A Closer Look At Apple Leopard Security 267
Last week we discussed some of the security features coming in Leopard. This article goes into more depth on OS X 10.5 security — probably as much technical detail as we're going to get until the folks who know come out from under their NDAs on Friday. The writer argues that Apple's new Time Machine automatic backup should be considered a security feature. "Overall, Mac OS X 10.5 Leopard is perhaps the most significant update in the history of Mac OS X — perhaps in the history of Apple — from a security standpoint. It marks a shift from basing Macintosh security on hard outside walls to building more resiliency and survivability into the core operating system."
Security Conserns of Time Machiene? (Score:3, Interesting)
While I do agree having good backups is important part of security... Perhaps just perhaps because it is so easy there is a security problem with it.
Apple can no longer hide behind small markets (Score:1, Interesting)
App signing and stack randomization has already come to windows.
System restore and shadow copy exists in Windows, though it looks like Apple will be providing a better backup system out of the box.
And the sanboxing sounds a lot like UAC with the exception that you wont get a prompt. The sandboxed app will just be denied.
It sounds like Apple OS is not inherently more secure than Windows. It is now a larger target, so it needs these new protections.
Re:WTF??? (Score:5, Interesting)
Apple just made it easier to recover deleted files, if you're using backups. If you're not using backups, there is no problem. OS X has also long had a "secure delete" option that not only deletes the file, but writes over it with random data multiple times, ala DoD requirements. I'd be willing to bet that also does the same on your time machine backups.
Backups as Security? (Score:2, Interesting)
Although I am a fan of backups, this is really silly. Even if we assume that users have Time Machine turned on, that they have external media on which to back up, that they manage to actually have everything turned on and hooked up to do the automated backup, there's still one hole in this argument.
In order for a backup to offer protection you need to know that there is something that needs to be restored from the backup. If most security attacks are by nature silent then you won't realize that you have been compromised and will not preserve a recent backup much less restore it.
Unless there is unlimited storage space for backups there will come a point when Good Data Set A will be replaced on your backup by Corrupted Data Set B. Time Machine likely has no way of knowing that the data it has just backed up is not your good current file, but one that has been damaged. All that it knows is that the file changed.
Re:Significance (Score:3, Interesting)
I mean really...you think the people who even know about the term "preemptive multitasking" wasn't outnumbered by those who groused about how the new Mac upgrade ran at glacial speeds and lacked spring-loaded folders? OS X is great...and I'm excited about Leopard...but there was a reason that the classic Mac OS inspired diehard fans.
Re:Significance (Score:3, Interesting)
There were people who understood the flaws, but (correctly) thought that moving to OS X should not require giving up good performance (which took years to get back), or UI niceties like the way the classic Finder worked. As to the latter, unfortunately Steve apparently didn't like the old Finder and never allowed the OS X Finder to work the same way. Spatial mode is still broken to this day, the "Show Package Contents" feature is inferior to the one from OS 9, the 1-1 relationship between folders and windows is still not as well enforced as it was in OS 9, and as the previous poster mentioned, it took years to get spring loaded folders back (and even longer than that to get its behavior on par with the old implementation), just to name a few examples.
None of that has anything to do with multitasking or event loop handling and you know it. Or hell, maybe you don't, in which case you're pretty dumb.
Many of these approaches have already failed (Score:3, Interesting)
I wish that Apple would decide to photocopy good ideas from Microsoft rather than bad ones. The single set of application bindings for helper applications and URL handlers? That comes from Windows. The idea of giving users the opportunity to open potentially hostile files directly from mail and browser software? That comes from Windows. Open Safe Files? That comes from Windows. Popping up dialogs before automatically doing stupid things, instead of not automatically doing stupid things? That comes from Windows.
The last straw for me was when Safari on OSX warned me that I was downloading an EXE file because it's executable. Not that I was running it. Just that I was downloading it. Holy Mother of Turing!
*sigh*
At least they don't have anything like ActiveX yet.
Re:Leopard Screenshots and Tutorials (Score:5, Interesting)
Re:Security (Score:2, Interesting)
To answer the parent question, security is a feature that business perceives as a competitive advantage. Not to mention the ridiculousness of people from one company taking recommendations from outside programmers on how they should do their jobs.
Seth
Re:It's to bad that 10.5 is not comeing out for al (Score:1, Interesting)
Re:Many of these approaches have already failed (Score:1, Interesting)
I have the same problem with Gnome asking me "this file appears to be type X but the extension indicates that it is type Y. please make sure things are secure." Just freaking give me a "don't show this dialog again" option, or "open anyway" or at least memorize that this file is opened with this app! but no Gnome is trying to be the Vista of OSS.
Note: I use Gnome and it's great, but this particular feature(bug?) is seriously freaking me out.
Re:Code randomization a bad idea (Score:4, Interesting)
Re:Significance (Score:5, Interesting)
myself, i would consider the shift in architechure a greater historical shakeup. it's still amazing to me apple has shifted their core processor/architechure setup twice, including an emulation layer (each time) to ease transition. i had (and still own) a Motorola Mac (SE/30, Moto 68030 CPU) and remember the titanic shift it was migrating to the PowerPC. And, more recently, shifting from the Power/RISC platform to Intel. I think Apple's continued demonstrated ability to shift its underpinnings with damn near nary a disruption is scary impressive.
-r
The Classic interface (Score:5, Interesting)
Don't get me wrong, I still think OS X is better overall, because of its underlying architecture and a functional CLI, but the Classic Mac GUI had been honed incrementally over almost two decades before Steve just decided to bin the whole thing and reinvent the wheel. It was that interface which made the crappiness of OS 9 worth dealing with, despite the fact that you could hang the whole system by holding down the mouse button, and had to manually allocate memory, and everything else. It was the Mac's saving grace -- perhaps its only saving grace -- throughout the 'lean years' of the platform. And that's why a lot of users just never got over its elimination; it was, for many people, the only reason why they'd stuck around for so long.
There was no real reason to change it when the old codebase was dropped for NeXT's: even if none of the code needed to be kept, the interface guidelines that had evolved as best practices, arrived at by painstaking trial-and-error by generations of Mac programmers, could have been retained. What I think happened is that Steve Jobs wanted more eye candy, and wanted to make the entire desktop reflect the OS's "newness." It was a sales tactic, and although I don't think there's any debate that it worked, it was a pretty huge cost.
OS 9 was an operating system with a great GUI and a terrible backend; OS X had a great backend, but a GUI that was almost unusable at first, and which has only very recently come back on par with the Classic OS circa System 7.5 or so. (They just recently snuck the option-click-to-close-all-Finder-windows trick back in, which I believe originated on the IIgs, and was definitely missing for a while in early OS X versions...)
(Incidentally, the interface scizophrenia isn't limited just to the Mac OS; you also see this behavior in some of the major Apple apps [e.g. iTunes] -- every time there's a whole-number version increase, some part of the interface gets changed, apparently for the sake of changing it. It's as if they realize that some people won't believe that anything is different unless the widgets change, so they scramble everything around periodically, just to keep everyone on their toes.)
Re:Evil bit? (Score:2, Interesting)