Apple Releases Mac OS X Leopard Security Guide 61
Wormfan writes to share ZDNet's brief mention of and a link to "Apple's release of a ~250 page PDF of security best-practices and tips to protect Mac OS X Leopard clients. The guide is aimed at experienced users, Apple says, familiar with the Terminal application and its command-line interface."
argh: all my passwords contain a capital "U" (Score:5, Interesting)
In the Password and Verify fields, enter a new Open Firmware or EFI password, and click OK.
This password can be up to eight characters. Do not use the capital letter "U" in an Open Firmware password.
If you do, your password will not be recognized during the startup process.
Re:They lied! (Score:2, Interesting)
Re:They lied! (Score:5, Interesting)
Documents like this will encourage people like me to at least look at Apple when considering purchases.
I have never trusted the 'so safe you don't need protection' argument about any product, much less one as important as a computer operating system. Let's not even dig into the can 'o worms of trusting a publically traded, and therefore profit driven company, to maintain the highest production standards indefinitely.
Security vulnerabilities just take time to evolve, they will find everyone sooner or later.
What happened to 'Secure by Default?' (Score:5, Interesting)
- Be an experienced user familiar with the terminal, and
- Read a 250 page PDF
then I wonder a little about Leopard's security.Having skimmed the document, I'm a little bit less sceptical. In a lot of places it explains why the default configuration is secure (e.g. mDNSResponder uses the MAC framework to run in a sandbox, which is why the recent security hole did not apply to Leopard, while it did to Tiger, Windows and Linux). It also told me about a few features I was completely ignorant of, such as the ability to use a smartcard to unlock File Vault images and the keychain rather than a password (would be a bit more useful if Macs included a JavaCard reader). It also covers things like completely disabling WiFi and Bluetooth, which are likely only to be required by people working in the defence industry or suffering from extreme paranoia (but I repeat myself). Sadly, although it mentions the MAC framework, it doesn't give any hints about actually using it.
It also includes one thing that made me groan slightly:
A couple of issues on the very first page. (Score:3, Interesting)
The main result of this is to train people to click "OK" to security dialogs. I have observed this trend in Windows, over the past decade as a network and system admin, and there were several users who would REPEATEDLY come to me with "I clicked the wrong button again and I think I've got a virus".
Easier network security. After you've activated the new Mac OS X v10.5 application firewall, it configures itself so you get the benefits of firewall protection without needing to understand the details of network ports and protocols.
OS X is not Windows: it does not promiscuously open listening ports unless you are serving data. Unless you have installed third party software that opens additional ports, there is nothing the firewall needs to do (and indeed it has been reported that the firewall does not actually restrict access to any standard ports), and there is little point in running it. If you have, then you need to understand network ports and protocols.
Re:argh: all my passwords contain a capital "U" (Score:3, Interesting)
Anybody know the reason for this?
Re:They lied! (Score:3, Interesting)
I'm not sure you should completely abandon that conception. Apple's attitude towards security has been a bit erratic. My perception is that the old-school Apple developers and UI gurus pay little attention to security and some projects are dominated by such people. On the other hand, the people from Next and who were hired on for their UNIX experience care a lot more about security and projects they dominate fare much better.
Apple has certainly been taking steps towards better OS X security. FileVault is functional, if not perfect and OS X in general seems to have at least some security review going on for default settings. They added secure deletion and support for security cards (probably requirements for government purchases). Their new Mandatory Access Control framework and application signing frameworks in Leopard show they are committing resources to proactive security improvements, even ones that their user base as a whole really doesn't need yet. I actually have more hope for MAC in OS X than in Linux, since Jobs can make the hard decision to require it for all new software, whereas there really doesn't seem anyone capable of doing the same for Linux and consensus is hard to reach.
Re:A couple of issues on the very first page. (Score:3, Interesting)
Absolutely not.
It doesn't matter WHAT the dialogs say. The Windows dialogs I'm talking about do NOT in general actually read "OK", there are a variety of approval buttons in use, most of them completely descriptive of what they are going to do.
The problem is NOT what the dialogs say. This is not the "OK/Cancel" problem in any way, shape, or form.
The problem is that unnecessary approval dialogs are being used at all. OS X's only advantage here is that there are
Ideally, they should be able to run it without a warning and the OS should appropriately sandbox it, by default, so that it can be run safely, even if it is malware.
A sandbox that is complete enough to actually prevent malware from escaping will be too restrictive. Anything less than full MAC (orange book class B, at every level, default closed, under explicit user control) will be no better than Microsoft's sandbox for IE (which has had demonstrated failures right from the start), and full mandatory access control has proven too cumbersome everywhere it's been implemented.
Apple's design seems like a pretty good compromise to me.
Apples design is the result of a mistake they made in Safari in 2004... making 'open "Safe" files' on by default... and backed out of last year, but having put their money on stupid approval dialogs they seem unable to consider a better approach, like downloading files to a "Downloads" folder, and providing a download manager in Safari (or perhaps as a plugin for Finder, though putting it in Safari would improve thigs for Windows as well) that provides the tools to allow the user to make a reasoned decision about downloaded files on their own schedule.
I approve of Apple's ability to back out of mistakes, albeit reluctantly. That puts them light-years ahead of Microsoft, who (for example) still ship Windows with Autorun (which should be called AutoInfection) enabled. I just wish they were quicker about it.
I'd also note that the new firewall is application based, not port based.
That's potentially a plus, in that it actually forces people to become aware of ports and networking basics even quicker than I thought it would. But a minus because similar application firewalls on Windows generally get turned off pretty quickly because they are too annoying to put up with for the people who would most benefit from them. And it certainly doesn't satisfy the claim that it's automatic and invisible.
And, well, a layered defense that automatically opens the gates isn't much of a layered defense.
Framemaker 6 (Score:5, Interesting)
This is sort of off topic, but the PDF metadata claims it was made using Adobe Framemaker 6.0 and a Macintosh version of Adobe Distiller. That strongly implies this guide to securing the latest and greatest version of OS X, was actually put together and created using a PPC Mac running classic. I wonder what Apple plans to do in this regard going forward, since none of their currently offered systems can run this software and their are really not many alternatives for said niche. Maybe Adobe will face one more Apple product as a competitor in the next year or so, if Apple decides to bring an OS X native program to market as they have in other cases like this.