backtop


Print 85 comment(s) - last by tmouse.. on Oct 5 at 8:20 AM

Memory protections in Snow Leopard are still too weak, though it shows other improvements

Apple has been bragging about the security of its new operating system, OS X 10.6 "Snow Leopard".  Leaping from Leopard to Snow Leopard, Apple gives its users limited antivirus/anti-malware protection (the feature currently only detects two signatures out of a handful of known OS X malware signatures).

Still, security experts aren't so hot on Snow Leopard, criticizing the operating system's default firewall setting of "off", its lack of fully automatic updates, and weak anti-phishing efforts for Safari.  They also weren't impressed that Apple shipped with a vulnerable version of Flash, which downgrade users from the safer current version.

Now one prominent Mac hacker has pointed out a significant difference that makes Snow Leopard less secure than the upcoming Microsoft OS, Windows 7. 

Charlie Miller, of Baltimore-based Independent Security Evaluators, the co-author of The Mac Hacker's Handbook, and winner of two consecutive "Pwn2own" hacker contests is about as experienced as OS X hackers come.  He recently criticized Snow Leopard, stating, "Apple didn't change anything.  It's the exact same ASLR as in Leopard, which means it's not very good."

ASLR is address space layout randomization, a security technology that randomly assigns data to memory to make it tougher for attackers to determine the location of critical operating system functions.  According to Mr. Miller, unlike Windows 7, which features robust ASLR, Snow Leopard's ASLR is half-baked. It does not properly randomize the heap, the stack and the dynamic linker, the part of Snow Leopard that links multiple shared libraries for an executable.  This means that it's much easier for hackers to attack Snow Leopard via memory injection than Windows 7.

Still Mr. Miller offered some praise for Apple.  They rewrote QuickTime X, their video player, largely from scratch fixing many holes and insecurities in the process -- including an exploit Mr. Miller had been saving.  He states, "Apple rewrote a bunch of QuickTime, which was really smart, since it's been the source of lots of bugs in the past.  They've shaken out hundreds of bugs in QuickTime over the years, but it was still really smart of them to rewrite it.  [Still] I'd reduce the number of file formats from 200 or so to 50, and reduce the attack surface. I don't think anyone would miss them."

He also praises Apple's relatively effective implementation of DEP (data execution prevention), another memory protection scheme that Windows 7 also has.  DEP is also present in Windows XP Service Pack 2 (SP2) and Windows Vista.  Still without ASLR, DEP is only so good he says.  He states, "Snow Leopard's more secure than Leopard, but it's not as secure as Vista or Windows 7.  When Apple has both [in place], that's when I'll stop complaining about Apple's security."

So why aren't Macs being exploited left and right and why can Apple still air commercials claiming superior security?  Mr. Miller states, "It's harder to write exploits for Windows than the Mac, but all you see are Windows exploits. That's because if [the hacker] can hit 90% of the machines out there, that's all he's gonna do. It's not worth him nearly doubling his work just to get that last 10%."



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Quoted for truth
By DCstewieG on 9/17/2009 3:51:16 PM , Rating: -1
The two-finger + click is great because you barely move your hand. With a second physical button, you need to tuck your thumb over there. It's small and probably sounds stupid but when you're used to it it's great. (Actually it's a lot of little things like that why Apple users love their Macs and Windows users don't understand).

As for the virus thing, I should have clarified. I was thinking more about self-propogating worms and drive by installations which are by far the worst problems with Windows. The biggest real world malware on the Mac that I can think of has been the trojan in the warez copy of iWork, and there can never be perfect protection against those.


RE: Quoted for truth
By afkrotch on 9/18/2009 5:36:28 AM , Rating: 1
quote:
With a second physical button, you need to tuck your thumb over there.


Seriously? Did you just argue that point? Putting a 2nd finger on the touchpad is as much work as moving your thumb over to push a 2nd button.

quote:
The biggest real world malware on the Mac that I can think of has been the trojan in the warez copy of iWork, and there can never be perfect protection against those.


There's always a perfect protection, just not logical. Can't catch malware if your sledgehammer your computer.


RE: Quoted for truth
By PrinceGaz on 9/18/2009 12:53:34 PM , Rating: 2
Since when have people being using their thumb to press either of the two main mouse buttons?


RE: Quoted for truth
By afkrotch on 9/21/2009 5:15:22 AM , Rating: 2
We're talking about the touchpad on a laptop, where you can use a single button to hit either left or right click.

I don't use my thumb though. I just move my index finger down, after I finish mousing. My touchpad has scroll sliders along the botton and sides, so I don't need to hold down my left/right click.


RE: Quoted for truth
By adiposity on 9/21/2009 5:02:58 PM , Rating: 2
quote:
Seriously? Did you just argue that point? Putting a 2nd finger on the touchpad is as much work as moving your thumb over to push a 2nd button.


Right click dragging sucks with the Macbook method, IMO. You shouldn't ever have to put two fingers on the pad in order to do a button click, because then you may move the mouse when you don't intend to. Just not a great solution, even if it is workable.

Obviously, this is not a huge issue for Mac users because the interface is very useable even without the context menus / right-click interface. Running windows on a Macbook, though, is annoying unless you plug in a real mouse.

Obviously, the real reason for not having a second mouse button is simplicity. Macs just look streamlined and straightforward. I know Mac users who actually prefer NOT to have a second button. When I point out all the wasted fingers on that hand, they just shrug, and point out that it's never been an issue for them.

Apple was in a unique position to force people into having both mouse buttons, but they deliberately didn't do it, most likely because the single button is part of their image. Users are used to it and the interface doesn't really require two buttons.

It's pretty difficult to argue that lack of a second button is really an improvement, but you could make the case that the second button doesn't do much for Mac users.

-Dan


"A politician stumbles over himself... Then they pick it out. They edit it. He runs the clip, and then he makes a funny face, and the whole audience has a Pavlovian response." -- Joe Scarborough on John Stewart over Jim Cramer














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki