, Insightful)
Assuming TimeMachine actually does allow such a functionality, which I doubt, but that's the premise here... There could be any number of reasons why a file which you do not want public *RIGHT NOW* was at some point in a public directory. Whether some idiot put it there forgetting it could be recovered later. Maybe they thought it would be OK because they gave it a cryptic name and nobody knew it was there. Maybe they put it there by accident "oops.. wrong file!", Maybe it was not deemed to be sensitive at the time but subsequent developments rendered the contents sensitive and worthy of retraction from public view. "what do you mean the ID was fake and she was only 17!?"
What if you forgot to lock your door, then remembered 20 yards down the street and came back to lock it. Only to have someone use "time machine" to go to the 30 second window you had left it unlocked and rob your house. Then you get some insurance dweeb coming to you with "well you shouldn't have left it open in the first place".
Exactly.. that's not the fucking point, is it.