backtop


Print 85 comment(s) - last by tmouse.. on Oct 5 at 8:20 AM

Memory protections in Snow Leopard are still too weak, though it shows other improvements

Apple has been bragging about the security of its new operating system, OS X 10.6 "Snow Leopard".  Leaping from Leopard to Snow Leopard, Apple gives its users limited antivirus/anti-malware protection (the feature currently only detects two signatures out of a handful of known OS X malware signatures).

Still, security experts aren't so hot on Snow Leopard, criticizing the operating system's default firewall setting of "off", its lack of fully automatic updates, and weak anti-phishing efforts for Safari.  They also weren't impressed that Apple shipped with a vulnerable version of Flash, which downgrade users from the safer current version.

Now one prominent Mac hacker has pointed out a significant difference that makes Snow Leopard less secure than the upcoming Microsoft OS, Windows 7. 

Charlie Miller, of Baltimore-based Independent Security Evaluators, the co-author of The Mac Hacker's Handbook, and winner of two consecutive "Pwn2own" hacker contests is about as experienced as OS X hackers come.  He recently criticized Snow Leopard, stating, "Apple didn't change anything.  It's the exact same ASLR as in Leopard, which means it's not very good."

ASLR is address space layout randomization, a security technology that randomly assigns data to memory to make it tougher for attackers to determine the location of critical operating system functions.  According to Mr. Miller, unlike Windows 7, which features robust ASLR, Snow Leopard's ASLR is half-baked. It does not properly randomize the heap, the stack and the dynamic linker, the part of Snow Leopard that links multiple shared libraries for an executable.  This means that it's much easier for hackers to attack Snow Leopard via memory injection than Windows 7.

Still Mr. Miller offered some praise for Apple.  They rewrote QuickTime X, their video player, largely from scratch fixing many holes and insecurities in the process -- including an exploit Mr. Miller had been saving.  He states, "Apple rewrote a bunch of QuickTime, which was really smart, since it's been the source of lots of bugs in the past.  They've shaken out hundreds of bugs in QuickTime over the years, but it was still really smart of them to rewrite it.  [Still] I'd reduce the number of file formats from 200 or so to 50, and reduce the attack surface. I don't think anyone would miss them."

He also praises Apple's relatively effective implementation of DEP (data execution prevention), another memory protection scheme that Windows 7 also has.  DEP is also present in Windows XP Service Pack 2 (SP2) and Windows Vista.  Still without ASLR, DEP is only so good he says.  He states, "Snow Leopard's more secure than Leopard, but it's not as secure as Vista or Windows 7.  When Apple has both [in place], that's when I'll stop complaining about Apple's security."

So why aren't Macs being exploited left and right and why can Apple still air commercials claiming superior security?  Mr. Miller states, "It's harder to write exploits for Windows than the Mac, but all you see are Windows exploits. That's because if [the hacker] can hit 90% of the machines out there, that's all he's gonna do. It's not worth him nearly doubling his work just to get that last 10%."



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

By UrbanBard on 9/17/2009 1:50:56 PM , Rating: -1
Not so.

Snow Leopard can boot into the 64 bit Kernel; Leopard cannot. As a practical matter, Apple is using the next year to transition to 64 bit applications, so it doesn't boot automatically into the 64 bit kernel. This means that it can't use the expanded security that a 64 bit ASLR gives it. But it will, soon enough. Over the next year, almost every application will convert. In four to five months, most of us will be running the 64 bit kernel. It isn't hard to do that now, but we need to wait for some of the programmers to catch up with us.

Microsoft will be taking at least five years to transition to a 64 bit kernel. Wintel customers see no advantage in buying two operating systems from Microsoft and its 64 bit OS isn't very useful or well supported yet. Hey! Most Wintel users won't even be buying System Seven for a while. Sixty percent of businesses say that they will be staying with Windows XP for a year. So, no security upgrades for them.

Snow Leopard gives us 64 bit security now, but there is little reason to boot into it for the next year. The Mac OS is not under attack the way that Microsoft Windows is. You can say that this is because of Security by Obscurity. That is fine, so long as we aren't attacked the way that you Wintel users are. There is more to it than just this one argument.

Apple has been growing at 30% a year. It will only take six years of doing that to equal 50% of the market. I'm betting that even if Apple got that high a market share, the Wintel advocates would still be using the Security by Obscurity argument.

Apple's US market is about 10%. We Mac users have money to spend for more expensive computers, so we should be under attack because we are richer that you Wintel users. But, the hackers leave us alone to attack you.

Are the hackers stupid or what? Or is it a more difficult task to attack the Mac than Windows? I'd say the latter.




By dark matter on 9/17/2009 2:01:48 PM , Rating: 3
I have never heard as much guff as this line.

"Wintel customers see no advantage in buying two operating systems from Microsoft and its 64 bit OS isn't very useful or well supported yet"

You really do not have a clue judging by this comment. And I don't need to explain why because I imagine 99% of the DT readers know your statement to be false. (Including the ardent die hard Mac heads if they are honest - or actually know anything about PC's)


By walk2k on 9/17/2009 2:49:05 PM , Rating: 2
quote:
Apple has been growing at 30% a year. It will only take six years of doing that to equal 50% of the market.
You're high if you really believe that.

"Then in 10 more years Apple will have 200% of the market! That's right, every person on the planet will own -1 PCs!"


By Luticus on 9/17/2009 4:17:09 PM , Rating: 2
Oh my god you are so stupid it’s unbelievable. I’m actually having trouble figuring out how to best yell at you!

I guest first and foremost I’d like to make clear that Windows PC is not equal to poor person. Yes more poor people can use Windows PCs than Mac PCs because Windows PCs tend to be more affordable; however, just because a machine runs Windows doesn’t mean it’s cheap (mine was 2k+ counting keyboard and monitor) or even if it is cheap it doesn’t mean that the user is poor, just not stupid.

quote:
Microsoft will be taking at least five years to transition to a 64 bit kernel.

I’ve been using 64bit since Windows Vista came out. What do you mean it’s not useful or well supported? Please do some homework…

quote:
Apple is using the next year to transition to 64 bit applications, so it doesn't boot automatically into the 64 bit kernel.

On windows we have this nifty thing called sysWOW64 which allows us to run 32bit code on our 64bit OS. It’s a pity you guys have to wait.

quote:
Apple has been growing at 30% a year. It will only take six years of doing that to equal 50% of the market. I'm betting that even if Apple got that high a market share, the Wintel advocates would still be using the Security by Obscurity argument.

Yea, good luck with that. If Mac ever takes over I’m going to Linux permanently. Better security, more customizable (with Mac’s whole choose two colors interface… HAH), and it’s got more software!

quote:
Apple's US market is about 10%. We Mac users have money to spend for more expensive computers, so we should be under attack because we are richer that you Wintel users. But, the hackers leave us alone to attack you.

Are you trying to see how much of a condescending douche bag you can be in the shortest amount of time? If so you’re doing a pretty good job here man. You keep telling yourself that, whatever helps you sleep at night.

Most financial institutions and businesses alike run what? Say it with me now… don’t hold back… WINDOWS!

Ok… I’m done… I can’t even think clearly enough to argue with you anymore… you’ve given me a migraine in my EYE!


By walk2k on 9/17/2009 4:21:41 PM , Rating: 2
Sorry Neckbeard but OS-X has 4.86% of the marketshare according to
http://marketshare.hitslink.com/operating-system-m...

Yes it's up 33% from last year... not hard to do when you're only at 3.5%, that's a whopping 1.3%

If it gains 1.3% per year for the next 6 years (very unlikely) it will be up to a whopping... 5.25%

50% lol quit huffing glue.


By Alexstarfire on 9/17/2009 9:12:54 PM , Rating: 2
From the person who told him to stop huffing glue I'm surprised you can't do basic math. Increasing at a rate of 1.3% for 6 years would mean Apple would have a 12.66% market share.


By afkrotch on 9/21/2009 6:51:18 AM , Rating: 2
1.3 * 6 = 7.8
7.8 + 3.5 = 11.3

You calculated for 7 years, not 6.


"A politician stumbles over himself... Then they pick it out. They edit it. He runs the clip, and then he makes a funny face, and the whole audience has a Pavlovian response." -- Joe Scarborough on John Stewart over Jim Cramer














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki