The security features introduced in Apple ’ ’s Leopard operating system update need work .
That ’s according to security department expert who have been place the new version of Mac OS X through its paces , since the upgrade was introduced last Friday .
Leopard introduces a number of important security features to the Mac , but they are often implemented incompletely , leaving user vulnerable to attack , articulate Thomas Ptacek , a researcher at Matasano Security , who Monday wrote adetailed assessmentof Leopard ’s security .
“ They ’ve done a really ripe task of robbing Microsoft advocates of their talk points , ” he tell . But , “ I do n’t see anything that they ’ve done out of the box seat , where it ’s really any more resistant to assail than Tiger was , ” he added , referring to the previous update to Apple ’s operating system .
According to Ptacek , two of Apple ’s key surety sweetening — Sandboxing and Library Randomization — are big ideas that are amiss applied within Leopard .
Take Library Randomization . It ’s a new characteristic that ’s imagine to make it hard for some of the most ordinarily used computer attack like buffer overflows , where the attacker takes advantage of a package microbe to localise code somewhere in the computing machine ’s memory where he love it will be run . Microsoft developed a similar technology for Vista , call Address Space Load Randomization . Library Randomization have it much harder , if not impossible , for the assaulter to jazz where to place this code , cut the risk of attack .
The job is that Apple did not randomise all of the part of the operating system that it should have , according to Ptacek . In finicky , Apple ’s Dynamic Link Library has not been randomized .
Security researcher Dino Dai Zovi enunciate he ’s used this library in several of the Mac exploit he ’s write over the preceding few years . He has taken advantage of the fact that this library is not randomized , he agreed with Ptacek ’s assessment that this feature , as it ’s implemented in Leopard , would only make thing a little more hard for attackers .
Sandboxing is another feature that could at long last make Mac OS X more secure . Sandboxing restricts software running on Mac atomic number 76 so that even if it ’s hacked , it ca n’t do things that it should n’t , such as add new software system to the computer . The trouble is that Apple has n’t sandboxed many of the most commonly attacked practical program such as the web internet browser , ring mail guest , or instant messaging software , Ptacek said .
And the programs that have been sandboxed have not been walled off as thoroughly as they should be , he tot .
For example , the Quick Look data file viewer has been sandboxed , but only to restrict web accession . The software can still be misused to write malicious file where they will be automatically plunge , Dai Zovi said . “ Most of the matter that were sandboxed were mesh religious service , ” he said . “ Increasingly these days IM , tocopherol - mail and World Wide Web surfing are where most of the attempt are come from , not directly on your web . ”
main advisor Rich Mogull say that his biggest trouble was with the Leopard firewall , which he said digest from a puzzling port that made it very difficult to ascertain entree to item-by-item service on the Mac . “ It was very complicated and very grueling to get the right configurations , ” he say .
Worse , when he installed Leopard , he find out himself of a sudden without a firewall . “ It turned off my firewall when I upgraded , despite that being a default setting , ” he say .
Like Ptacek and Dai Zovi , Mogull said he had been expecting more from Apple with the Leopard release , but he agree that the new security features were a whole step in the right direction . “ I think that Apple has started down the right track but they are not as far as they communicated that they would be , ” he enunciate . “ The firewall is the big negative ; they really messed that up . ”
Apple wane to comment in detail on its young security lineament . Company spokesman Anuj Nayar said via e - postal service that “ Apple takes surety very seriously and has a great track record book of addressing potential vulnerabilities before they can dissemble user . ”
Ptacek say that it is great that Apple has begun adding these security feature even when the Mac has not been the target of a widespread louse or virus outbreak . “ I ’m impressed that when they did n’t have to do it , they went after depleted - level feature that no one will understand , ” he said . “ I wish the counseling they ’re head . I ’m just articulate that they ’ve got a long way to go to catch up with Microsoft . ”
