Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Apple Adds Memory Randomization To Leopard

kdawson posted about 7 years ago | from the shuffling-the-wormholes dept.

Security 311

.mack notes a ZDNet blog outlining some of the security features added to OSX Leopard (10.5). Here's Apple's brief description of all 11 new security features. "Apple has announced plans to add code-scrambling diversity to Mac OS X Leopard, a move aimed at making the operating system more resilient to virus and worm attacks. The security technology, known as ASLR (address space layout randomization), randomly arranges the positions of key data areas to prevent malware authors from predicting target addresses. Another new feature coming in Leopard is Sandboxing (systrace), which limits an application's access to the system by enforcing access policies for system calls."

Sorry! There are no comments related to the filter you selected.

Woo! (4, Funny)

gazbo (517111) | about 7 years ago | (#21023283)

Apple is finally catching up with BSD, Linux and Vista!

Re:Woo! (-1, Troll)

Anonymous Coward | about 7 years ago | (#21023327)

Were you born yesterday? Seems you know absolutely nothing about OS X.

Re:Woo! (3, Interesting)

Corwn of Amber (802933) | about 7 years ago | (#21023445)

I, for one, am going to buy Leopard, the day it's out.
Then I'll put it on in a drawer.
Then I'll download the ISO of the version I'll install on my PC.

And I'll be a happy Apple customer :)

(I'm NOT going to buy a Mac unless I win the lottery or something. But I can spend $139 on the company that's produced the best OS for my use.)

Re:Woo! (0, Troll)

bhima (46039) | about 7 years ago | (#21023635)

I was planning on doing something a little different.
I already have a quad G5 PowerMac. And I'm downloading Leopard when it hits the various torrent sites I frequent. After using it for a bit if it is not a complete cluster fuck and it does not try to control the way I use my computer (as the iPhone, iPod touch, and Apple TV do) then I'll upgrade. If it does, they can go fuck themselves and I'm moving to a BSD of some flavor.

Re:Woo! (1, Funny)

stewbacca (1033764) | about 7 years ago | (#21023999)

Yeah, don't buy a Mac. I hear they are slow, overpriced, and don't have any software.

Re:Woo! (0, Troll)

skingers6894 (816110) | about 7 years ago | (#21023439)

Yes in every way except number of actual viruses....

Re:Woo! (0, Funny)

Anonymous Coward | about 7 years ago | (#21023483)

I'm hating all those BSD and Linux viruses...

Keep drinkin' the cool-aid :)

Re:Woo! (0, Troll)

Stooshie (993666) | about 7 years ago | (#21023493)

Actually, weren't all these features available in XP?

Re:Woo! (2, Insightful)

rootofevil (188401) | about 7 years ago | (#21023675)

memory randomization and filesystem snapshotting? are you serious?

Re:Woo! (5, Informative)

bunratty (545641) | about 7 years ago | (#21023797)

As far as I can tell, even the Linux kernel doesn't have memory randomization. You need a patch like PaX [wikipedia.org] to get that feature.

Re:Woo! (1, Insightful)

Anonymous Coward | about 7 years ago | (#21024077)

Or you can use bog standard OpenBSD.

Re:Woo! (1)

verbatim_verbose (411803) | about 7 years ago | (#21024279)

Or just use stock Fedora.

Re:Woo! (2)

suv4x4 (956391) | about 7 years ago | (#21024007)

Actually, weren't all these features available in XP?

ASLR is not present in XP. Sandboxing.. that is vaguely defined in the article/summary.

All OS-es in the world make use of *some* sandboxing on the hardware level, ring-0, ring-1 etc.
Also all OS-es have privilege implementation (file system privileges, etc.), including pre-Leopard OSX.

But I think Leopard implements something more granular. Windows 7 is also said to run all Win32 code in more pronounced and more granular sandbox than before (which means it's not in XP). Managed code (.NET) won't need this sandbox as it's natively supported in the runtime already.

Microsoft definitely has something going on with .NET code though. The kind of security you can get there can't be compared with anything you can do on the software or even hardware level, with pure unmanaged code.

Re:Woo! (4, Informative)

bzzzt (313005) | about 7 years ago | (#21024169)

Microsoft definitely has something going on with .NET code though. The kind of security you can get there can't be compared with anything you can do on the software or even hardware level, with pure unmanaged code.

Nice to hear those Microsoft people are about to catch up with the Java sandbox model from 1997 ;)

Re:Woo! (0, Troll)

suv4x4 (956391) | about 7 years ago | (#21024307)

Nice to hear those Microsoft people are about to catch up with the Java sandbox model from 1997 ;)

It's apparent you have no clue of the advantages of .NET over Java in this area.

Re:Woo! (1, Flamebait)

nschubach (922175) | about 7 years ago | (#21024381)

I'm sorry, I haven't read the latest marketi... sorry, tech doc on .NET and how wonderful it is.

Re:Woo! (5, Funny)

jsiren (886858) | about 7 years ago | (#21024247)

Even I have a random memory!

Re:Woo! (0, Flamebait)

jellomizer (103300) | about 7 years ago | (#21023551)

Being that BSD and Linux are updated regually. And we havent had an OS X Sience after Vista. They all kinda came out at the same time. Each Next major (or Sub Major) relase has the feature. OS X is the last one to give an Update to their OS. Now BSD, Linux and Microsoft will scramble to create features that compete with apples new features. It is an endless cycle. Isn't competition grand.

Re:Woo! (1)

camperdave (969942) | about 7 years ago | (#21023633)

Isn't competition grand.

Now, if we could only get the competition to happen on commodity hardware... Can you just imagine it? An OS that combines the popularity of Windows, the consistent feel of a Mac, the security of a BSD, with the openness and price point of linux - Sweet.

Re:Woo! (1)

jellomizer (103300) | about 7 years ago | (#21023691)

Isn't that the Mac?
Macs popularity has risen the latest article has Macs at 8.5% market share. OS X is based of BSD and the new version is officially considered Unix. Much of the core is from open source products. Macs are probably the closest thing you will get to your utopian OS

Re:Woo! (1)

mdwh2 (535323) | about 7 years ago | (#21023891)

Isn't that the Mac?
Macs popularity has risen the latest article has Macs at 8.5% market share. OS X is based of BSD and the new version is officially considered Unix. Much of the core is from open source products. Macs are probably the closest thing you will get to your utopian OS


So it's the Mac, except for the popularity of Windows, and the openness and price point of Linux.

You might as well say it's Windows, because it has all the features he wants, except for the ones it doesn't...

Re:Woo! (3, Funny)

Anonymous Coward | about 7 years ago | (#21023701)

... or, an OS with popularity of BSD, the consistent feel of Linux, the security of a Windows, with the openness and price point of OSX.

After an old joke about the EU, sorry.

Don't worry (0, Flamebait)

Anonymous Coward | about 7 years ago | (#21023565)

Don't worry... Somehow people will soon think that ihey invented the thing and everybody else is copying int... I post anonymously of course. fear the macbois.

Re:Woo! (1)

0xC2 (896799) | about 7 years ago | (#21023747)

So either Apple is speeding up, or the others are slowing down. Which is it?

'cept (0, Funny)

Anonymous Coward | about 7 years ago | (#21023937)

Apple is finally catching up with BSD, Linux and Vista!
'cept in VIsta the randomization is not on purpose. ;)

Re:'cept (1)

nschubach (922175) | about 7 years ago | (#21024415)

No no, your thinking about Excel.

Re:Woo! (4, Insightful)

suv4x4 (956391) | about 7 years ago | (#21023957)

Apple is finally catching up with BSD, Linux and Vista!

Hehe, you were modded +5 Funny, but if it was the other way around:

"Vista is finally catching up with BSD, Linux and OSX!"

You would be modded +5 Insightful... Where are the scores of Microsoft fanboys bashing Apple, damn it!

Re:Woo! (-1, Flamebait)

Anonymous Coward | about 7 years ago | (#21024437)

Haven't spent much time in the BSD or Linux kernels huh?? You keep drinking the Linux FUD Shakes ... they're free.

Re:Woo! (2, Funny)

pohl (872) | about 7 years ago | (#21024477)

Where are the scores of Microsoft fanboys bashing Apple, damn it!

90% of them don't have any real passions or sense of quality and are just playing follow-the-market-leader.

The other 10% are too busy chewing Ayn Rand's carpet

.

obligitary troll (4, Funny)

pat mcguire (1134935) | about 7 years ago | (#21023297)

If only this broke bootcamp compatibility - then they'd really prevent viruses.

A little late perhaps? (0)

monkeyboythom (796957) | about 7 years ago | (#21023303)

[blockquote]Apple has announced plans to add code-scrambling diversity to Mac OS X Leopard,[/blockquote] Diversity Month was in April. Oh well...

Leopard? (-1, Flamebait)

Anonymous Coward | about 7 years ago | (#21023305)

Why would Apple chooses such a gay name for its operating system?

Re:Leopard? (5, Funny)

Just Some Guy (3352) | about 7 years ago | (#21023331)

Why would Apple chooses such a gay name for its operating system?

To give you closeted folk an excuse to talk about your feelings in public.

Simple. (4, Funny)

Lethyos (408045) | about 7 years ago | (#21023359)

Because the Macintosh is the Gay Computer [shelleytherepublican.com] .

Re:Simple. (2, Funny)

stewbacca (1033764) | about 7 years ago | (#21024027)

I can't tell if that is a serious blog or if it is a Steven Colbert quality parody. Surely people THAT stupid aren't intelligent enough to post a blog....are they?

Re:Simple. (1)

bibi-pov (819943) | about 7 years ago | (#21024209)

I'll let you be the judge of that based on this quote:

The Apple OSX platform is missing a large number of common and esential productivity tools commonly used on the Windows platform. For example the endearing BonziBuddy can only be found on Windows, and therefore will only run on a Mac that has been upgraded to Boot-Camp and Windows. I suspect that this is exactly what most Mac-owners will feel forced to do.
You still can't tell? The geek membership revocation desk is just right of the exit, please drop your badge in the basket before leaving ;)

Re:Simple. (0)

Anonymous Coward | about 7 years ago | (#21024091)

Kevin Rose does have some serious macbook love.

Re:Simple. (1)

ch0ad (1127549) | about 7 years ago | (#21024261)

the amount of people replying in the comments who take it seriously is staggering!

"The latest apple eMac named after the hacker tool built by open-source communist RMS."

Where do you get this?? First the iMac was created, the "i" standing for internet, meant to target consumers rather than professionals. The eMac was made and meant for schools, the "e" standing for education. I worked for Apple, I know their products.

You know that Bonzi Buddy is SPYWARE, correct? I worked for Microsoft removing spyware and viruses, this one was a major pain. OSX isn't affected by spyware. Viruses rarely. Do you actually like having to run virus scans and spyware scans every time you boot up? I sure don't.

Stolen Unix code-base....stolen?

The iBook is no longer being made, and was replaced by the Macbook. It's a lot faster than the iBook.

The first Apple Computer you have pictured was built a long, long time ago. I don't think you can really use something so out of date to validate your argument.

"The Microsoft Windows operating system makes installing, uninstalling, defragmenting, and removal of viruses and spyware trivially easy."

Did you ever try to get rid of an about:blank hijack that specifically targets Internet Explorer? It doesn't go the first time, and comes back after a couple of reboots. And a lot of spyware is very stubborn when you try to remove it from the Add/Remove Programs function in the Control Panel. Sometimes removing spyware will kill your internet connection by corrupting your WinSock. You can download a program that will fix it, but...your internet connection is killed. Unless you have another computer at hand, you have to figure out another way to get it. Or, go into the registry, dump the keys, and hope that reinstalling nettcpip.inf works.

Yes, that's easy, if you like everything complicated.

roffle. well, i didnt read much past there so i dont actually know how many people were taking it seriously... but 1 is too many!

Cool, but even better... (5, Interesting)

Just Some Guy (3352) | about 7 years ago | (#21023311)

From the changelog [apple.com] :

CalDAV Group Scheduling
Schedule a meeting with colleagues, check availability, and book conference rooms when using iCal with a compatible CalDAV server like iCal Server.

Reserve Rooms and Equipment
Reserve meeting rooms and equipment as you create your meeting invitations. If your calendar is administered through a CalDAV server, iCal automatically displays availabilities when you add a room or resource to your meeting.

It sounds like a high-level player finally decided to take on Exchange. My biggest questions: are there Windows programs that support these features via CalDAV, and is there a CalDAV server in FreeBSD's ports?

Re:Cool, but even better... (2, Informative)

gEvil (beta) (945888) | about 7 years ago | (#21023407)

My biggest questions: are there Windows programs that support these features via CalDAV, and is there a CalDAV server in FreeBSD's ports?

It looks like there are a handful of Windows apps [osafoundation.org] that support CalDAV at this time. Since it's an open standard, it shouldn't be long before more calendar apps support it. As for the server, this [wikipedia.org] is what I could find with a 10 second search. Looks promising, too.

Re:Cool, but even better... (5, Informative)

link915 (900930) | about 7 years ago | (#21023547)

Currently no viable solution exists on a Windows box. There are things like Sunbird and Yagoon but they don't work well with Outlook (i.e. no real integration). Currently there is a project called Open Connector that exists to bring caldav support to Outlook. It is quickly reaching beta but the main developer needs help. I am pitching in and hope that others will as well. Check it out at http://www.openconnector.org./ [www.openconnector.org]

Also, the calendar server that is used in Leopard is nothing more than the open-source Darwin calendar server at http://trac.calendarserver.org/projects/calendarserver [calendarserver.org]

So, although nothing exists in ports that I can find you can run the Darwin calendar server on FreeBSD.

Re:Cool, but even better... (1)

Just Some Guy (3352) | about 7 years ago | (#21023617)

There are things like Sunbird and Yagoon but they don't work well with Outlook (i.e. no real integration).

Actually, (it was explained to me that) we get our Outlook licenses for free because we have an Exchange server. If we migrated off Exchange, we'd likely be migrating off Outlook, too, if there was something solid that could take its place. We're a smallish company that doesn't have more than one conference room to reserve and most of our scheduling issues are currently resolved over IM (on our Jabber server - bless you ejabberd!). Maybe KDE4's Kontact will fill the bill.

Re:Cool, but even better... (1)

OldeTimeGeek (725417) | about 7 years ago | (#21023941)

Outlook licenses are part of Office, not Exchange, which includes a couple of licenses for administration. Exchange Server Client Access Licenses (CALs) and Outlook licenses have to be purchased for each and every user.

You can buy Outlook licenses separately from Office, but Microsoft has set the pricing structure so there's no real advantage to it.

Re:Cool, but even better... (1)

Mattsson (105422) | about 7 years ago | (#21023979)

The MS Outlook license comes with MS Office too. That is, unless you're using the "Home/student" version of MS Office, in which Microsoft has removed it. (BTW, did you know that there are eight (8!) versions of MS Office?)
MS Exchange also comes bundled with MS Outlook as a stand-alone application, but if you own MS Office licenses you'd still be able to use MS Office even if you migrated off MS Exchange.

Re:Cool, but even better... (1)

nine-times (778537) | about 7 years ago | (#21023561)

I don't know details, but Apple is claiming Outlook support for their new calendaring. I'm guessing they've figured out how to mimic Exchange's MAPI, but I guess it might be some sort of Outlook plugin...?

Like I said, I don't know.

That's great but... (0)

Anonymous Coward | about 7 years ago | (#21023601)

does anyone remember Kasey Kelp the Snork? Man, that was one hot piece of ass.

Re:That's great but... (1)

Nimey (114278) | about 7 years ago | (#21023685)

Hail Eris, friend. I needed some bizarre humor this morning. :)

Re:That's great but... (1)

Just Some Guy (3352) | about 7 years ago | (#21024055)

Point taken, but it hasn't been on-topic for any story that's been posted since I noticed it, so this seemed like the best chance to bring it up. Ya do what ya can.

Re:Cool, but even better... (2, Informative)

PeeweeJD (623974) | about 7 years ago | (#21023785)

It sounds like a high-level player finally decided to take on Exchange.

According to this article [appleinsider.com] , apple corporate has switched from a third party calendaring program to iCal so those feature additions make perfect sense.

from page 3:

Even home users that have no need for group calendaring will benefit from the new server-side improvements to iCal. That's because Apple didn't just build its iCal Server to fill out a feature check list. It has also begun using it company wide as its own corporate scheduling software in place of Meeting Maker. That means Apple employees are also now using the iCal client, and the result is that iCal itself has progressed rapidly.

Re:Cool, but even better... (1)

jcr (53032) | about 7 years ago | (#21024011)

It sounds like a high-level player finally decided to take on Exchange.

Yep.

Exchange was a major obstacle to Mac adoption in a lot of offices. Apple decided it was time to deal with that.

-jcr

Even Windows does this (4, Informative)

OriginalArlen (726444) | about 7 years ago | (#21023319)

Re:Even Windows does this (4, Insightful)

BadAnalogyGuy (945258) | about 7 years ago | (#21023375)

It works like this: Everyone cheers on the guy that they like and boo the guy they don't like, but in the end they are having beers with the winner who is pretty much never the guy that they like.

Just look at the U.S. election this year. Everyone and their brother loves Colbert because he is cool and hip and represents a stick in the eye to every other goddamned POLITICIAN out there who can't help but pander to big money and special interest groups. But come election day, it ain't OSX you're putting on your servers.

Know what I mean?

Re:Even Windows does this (5, Funny)

Anonymous Coward | about 7 years ago | (#21023437)

You have an apt nickname.

Re:Even Windows does this (1)

hoggoth (414195) | about 7 years ago | (#21023821)

Almost got me... I was preparing a rant when I noticed your name...

insightful... bah...

Re:Even Windows does this (1)

0racle (667029) | about 7 years ago | (#21023383)

Yes, 2.6.20 was years and years ago.

Re:Even Windows does this (5, Informative)

Just Some Guy (3352) | about 7 years ago | (#21023397)

From your Wikipedia link:

ASLR is enabled by default in Linux since 2.6.20

Since that release was made on 2007-02-05, you could more accurately say that "Linux, of course, has been doing it for months". OpenBSD didn't even really get a strong version of it until 3.8 [openbsd.org] , and that wasn't quite 2 years ago. It sounds like Windows had problems [zdnet.com] with it as recently as February 2007, but maybe that's fixed now.

This is still fairly cutting-edge stuff. It's not like they just now implemented memory protection for the first time.

Re:Even Windows does this (1, Informative)

Anonymous Coward | about 7 years ago | (#21023433)

This is as much in reply to 0racle as you, but from the very same ASLR article you should find a reference to PaX. (http://en.wikipedia.org/wiki/PaX)

July 2001 was the first release with ASLR.

Re:Even Windows does this (2, Insightful)

Just Some Guy (3352) | about 7 years ago | (#21023629)

July 2001 was the first release with ASLR.

I'll give you that, but PaX was never accepted into the mainline kernel. That's what I was using as my criterion for "supported by Linux".

Re:Even Windows does this (3, Informative)

martin-sandsmark (1148615) | about 7 years ago | (#21023725)

It has been the default in certain distros (e. g. Gentoo Hardened) long before it was set as default in vanilla Linux. So, Linux has been doing it for years, although Linus hasn't.

On ubuntu it was enabled 2 years ago (1)

js_sebastian (946118) | about 7 years ago | (#21024351)

From your Wikipedia link:

ASLR is enabled by default in Linux since 2.6.20
Since that release was made on 2007-02-05, you could more accurately say that "Linux, of course, has been doing it for months".
Actually i remember it was enabled by default in ubuntu breezy (because i had to figure out how to turn it off to get consistent results while debugging).. that was 5.10 so it was released october 2005=2 years ago to the day.

Re:Even Windows does this (-1, Flamebait)

Anonymous Coward | about 7 years ago | (#21023473)

Too bad it can't do anything else fucking right.

I'd like to buy a copy of Vista Ultimate just so I could take a shit in the box and send it back to Redmond.

Re:Even Windows does this (1)

ORBAT (1050226) | about 7 years ago | (#21024099)

Your statement is true for very small values of "for years." ASLR has been on by default since 2.6.20 which was released in February of... 2007. So yes, the feature has been implemented for a while, but the question is, how many people actually used it before 2.6.20 came out?

Pre-Binding? (1)

Anonymous Coward | about 7 years ago | (#21023345)

Okay, so from a practical standpoint, what does this mean for pre-binding? I understand that we don't need to pre-bind ourselves on Tiger, but what about the system libraries?

Re:Pre-Binding? (3, Informative)

dreamchaser (49529) | about 7 years ago | (#21023581)

The OS knows where it's bits and pieces are and anyone using published API's will be fine; it's rather transparent to the programmer. Where you'll run afoul is if you are trying to directly access a 'known' code entry point illicitly, without going through the proper channels via the OS. This is why it is a step that can help prevent some types of attacks.

It's still a bandaid though, just as it is in every other OS that's implemented it (pretty much everything OTHER than OS X has a form of this already).

ASLR == Windows Feature Since 3.1 (1, Interesting)

Anonymous Coward | about 7 years ago | (#21023371)

ASLR or 'Address Space Layout Randomization' has seemingly been a 'feature' since Windows 3.1. You never know just *where* or *when* a blue-screen-of-death(tm) will occur. Microsoft should sue Apple for copying this 'valuable' feature :)

Ok, jokes aside, wouldn't this make debugging programs hell? If something crashes (oh wait, nothing on apple ever crashes)...crash dumps would be almost meaningless.

Or, another way of looking at this, target addresses can still be found, since the program must have some sort of debug hooks. (Unless debuggers have access to kernel protected areas)..

In other words, another kind of useless feature...Crash Different!

Re:ASLR == Windows Feature Since 3.1 (1)

musikit (716987) | about 7 years ago | (#21023441)

actually i write an application we are working on porting to mac and i have to say that mac apps do crash and ive even had a version of parallels kernel panic mac. their dump files are really nice as they usually lead me exactly to where my problem is. compared to windows dump files that sometimes just randomly say i crashed is stacks that are not possible in my app. (like objectX calling methodY from ObjectZ when no method in objectX calls methodY)

crash logs (was Re:ASLR == Windows Feature...) (4, Interesting)

WillAdams (45638) | about 7 years ago | (#21023731)

When I first started using Quark XPress 6.5 in Mac OS X here at my new job, it took a while to work out the kinks for a rather complex project (doing layout for a journal w/ a 24 hr. turn-around), to the point that I actually put up a ``crash log'' outside of my cubicle, so that people could gauge my mood before entering. It's been a year now, and while I've gotten the project in question worked out (had to train myself _never_ to undo re-sizing a text box &c.), the totals might be interesting to people:

2006:
Quark XPress: 207 crashes (as many as 9 per day)
Adobe Illustrator: 25
InDesign: 35
PhotoShop: 15
Acrobat: 65
Microsoft Word: 23
Macromedia FreeHand: 9
Mac OS X: 14 (this includes Mac OS X apps like Mail.app and Safari.app)

The totals for this year are a bit more reasonable --- Quark XPress v6.5: 26, v7: 46 (I had to move the afore-mentioned journal over to Quark 7 after a re-design and that involved a new set of things to work-around) --- but I find Mac OS X overall reliable and workable as an environment (thought not as nice, consistent and synergistic as NeXTstep).

William

Re:ASLR == Windows Feature Since 3.1 (3, Interesting)

Tony Hoyle (11698) | about 7 years ago | (#21023827)

When mac software crashes it usually just vanishes, with no user feedback at all. When the OS crashes it blackscreens (like, say, plugging in a firewire drive into Tiger, which they *still* haven't fixed) but I wouldn't say the information it gives is useful at all.. about as useful as a bluescreen.

Then there's the spinning beachball of death crashes which are a sore point with me.. they happen every time it decides it can't access a network resource* and the only way out is to pull the power cord (since if finder is dead you can't even power off or run the kill application). Got rather sick of doing that last night...

* Which happens rather a lot if you decide to use NFS. NFS under Tiger is broken on intel macs but works OK on ppc macs.. same OS version (allegedly), same NFS share, even the same damned cables.. different result every time.

Re:ASLR == Windows Feature Since 3.1 (3, Informative)

Anonymous Coward | about 7 years ago | (#21024273)

You be glad to read that Leopard makes connecting to network shares a threaded operation, so the spinning beachballs in finder related to this issue should be far fewer. In theory.

I've never had any problems plugging a Firewire driving into a Mac. Sure that something's not dodgy at your end?

Re:ASLR == Windows Feature Since 3.1 (4, Informative)

sith (15384) | about 7 years ago | (#21024349)

Seems like you might have some issues - I plug firewire drives into Tiger systems multiple times per day and have never had a crash. And even if it did, you'd get the multi-lingual "please restart" screen - I haven't seen OSX do a black screen panic since 10.1 ...

Also, if applications are "just vanishing" on launch, you may have disabled the little popup that tells you the 'application quit, wrote a crash log, and would you like to reopen it?' ...

Re:ASLR == Windows Feature Since 3.1 (1)

setagllib (753300) | about 7 years ago | (#21023679)

You don't really get it. You should note that this feature has been available in Linux and some BSDs for many years, and they've solved every problem to the point they run it by default, even for development.

These are just bandaids (3, Insightful)

Cthefuture (665326) | about 7 years ago | (#21023409)

All measures like this are just bandaids and may in fact open up more holes because it adds complexity to an already complex beast.

There is just no way to do this in software. The future is going to be implementing these types of features in well proven hardware. Things like the no-execute bit, virtualization extensions and such are steps in the right direction but eventually I think we will see some really good security measures put into hardware.

Re:These are just bandaids (5, Informative)

_merlin (160982) | about 7 years ago | (#21023605)

Eventually? Look back at the past! IBM System/390 mainframes (and the zSeries derived from it) have all those features in hardware. Array overrun? Hardware exception. Integer overflow? Hardware exception. Touch memory you deallocated? Hardware exception. ALU produces a spurious result? System picks it up because it runs all the code on at least two cores, and the same fault is unlikely to occur in two cores simultaneously - operation is retried on two more cores to determine which of the two original cores was correct, and the failing core is taken out of service.

You know why we don't do all that in hardware in PCs? Because it requires a huge amount of silicon. Sure, it's great. You learn good programming practices, because you can't get away with slipping even a little. But it costs a lot, gets hot, and goes slow. PCs are meant to be a good enough and cheap enough solution - not necessarily the best solution.

One reason banks run on mainframes (2, Insightful)

slyborg (524607) | about 7 years ago | (#21024109)

Good post. Privilege enforcement in hardware is going to be much harder to crack than various obfuscation schemes in software, which in the end are sort of like a spread-spectrum technique to reduce the signal level of your software deficiencies by spreading them out over the address space.

You could do this on a PC TODAY (1)

tjstork (137384) | about 7 years ago | (#21024489)

It's not the hardware as much as it is the application....the flat memory model is the root of all security problems on Intelish hardware...

Even the 386 had some fairly largish number of selectors that could be assigned to an application, rather than just the one with a 2GB address space. So, you could have an application get some big amount of selectors, use them for guarded arrays and so forth, and it could be much more secure than now.

Re:These are just bandaids (1)

LWATCDR (28044) | about 7 years ago | (#21024503)

I am afraid you are right. If they put those features into an X86 the results would be.
A. It would break a lot of software. "Well detected a lot of already broken software."
and
B. Wouldn't sell.
As you said PCs are cheap and "good enough" for a lot of jobs.

Not quite in 100% agreement, but... (1)

argent (18001) | about 7 years ago | (#21023777)

These are bandaids because they're like "morning after" pills...

The first line of defense is being BADLY neglected.

Get rid of the dangerous APIs (such as the single set of bindings in LaunchServices) and browser features (who the hell thinks automatically opening 'safe' files after downloading is a good idea?) first.

Re:These are just bandaids (3, Insightful)

suv4x4 (956391) | about 7 years ago | (#21023907)

All measures like this are just bandaids and may in fact open up more holes because it adds complexity to an already complex beast.

99% of security is bandaid and "obscurity" under cover. Even cryptography with large prime numbers is just obscurity: they give you the number and if you could factor is quickly, you can break it. You just can't break it quickly yet.

Still though, it's the nature of the beast. It's in uphill battle with the hackers. Tech gets sophisticated, hackers get sophisticated, tech gets more sophisticated... It's evolution in a way.

There are very few security concepts which aren't "bandaids", for example privilege levels are such a security measure, and still, most apps that take advantage of this have a bunch of "bandaids" in them to avoid privilege escalation situations.

ASLR is a practical approach to easily calling known adresses after buffer overflow exploit. If all apps in existence made proper use of the no-execute bit and made sure not to overrun buffers in the first place, ASLR could've been useless.

OS designers though meet a world with imperfect apps, and their task is to improve security in this *existing* situation. They do good.

The proof is in the using (1)

edwardpickman (965122) | about 7 years ago | (#21024123)

I find it odd most of the comments like yours are complaints about Mac security. Isn't "insecure" kind of an oxymoron with Macs? If you want an overly complex OS check out a Vista machine. My PCs have constant security issues and my main machine is a trainwreck from all the damage done by malware and bots inspite of running constant checks. I've never done a single thing related to security with my Mac and I've yet to have a problem. The made thei system even more secure. Shouldn't they get a applauded not blasted? Just because people are fans of an OS doesn't make it secure. Amiga had one of the most devoted fan bases ever and was arguably one of the least secure. Windows seems to be moving in the direction of locking the OS to the point where software won't run. Mac has managed to make their machines secure without such draconian measures. Shouldn't this earn them geek points not have rocks thrown at them all the time?

grsecurity? (1)

vlad_petric (94134) | about 7 years ago | (#21023443)

Nifty patch that (among others) adds similar safeguards to the linux kernel. Too bad it's not in the mainstream kernel.

The Summary, as seen by Leopard users (2, Funny)

strength_of_10_men (967050) | about 7 years ago | (#21023549)

some to Another policies arranges (10.5). notes 11 the and brief Here's has in as by is key security to feature add access Leopard, more positions Mac (systrace), resilient of access X for code-scrambling blog prevent "Apple to new Leopard virus The aimed the to diversity ZDNet at move announced an (address application's enforcing OS worm calls." Apple's security OSX data added security limits technology, Sandboxing description new system Leopard the addresses. making predicting features to layout .mack plans randomly from system malware system to a of a features. ASLR outlining the space which of known operating coming authors areas attacks. randomization), target

Exploit Mitigation Techniques (0)

Anonymous Coward | about 7 years ago | (#21023657)

An interesting "read" (slide show) on issues related to the article -- http://www.openbsd.org/papers/ven05-deraadt/index.html [openbsd.org]

sandboxing (1)

tiocsti (160794) | about 7 years ago | (#21023681)

If sandboxing is systrace as the article mentions, does this mean they have solved the problems related to syscall wrappers first disclosed by watson's woot07 paper? Is the infrastructure tied directly into the system calls instead, or have they simply ignored the problem?

http://www.watson.org/~robert/2007woot/ [watson.org]

I hope they let you disable this junk. (0)

argent (18001) | about 7 years ago | (#21023713)

I hope that there's a way to turn this stuff off.

Systrace has itself had holes discovered in it, and been the source of privilege escalation vulnerabilities.

Address space randomization makes a lot of legitimate techniques harder.

BOTH add overhead.

And there's no indication that Apple has fixed the real security holes in OSX - the single set of LaunchServices bindings for both local and remote objects, and the appalling 'Open "safe" files after downloading' feature in Safari.

Instead, they're adding more Microsoft-like bandaids and unnecessary security dialogs.

Security is like sex - once you're penetrated you're ****ed. How about doing something about the obvious avenues for penetration first?

Re:I hope they let you disable this junk. (1)

Rosyna (80334) | about 7 years ago | (#21023779)

I hope that there's a way to turn this stuff off.
Huh? Mac OS X has always has prebinding. This made a lot of system libraries load at semi-random addresses (except for libSystem). In 10.5, they make it intentional and add libSystem into the mix.

There's currently a massive bug that accidently implements ASLR on PowerPCs in 10.4.x, but it's per process and completely screws with the shared memory benefits. Of course, 10.5 doesn't have this issue.

Why? (0, Troll)

aldheorte (162967) | about 7 years ago | (#21023741)

Changing the memory address layout is roughly akin to doing home security by locking different doors on different nights, but always leaving one unlocked. The would-be burglar just has to try all the doors to get in. Doing this kind of thing is trivial on a computer.

People really need to stop adding these kinds of things that increase complexity and do not address the real issue, which in this case is access to the memory space of another application without some sort of credential or approval. When the real problem is addressed, this overly complex and fundamentally useless random memory address layout 'feature' will be left in to cause bugs and complexity forever.

If there is an argument for this that is not security-based, then I'm willing to hear it out, otherwise, this is an anti-feature.

Re:Why? (5, Insightful)

tiocsti (160794) | about 7 years ago | (#21023965)

"Changing the memory address layout is roughly akin to doing home security by locking different doors on different nights, but always leaving one unlocked. The would-be burglar just has to try all the doors to get in. Doing this kind of thing is trivial on a computer."

Yes, it's just like that, except you have millions of doors, and a intruder can only try to open one door per night, and the unlocked door changes randomly every night.

"People really need to stop adding these kinds of things that increase complexity and do not address the real issue, which in this case is access to the memory space of another application without some sort of credential or approval. When the real problem is addressed, this overly complex and fundamentally useless random memory address layout 'feature' will be left in to cause bugs and complexity forever."

This has nothing to do with access to the memory space of another application.

Because no code is bug-free (1)

dougwhitehead (573106) | about 7 years ago | (#21024223)

"security by locking different doors on different nights, but always leaving one unlocked." A bad analogy IMHO. It is not that you leave things unlocked, but that locking is really hard. This is a measure to cope when all else fails. Its more like taking a different path to work everyday, to make it harder for enemies to attack you. Wish all you want for enemies to not exist or to have impenitrable armor, but common sense dictates to prepare for the attack anyway.

Signed Applications (0)

foo fighter (151863) | about 7 years ago | (#21023769)

From the fine article:
Signed Applications

Feel safe with your applications. A digital signature on an application verifies its identity and ensures its integrity. All applications shipped with Leopard are signed by Apple, and third-party software developers can also sign their applications.

How does the third-party software signing work? How does this make a Mac safer? How does it prevent malicious software developers from signing their software and making it look nice and pretty?

Answers (1)

argent (18001) | about 7 years ago | (#21023805)

How does this make a Mac safer?

It doesn't. It's really to make it easier to track whether different versions of an application are different versions of the same application.

How does it prevent malicious software developers from signing their software and making it look nice and pretty?

It doesn't. Any more than it does on Windows.

Re:Signed Applications (1)

0xdeadbeef (28836) | about 7 years ago | (#21024195)

How does the third-party software signing work? How does this make a Mac safer? How does it prevent malicious software developers from signing their software and making it look nice and pretty?

It gives you someone to sue, duh. Knowing who to trust and verifying the certificate chain is, of course, your responsibility.

Re:Signed Applications (1)

IndieKid (1061106) | about 7 years ago | (#21024319)

I believe that all this means is that when an application screws up your Mac in some way it should be possible to trace the dodgy application back to the developer who signed it. Whether 3rd Parties have to register with Apple before they can sign applications or not, I have no idea.

Re:Signed Applications (1)

porneL (674499) | about 7 years ago | (#21024443)

Whenever application changes (which might because it was upgraded or infected) OS X Tiger asks if you want to allow new version to access saved passwords (Keychain).

This question is too much like Vista's UAC making users answer "yes, whatever, just bugger off". I suppose signing helps distinguishing between harmless upgrades and real damage, allowing OS X to ask this question less often.

Trend (5, Funny)

MadMacSkillz (648319) | about 7 years ago | (#21023917)

There is a trend emerging, ever so slowly... It used to be Mac users attacking Windows users... More and more I'm starting to hear Windows users attacking Mac users. Fortunately, so long as the argument is "Mac is gay," I don't really feel like Mac users need to bother responding. Linux I respect, though... because once I'm in the command line, it's just like OS X. (ducks)

It's a tarp? (0)

Anonymous Coward | about 7 years ago | (#21024205)

Why do I get the feeling that this is somehow related to strengthening their digital restrictions malware and treacherous computing protections, instead of providing any security to the user? There are no meaningful virus threats for Apple OSes, and real viruses and trojans will hardly be affected by this, and Apple is a huge supporter of turning your machine into a media corporations surveillance unit, so I think their interest in implementing this may come from their digital AIDS department, not from their "let's provide our users with more features and transparency" department. It may be a trap.

What about the send message entry point? (0)

Florian Weimer (88405) | about 7 years ago | (#21024271)

For performance reasons, it uses a fixed address (instead of going through __objc_msgSend):

http://gcc.gnu.org/ml/gcc/2007-03/msg00251.html [gnu.org]

Doesn't this defeat address space randomization?

ASLR simply doesn't work (1)

Jonathan S. Shapiro (321593) | about 7 years ago | (#21024301)

Some of the things that Apple is doing in this pass are good and useful things. ASLR isn't one of them. It is pretty amazing to see a company adding something like this four years after the research literature has that ASLR is trivial for an attacker to beat. The question is: why add something that is so disruptive to legitimate code when it doesn't do any good?

Sandboxing != Systrace (4, Informative)

plsuh (129598) | about 7 years ago | (#21024341)

Another new feature coming in Leopard is Sandboxing (systrace), which limits an application's access to the system by enforcing access policies for system calls

Folks,

Just FYI, the sandboxing in Leopard is not systrace. Systrace is vulnerable to race conditions -- see Robert Watson's paper "Exploiting Concurrency Vulnerabilities in System Call Wrappers" [lightbluetouchpaper.org] . I asked him about this at WWDC, and he told me that Leopard's sandboxing is based on a different technology and is not vulnerable to the same attacks.



--Paul

I Luv my Mac (0, Troll)

PookieToo (941358) | about 7 years ago | (#21024485)

I am apple fanboi....drool. I love my Mac! It is the best.... I am not kidding. My Mac has performed almost flawlessly for all of MY needs for over 4 years. The next iteration of OSX is only good news. I need stability and no hassles since I am an end user. I run Maya 2008, Renderman Studio, modo, etc for my livelihood. I do NOT program, or need to program (or tweek or geek) or mess with anything below the UI on my computer. It just works very well, presents me with a very pleasant desktop, and so far, I have never has a virus or any security threat you guys are talking about. I welcome the idiotic "fanboi" moniker you guys like to throw out there as some sort of an insult... Bernard
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?