Print 85 comment(s) - last by tmouse.. on Oct 5 at 8:20 AM

Memory protections in Snow Leopard are still too weak, though it shows other improvements

Apple has been bragging about the security of its new operating system, OS X 10.6 "Snow Leopard".  Leaping from Leopard to Snow Leopard, Apple gives its users limited antivirus/anti-malware protection (the feature currently only detects two signatures out of a handful of known OS X malware signatures).

Still, security experts aren't so hot on Snow Leopard, criticizing the operating system's default firewall setting of "off", its lack of fully automatic updates, and weak anti-phishing efforts for Safari.  They also weren't impressed that Apple shipped with a vulnerable version of Flash, which downgrade users from the safer current version.

Now one prominent Mac hacker has pointed out a significant difference that makes Snow Leopard less secure than the upcoming Microsoft OS, Windows 7. 

Charlie Miller, of Baltimore-based Independent Security Evaluators, the co-author of The Mac Hacker's Handbook, and winner of two consecutive "Pwn2own" hacker contests is about as experienced as OS X hackers come.  He recently criticized Snow Leopard, stating, "Apple didn't change anything.  It's the exact same ASLR as in Leopard, which means it's not very good."

ASLR is address space layout randomization, a security technology that randomly assigns data to memory to make it tougher for attackers to determine the location of critical operating system functions.  According to Mr. Miller, unlike Windows 7, which features robust ASLR, Snow Leopard's ASLR is half-baked. It does not properly randomize the heap, the stack and the dynamic linker, the part of Snow Leopard that links multiple shared libraries for an executable.  This means that it's much easier for hackers to attack Snow Leopard via memory injection than Windows 7.

Still Mr. Miller offered some praise for Apple.  They rewrote QuickTime X, their video player, largely from scratch fixing many holes and insecurities in the process -- including an exploit Mr. Miller had been saving.  He states, "Apple rewrote a bunch of QuickTime, which was really smart, since it's been the source of lots of bugs in the past.  They've shaken out hundreds of bugs in QuickTime over the years, but it was still really smart of them to rewrite it.  [Still] I'd reduce the number of file formats from 200 or so to 50, and reduce the attack surface. I don't think anyone would miss them."

He also praises Apple's relatively effective implementation of DEP (data execution prevention), another memory protection scheme that Windows 7 also has.  DEP is also present in Windows XP Service Pack 2 (SP2) and Windows Vista.  Still without ASLR, DEP is only so good he says.  He states, "Snow Leopard's more secure than Leopard, but it's not as secure as Vista or Windows 7.  When Apple has both [in place], that's when I'll stop complaining about Apple's security."

So why aren't Macs being exploited left and right and why can Apple still air commercials claiming superior security?  Mr. Miller states, "It's harder to write exploits for Windows than the Mac, but all you see are Windows exploits. That's because if [the hacker] can hit 90% of the machines out there, that's all he's gonna do. It's not worth him nearly doubling his work just to get that last 10%."

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: As a Windows user,
By gstrickler on 9/18/2009 6:58:36 PM , Rating: 2
A house has a higher chance of a burglary, than a bank, due to less security. There are more home invasion/burglaries in the world, than there are bank robberies.
No, and yes. There are more home burglaries per year, but there are also many times as many homes. The chance of a home being robbed/burgled is significantly lower than the chance of a bank being robbed.

In the US, the number of home burglaries is 7.099 per 1000 people.

In the US, there are an average of 2.59 people per household.

That means
7.099 * 2.59 / 1000 = 18.36 robberies per household per year.

The number of bank robberies in the US was over 10,000 in 2000 and is currently 6000-7000 per year.

I haven't been able to find a reliable count of the number of bank branches. I found the "number of banks" to be around 9500 here:
But I'm pretty sure that's not counting each branch. Given that Bank branches seem to be about as common as pharmacies, and I know that there are about 70,000 retail pharmacies in the US, I'm going to say the number of bank branches is between 50k-100k.

Using the higher numbers, that gives:
7000/100k = 70 bank robberies per 1000 bank branches per year. 4x the rate of home burglaries, even higher if I've overestimated the number of bank branches.

All things considered, I'll take my chances at home over a bank, even though the bank has more security than I can afford.

Now, I'm gonna go hide and wait for the US Secret Service to knock on my door after having repeatedly googled for variations of "bank robberies" "bank branches" and "home burglaries" to find these stats.

RE: As a Windows user,
By afkrotch on 9/21/2009 6:21:59 AM , Rating: 2
As for banks, too many to go over. National banks, state banks, non-FDIC, FDIC insured state non-member banks, Federal Credit Unions, State Credit Unions, and a lot more to go.

I also don't understand your bank calculation.

Shouldn't that be

100,000 banks / 7000 robberies = 14 bank robberies per bank per year.

Course I think there's more than 100,000 banks.

RE: As a Windows user,
By gstrickler on 9/21/2009 3:14:40 PM , Rating: 2
100,000 banks / 7000 robberies = 14 bank robberies per bank per year.
No, you have it upside down.

Course I think there's more than 100,000 banks.
I would be surprised if there are. If you can find a number, post the link.

"Let's face it, we're not changing the world. We're building a product that helps people buy more crap - and watch porn." -- Seagate CEO Bill Watkins

Most Popular Articles5 Cases for iPhone 7 and 7 iPhone Plus
September 18, 2016, 10:08 AM
No More Turtlenecks - Try Snakables
September 19, 2016, 7:44 AM
ADHD Diagnosis and Treatment in Children: Problem or Paranoia?
September 19, 2016, 5:30 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM
Automaker Porsche may expand range of Panamera Coupe design.
September 18, 2016, 11:00 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki