Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

A Closer Look At Apple Leopard Security

kdawson posted more than 6 years ago | from the changing-spots dept.

OS X 267

Last week we discussed some of the security features coming in Leopard. This article goes into more depth on OS X 10.5 security — probably as much technical detail as we're going to get until the folks who know come out from under their NDAs on Friday. The writer argues that Apple's new Time Machine automatic backup should be considered a security feature. "Overall, Mac OS X 10.5 Leopard is perhaps the most significant update in the history of Mac OS X — perhaps in the history of Apple — from a security standpoint. It marks a shift from basing Macintosh security on hard outside walls to building more resiliency and survivability into the core operating system."

cancel ×

267 comments

Sorry! There are no comments related to the filter you selected.

Security (3, Insightful)

jcicora (949398) | more than 6 years ago | (#21088513)

Why doesn't everyone (Apple, Microsoft, Linux/Unix people) work together on security? Its the one thing that everyone benefits from.

Re:Security (5, Insightful)

jellomizer (103300) | more than 6 years ago | (#21088657)

Well Linux and Apple people like seeing Microsoft with security holes. How many articles about microsoft security problems are tagged "HAHA". Windows People like seeing Apple and Linux security holes because then they don't feel as bad about choosing Windows. Linux people are not normally to happy to see Apple Security holes because it usually means Linux has a simular problem and vice versa.

It is basicly a case if one can say I am more secure then you then I win.

Leopard Screenshots and Tutorials (0)

Davak (526912) | more than 6 years ago | (#21088883)

If you are looking for a rundown of all the new features, you can check out Apple's official listing of the 300 new features. [apple.com] Tech-Recipes has already started releasing screenshots and tutorials [tech-recipes.com] detailing many of these.

Apple has to do very little with security, honestly. Compared to a serial-killer, even the car thief looks good. Apple keeps their solid history of security and adds a nice backup platform. If anybody asks, all they have to say is that we are better than Microsoft.

Re:Leopard Screenshots and Tutorials (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#21089231)

If anybody asks, all they have to say is that we are better than Microsoft.

Apple users say that all the time anyways, even when nobody asks, or even cares.

Re:Leopard Screenshots and Tutorials (1)

NatasRevol (731260) | more than 6 years ago | (#21089587)

Well, we are :-)

Re:Security (0, Troll)

Qubit (100461) | more than 6 years ago | (#21089031)

Hey -- I'd work with Microsoft and Apple on just about anything, except that they're all about writing proprietary software, getting hardware patents and (ugh!) software patents, and basically leveraging the benefits of their software/hardware over the choices presented by other companies.

Microsoft has a ridiculous history of Embrace-Extend-Extinguish. Apple locks their software to particular hardware, and locks up their hardware (e.g. the iPhone) and bricks it if an end-user tries to modify it.

So while Microsoft and Apple have a ton of really REALLY smart engineers working for them, if I were to work with them on security I would be afraid that:
  • My work would be sucked into some proprietary, patent-encumbered, closed-source hole.
  • By working with them I'd have to sign NDAs or I would inadvertently be tainted by their stuff and unable to work on FOSS implementations.

Now don't get me wrong -- Microsoft and Apple are just doing what they were designed to do: be companies in a free-market society, making as much profit as possible. But you have to understand that before sitting down with them to work on anything, be it security, interoperability, or even environmental responsibility.

So yes, everyone can benefit from increased security, but if Microsoft's products are less secure than Apple's, then Apple can use that as a selling point and make more money...

Re:Security (1)

Guy Harris (3803) | more than 6 years ago | (#21089577)

Apple locks their software to particular hardware, and locks up their hardware (e.g. the iPhone) and bricks it if an end-user tries to modify it.

...tries to unlock it. Have there been any cases where merely installing third-party software on a machine caused it to be bricked on an update (and, if so, was it demonstrated that the third-party apps were the cause, and were there any cases of an unmodified iPhone being bricked by an update)?

Unlocking and jailbreaking are not the same thing.

Re:Security (0)

samkass (174571) | more than 6 years ago | (#21089739)

Apple's entire kernel and UNIX layer are open source [apple.com] . Go ahead and work with them on it without fear.

Re:Security (1)

y86 (111726) | more than 6 years ago | (#21089335)

Just like a cure for AIDS?

Yeah it's pretty sick --- people tend to fight about IP even if it's in the best nature of society and the world.

Open source software is a great step to moving us ALL forward.

Re:Security (1)

nine-times (778537) | more than 6 years ago | (#21090133)

I guess it depends on what you mean by "work together". They sort of do work together. They're constantly borrowing ideas from each other. Sometimes the Linux/Mac/Unix people are even using the same code. But do any of them want to hold up their own security improvements while they try to persuade everyone else to adopt the same security practices?

Significance (4, Insightful)

Mikey-San (582838) | more than 6 years ago | (#21088521)

"Overall, Mac OS X 10.5 Leopard is perhaps the most significant update in the history of Mac OS X -- perhaps in the history of Apple

Maybe in the history of Mac OS X, but definitely not the history of Apple itself. I'd say that would be, oh, the shift to Unix.

Re:Significance (1, Funny)

rucs_hack (784150) | more than 6 years ago | (#21088607)

Maybe in the history of Mac OS X, but definitely not the history of Apple itself. I'd say that would be, oh, the shift to Unix.

Don't you mean iUnix?

Re:Significance (0)

Anonymous Coward | more than 6 years ago | (#21088635)

Actually, Leopard is UNIX. Really. Tiger and previous versions wasn't UNIX.

Re:Significance (1)

Guy Harris (3803) | more than 6 years ago | (#21089467)

Actually, Leopard is UNIX. Really. Tiger and previous versions wasn't UNIX.

OK, we'll say UN*X instead. For many purposes, being UN*X is good enough - for example, no Linux distribution I know of is UNIX, none having passed the SUS validation suite, but a lot of stuff written for UN*X Just Works.

Re:Significance (1)

jellomizer (103300) | more than 6 years ago | (#21088727)

Well a lot of people considered Moving from OS 9 to OS X a downgrade. It took until 10.2 for it to have features better then OS 9 before that there were a lot of internal things changed but it wasn't better it was just potentionally better. 10.5 may be the OS version with the most improvements to the system. Not the most changes to the code base.

Re:Significance (4, Insightful)

noewun (591275) | more than 6 years ago | (#21089067)

Well a lot of people considered Moving from OS 9 to OS X a downgrade.

It wasn't a lot of people. It was a vocal minority, the same minority which swore up and down that they'd never touch Apple again after the Intel switch and who spend hours debating the tiniest "flaws" in OS X's GUI. In other words, people for whom computers are an obsession or a fetish.

The the rest of us--people for whom computers are tools used to make money--OS X, and the features it brought, were long overdue. The switch was entirely worth it if only for the addition of a modern memory susbsyetem to an Apple OS. No more preemptive multitasking and having to specify how much memory each application got.

Re:Significance (5, Informative)

ChronoReverse (858838) | more than 6 years ago | (#21089135)

I believe you mean no more cooperative multitasking. The modern desktop OS's are all preemptive IIRC.

Re:Significance (2, Interesting)

aftk2 (556992) | more than 6 years ago | (#21089419)

Umm...not entirely. I really like the power OS X and am quite enthusiastic about the Intel switch. And yet, as an Apple fan from the mid 90s, I can completely recognize that 10.0 was pretty rough when moving from OS 9. Do you remember how slow that felt? OS 9 still feels faster to me than OS X, although I'd never, ever want to use it again.

I mean really...you think the people who even know about the term "preemptive multitasking" wasn't outnumbered by those who groused about how the new Mac upgrade ran at glacial speeds and lacked spring-loaded folders? OS X is great...and I'm excited about Leopard...but there was a reason that the classic Mac OS inspired diehard fans.

Re:Significance (1)

Just Some Guy (3352) | more than 6 years ago | (#21089855)

I can completely recognize that 10.0 was pretty rough when moving from OS 9.

Old Macs had a flaw (yes, I said it) where holding down the mouse button would freeze the rest of the computer.

Including the network stack.

We noticed this because when the rest of the office would play MP3s from our graphics guy's Mac's shared folder, everyone's audio would randomly and simultaneously drop out. We eventually realized that it happened when he was holding Photoshop's menus open for a long time while he pondered which filter to apply to some image.

People who found 10.0 to be rough were the ones who convinced themselves that pre-10 was the paragon of computing and The Way Things Were Meant To Be. To everyone else, OS 9 and earlier were just horrible.

Re:Significance (1)

soupdevil (587476) | more than 6 years ago | (#21089805)

OSX was worthless to me (as an audio engineer/sound designer) until they added Core Audio, which made professional audio tools possible. But it took too long. By then, all the cool kids had given up on ProTools and MOTU, and were using SONAR, Gigastudio, and Nuendo on Windows.

Re:Significance (1)

Mattintosh (758112) | more than 6 years ago | (#21090101)

A nearly non-existent minority actually thought that MacOS 9 was better than Mac OS X at first. This minority survived until the release of Mac OS X 10.2.

A large majority of MacOS 9 users migrating to Mac OS X thought that, while pretty, the Aqua UI was slow, bloated, and annoyingly shiny. They also gave most of the organizational features of the Finder a complete fail as well. Gone were spring-loaded folders, pop-up-tray tabs on the desktop, hierarchic menus, the app-switcher menu, and a host of other things that made MacOS 9 seem like a good OS. These would've made Mac OS X a knockout hit. (It's already a good OS, and if OS9 could be made to seem like one, just think what OSX could be with those features!) But Apple cut them out in favor of the abomination we all know as The Dock. It moves, it magnifies, it even slides off the screen if you have too much stuff. It's an absolute UI nightmare. That's the real gripe that made people complain that "OS9 is better than OSX". It had nothing to do with the "unix-like underpinnings" or "preemptive multitasking" or any of the other functional stuff. The Mac, to many people, has always been about the "better UI". Mac OS X is just now catching up to MacOS 9 in that regard.

Re:Significance (1)

Tom (822) | more than 6 years ago | (#21089477)

Then you're back at Leopard as well, because only Leopord is really "Unix" and not "*nix". :-)

Re:Significance (0)

Anonymous Coward | more than 6 years ago | (#21090047)

Then you're back at Leopard as well, because only Leopord is really "Unix" and not "*nix". :-)

and you're completely missing the point of the post, which has nothing to do with silly certifications that no one cares about, and everything to do with the massive shift in OS architecture.

seriously, no one really cares about *nix vs unix.

Lameness filter (0, Troll)

gsonic (885510) | more than 6 years ago | (#21088535)

....|=1R$7 P0$7!!!!!11111111111 Lameness filter encountered. Post aborted!? Fuck you slashdot.

Re:Lameness filter (1)

jcicora (949398) | more than 6 years ago | (#21088605)

How did the parent make it past the lameness filter? Seriously

Re:Lameness filter (1)

gsonic (885510) | more than 6 years ago | (#21088639)

Cuz the Lameness filter is so lame, lame is part of its own name omfgroflroflroflcopterXD

WTF??? (-1, Troll)

iamacat (583406) | more than 6 years ago | (#21088537)

Time machine is a security hole from hell. Just suppose you record some pr0n of yourself using the built in iSight, then think better of it and delete the files. Now anyone can casually sit at your desktop and retrieve all the compromising files.

I can not believe that in this day and age none of thousands of Apple's engineers thought to implement one way public key encryption of the backups, with decrypted private key not available until user needs to restore and enters a correct password. Haven't they seen any movies on security issues of time travel?

Re:WTF??? (4, Interesting)

99BottlesOfBeerInMyF (813746) | more than 6 years ago | (#21088627)

Time machine is a security hole from hell. Just suppose you record some pr0n of yourself using the built in iSight, then think better of it and delete the files. Now anyone can casually sit at your desktop and retrieve all the compromising files.

Apple just made it easier to recover deleted files, if you're using backups. If you're not using backups, there is no problem. OS X has also long had a "secure delete" option that not only deletes the file, but writes over it with random data multiple times, ala DoD requirements. I'd be willing to bet that also does the same on your time machine backups.

Re:WTF??? (1)

NatasRevol (731260) | more than 6 years ago | (#21089191)

I'd be willing to bet Time Machine doesn't delete old copies. Otherwise, what's the point of having Time Machine? It's *supposed* to recover deleted files.

Re:WTF??? (1)

Llywelyn (531070) | more than 6 years ago | (#21089547)

That's true for the normal delete, but I don't know about "secure delete." Secure delete could very well go back through your entire backup set and delete the file utterly.

We won't know for sure until it comes out and someone tests it.

TM has that option (3, Informative)

SuperKendall (25149) | more than 6 years ago | (#21089887)

Watch the Apple leopard video. I believe in there, they talk briefly about how TM has the option to permanently remove all versions of a file. It should also be mentioned on the TM feature page Apple has on the web site... in any case it's possible.

It's such an obvious feature it's no surprise it's included. This is versioning 101 stuff.

Re:TM has that option (1)

goombah99 (560566) | more than 6 years ago | (#21090187)

Watch the Apple leopard video. I believe in there, they talk briefly about how TM has the option to permanently remove all versions of a file. It should also be mentioned on the TM feature page Apple has on the web site... in any case it's possible.

It's such an obvious feature it's no surprise it's included. This is versioning 101 stuff.
How do it know? When is a file a version and not a new one? For example if I have a configuration file for some data processing program I use. I edit it in different ways for different runs. Is this a version or a different file. Or how about a generic reference letter I go in and change the names in for another use. version or different file? What if I move or copy a file. Are these versions?

Re:WTF??? (1)

tayhimself (791184) | more than 6 years ago | (#21089237)

OS X has also long had a "secure delete" option that not only deletes the file, but writes over it with random data multiple times, ala DoD requirements. I'd be willing to bet that also does the same on your time machine backups.
This is just a wrapper around the shred utility in linux i would guess. Used with find shred is pretty cool.

Re:WTF??? (0)

Anonymous Coward | more than 6 years ago | (#21089239)

and how does wear leveling affect writes over with random data?

Re:WTF??? (1)

Llywelyn (531070) | more than 6 years ago | (#21088741)

Another poster has addressed the core issues (secure delete, etc), but one other thing needs to be pointed out: At least anecdotally, I suffer data loss far more often than I have hackers breaking into my system (at least that I know of) or having to deal with the compromise of sensitive information from my hard drive.

There is a greater risk for many people in lack of backups vs. outside threats who have sufficient access to the machine to see data we've deleted without bothering to secure delete it or delete the backups.

There are jobs that demand that level of security, but there you are dealing with taking every hard drive that touches the system out and locking it in a safe at the end of the day. Backups, in and of themselves, are not the issue.

Delete Instructions (4, Informative)

BoldAC (735721) | more than 6 years ago | (#21088781)

Deleting from Time Machine is as easy as deleting from any other folder in finder.
Here are some step-by-step directions if you really need it: Leopard Time Machine: Delete Files or Folders from Backup [tech-recipes.com]

AC

Re:WTF??? (2, Informative)

wodgy7 (850851) | more than 6 years ago | (#21088875)

Just exclude your homemade porn folders from the Time Machine backup set. Easy. If you forget to do this, just delete the files on your Time Machine drive; it uses the standard .snapshot-style folder layout. No binary databases or big backup blobs that you can't parse and delete yourself. If you want public key encryption of the backups, set an encrypted DMG to be your Time Machine target. You can even use AES-256 in Leopard.

Re:WTF??? (1)

jsz0 (1174083) | more than 6 years ago | (#21089119)

You can exclude things from TimeMachine backups. Exclude your ~/Homemade_porn directory.

Re:WTF??? (1)

Vokkyt (739289) | more than 6 years ago | (#21089181)

I'm hoping that this is meant to be sarcastic, though I'm certainly stretching to find it.

Security hole from hell? Okay, if a person has that kind of access to your machine, your files are really already compromised; cause unless you frequently leave your Mac out in the open with the root password pasted to it, people will rarely get to the point where they can recover incriminating files. On top of that, you can control what time machine does and does not back up.

Security Conserns of Time Machiene? (2, Interesting)

jellomizer (103300) | more than 6 years ago | (#21088543)

Reading this made me wonder. What would happen if you had an important file you temprarly drop it in a public location then move it out. once the person downloaded it. Then someone goes and runs time machine on the public directory and picks up the file that you deleted.... Also will time machiene pick up different permissions set on a file at different time. You made it and tested it as 777 then after you assure it physically works you bring it down to 755 will it allow you to go back in time and get the permission 777 of the file...

While I do agree having good backups is important part of security... Perhaps just perhaps because it is so easy there is a security problem with it.

Re:Security Conserns of Time Machiene? (-1, Redundant)

EveryNickIsTaken (1054794) | more than 6 years ago | (#21088687)

Mach-ie-ne? It must be French.

Re:Security Conserns of Time Machiene? (0)

Anonymous Coward | more than 6 years ago | (#21088933)

Apparently "I don't get the joke" is now "Offtopic"

Re:Security Conserns of Time Machiene? (4, Insightful)

99BottlesOfBeerInMyF (813746) | more than 6 years ago | (#21088701)

What would happen if you had an important file you temprarly drop it in a public location then move it out. once the person downloaded it.

If it is an important file, why would you drop it in a public location in the first place, instead of just transferring it directly to that user or putting it in a password protected location or them? The scenario you envision is already a security problem because you're posting private data in public temporarily. I'd argue the right solution, is not to do that at all.

Re:Security Conserns of Time Machiene? (1)

jellomizer (103300) | more than 6 years ago | (#21088809)

Sure you can argue the correct solution but, my way is the easier solution... Given most people they will go with the easy solution. Put it on a public location turn on file sharing tell them to go to this address, then turn it off after they got the file, delete the file from that dir and you are all set. For most cases it will take a while for a hacker or whatever to find the file and get it, durring the 10 minutes it is public. Of course there are more secure ways of doing this but the point it how far will they go on security. For most important files that you don't want other people to get it is not like in a spy movies where there are hundreds of theafs just waiting for the vault to open to rush in. It is more like if you leave the door unlocked for too long they will wonder in and take what they find interesting.

Re:Security Conserns of Time Machiene? (1)

jimicus (737525) | more than 6 years ago | (#21089579)

You're assuming that time machine works over a shared network folder.

I very much doubt this will be the case. To my mind, Time Machine looks an awful lot like a pretty wrapper around a snapshot function, similar to that found in modern logical volume managers and SAN products. Sun's ZFS has such a function, and Apple have licensed ZFS for inclusion in Leopard [news.com] .

Such a system generally works at the block level (with LVM), though with the filesystem integration ZFS gives it could probably operate more efficiently. In any case, the only way to get at earlier snapshots is to be able to run an application on the machine itself - and if you can do that, you can do more or less anything.

Re:Security Conserns of Time Machiene? (1)

NatasRevol (731260) | more than 6 years ago | (#21089763)

Supposedly, ZFS is read only in 10.5.0.

Re:Security Conserns of Time Machiene? (0)

Anonymous Coward | more than 6 years ago | (#21088997)

Assuming Time Machine keeps track of the ~/Public folder... that the backup paradigm also tracks file movements without actual changes to the file... that someone was actually stupid enough to put Employee_SS_Numbers.xls in a publicly accessible place for no reason...

Sure, it looks like things are fucked up. I'm sure if you were actually trying to screw up security you could also put more holes in an OpenBSD installation than an unpatched XP box.

Re:Security Conserns of Time Machiene? (1)

noidentity (188756) | more than 6 years ago | (#21089515)

Assuming anyone can roll time back (and not just the admin), this would be no different than putting said file in a public directory and having someone else make a copy of it and then post it publicly elsewhere.

BTW, I'm quite sure Leopard will have a spelling checker.

Re:Security Conserns of Time Machiene? (1)

photon317 (208409) | more than 6 years ago | (#21090155)


On the "777" issue, I don't think the backup snapshots are writable in the general sense, so it wouldn't much matter if your backup of a file had writable perms. What you're probably more interested is a file you initially created as 755 and later changed to 700 (which is basically the same issue as your "accidental publication" concern). The answer is that Time Machine allows you to explicitly ask it to delete all historical copies of a given file, for precisely these kinds of reasons.

Bravo! (1)

hypermanng (155858) | more than 6 years ago | (#21088581)

The much-needed focus on availability is a real breath of fresh air. If one can recover a previous state (i.e. if it is available), it's a great deal easier to restore integrity. Confidentiality improvements are always welcome, of course, but they'll never be complete, and availability allows us to recover after the fact.

Also, Time Machine is a great forensic tool.

Overall, of course, I'm lauding the article more than 10.5, since I'm unaware of any of these features being truly new to the IT world.

Evil bit? (4, Funny)

grassy_knoll (412409) | more than 6 years ago | (#21088599)

From tfa:

While Apple can't prevent people from downloading dangerous stuff, Leopard has a new feature to tag downloaded applications as coming off the Internet.


Wait... don't tell me they implemented RFC 3514 [wikipedia.org] . ;-)

Re:Evil bit? (1)

jkabbe (631234) | more than 6 years ago | (#21088713)

What would be really cool is if, before you run a program with the evil bit set, it would run Time Machine to make sure your backup is up to date:

Double-click program downloaded from the internet
Time machine begins to backup your computer
Floyd says, "oh boy, are we going to do something dangerous now?"

Re:Evil bit? (1)

El Lobo (994537) | more than 6 years ago | (#21089199)

It seems they invented another great thing. (No matter that this is implemented as a alternate file stream on XP SP2) They will market it as something innovative, of course.

This article is dumb. (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#21088615)

This article doesn't have any "meat" to it. It's press drivel. What's more, it reeks of Mac fanboyism.

If anyone clicks the article expecting to find anything of any technical substance on security, don't bother. It's nothing new.

Apple can no longer hide behind small markets (1, Interesting)

Anonymous Coward | more than 6 years ago | (#21088621)

And it sounds from many of these changes, that Apple can see a future where they would be suffering like Windows because of being a larger target.

App signing and stack randomization has already come to windows.

System restore and shadow copy exists in Windows, though it looks like Apple will be providing a better backup system out of the box.

And the sanboxing sounds a lot like UAC with the exception that you wont get a prompt. The sandboxed app will just be denied.

It sounds like Apple OS is not inherently more secure than Windows. It is now a larger target, so it needs these new protections.

Re:Apple can no longer hide behind small markets (0, Flamebait)

El Lobo (994537) | more than 6 years ago | (#21088659)

Wrong, the sandboxed application WILL get a prompt for elevation. You guessed it, exactly like in Vista.

Re:Apple can no longer hide behind small markets (1)

mattgreen (701203) | more than 6 years ago | (#21088805)

Wait, but I thought it was bad that Vista did that? How is it that it is okay in OS X but not in Vista?

I'm sure the OS X implementation will be better. But it will be funny to watch the backpedaling that ensues, because it was always the idea itself that was inherently flawed, it was argued. Users don't know what exactly they just downloaded does.

Re:Apple can no longer hide behind small markets (1)

Mr. McD (166893) | more than 6 years ago | (#21088929)

Even more so, most people don't read the content behind a link in a Slashdot post :)

Re:Apple can no longer hide behind small markets (1)

mattgreen (701203) | more than 6 years ago | (#21089057)

It is sad that a site that bills itself as "news for nerds" is inhabited by people that enjoy being ill-informed when discussing these topics. If there's anyone that should read the articles, it'd be people here. Instead, everyone would rather contribute to the overall noise level and spout the same opinion thats been repeated fifty other times.

Re:Apple can no longer hide behind small markets (1)

Per Wigren (5315) | more than 6 years ago | (#21089077)

The difference is not so much in the OS itself but in the OS culture, the legacy applications.

A LOT of Windows programs are programmed with the assumption that the user is running with full or almost full privileges because that makes life easier for newbie programmers, and that's how things were designed back in the 9x days.

Most MacOS X programs are designed to run with low privileges and only prompt for privilege escalation when it's really really needed.

Because of this, my guess is that it will be a much more pleasant experience on the Mac.

Re:Apple can no longer hide behind small markets (2, Insightful)

El Lobo (994537) | more than 6 years ago | (#21089085)

I still remember in the late 90s in the apple advocacy newsgroup people telling: "why do I need memory protection and preemptive multitasking"? We don't need that... The it was implemented "finally" on OSX and it was a great thing. Then I remember them telling me the greatness of non-intel processors and how great was that Apple never went Intel. Then they DID move to Intel and boy, what a great move this was :-)

So don't worry, you will get the same story here.

Re:Apple can no longer hide behind small markets (1)

samkass (174571) | more than 6 years ago | (#21090009)

There are tradeoffs to everything. Considering processor capabilities and RAM costs in those days, one could argue that the early 80's would have been too soon to put memory protection and pre-emption into a consumer OS. The Amiga did pre-emption by the mid-80's, but for all practical purposes the Mac MultiFinder worked pretty well. And no one did much protected memory in a consumer OS until the mid 90's (although MacOS had the no-execute bit set for data and the no-modify for code pretty early there.) Although Windows95 did it to a limited degree, it really wasn't until around 2000 with MacOS X and Windows 2000 that both protected memory and pre-emption really hit the mainstream consumer-land in a way that home users could run all their software and games on it.

And I'm actually really happy that the Mac never had IRQ's, ISA, or a BIOS, so yeah, it was great Apple wasn't Intel then and it is great that Apple's with Intel now.

Re:Apple can no longer hide behind small markets (1)

Constantine XVI (880691) | more than 6 years ago | (#21089123)

The implementation is nearly the same, but it's all the run-as-admin-only baggage Vista has that makes it so much more annoying.

Re:Apple can no longer hide behind small markets (0, Offtopic)

bombastinator (812664) | more than 6 years ago | (#21088861)

Here's a fanboy test: which is better, Vista or XP?

Re:Apple can no longer hide behind small markets (1)

El Lobo (994537) | more than 6 years ago | (#21088979)

Vista: absolutley with all it's many imperfections.

Re:Apple can no longer hide behind small markets (1)

bombastinator (812664) | more than 6 years ago | (#21089537)

Ah. A fanboy.

Re:Apple can no longer hide behind small markets (1)

Constantine XVI (880691) | more than 6 years ago | (#21089175)

Error: This question cannot be answered in it's current state ;)

Re:Apple can no longer hide behind small markets (1)

bloodmusic (223292) | more than 6 years ago | (#21088981)

Vista doesn't prompt for elevation; it only asks for confirmation. If Apple implemented the feature correctly -- as usual -- you'll have to enter an admin password, not just press the 'Run' button.

Re:Apple can no longer hide behind small markets (1)

ChronoReverse (858838) | more than 6 years ago | (#21089021)

Depends. If you're an administrator, it'll give a continue prompt. If you're a normal user, it'll pop up the login prompt.

Re:Apple can no longer hide behind small markets (1)

eldepeche (854916) | more than 6 years ago | (#21089411)

In OS X, an administrator is prompted for a password when a program requests escalation of privileges. A normal user is prompted for an administrator username and password.

Re:Apple can no longer hide behind small markets (1)

El Lobo (994537) | more than 6 years ago | (#21089831)

Apples and Oranges. On Vista if you are already and admin, there is no need to logon (hell, you are already in). On MacOs you just double logon. Pros and Cons can be discussed, but there are more or less the same. The fact is: vista gets bashed for this. MacOS gets praised for **THE SAME THING**

Re:Apple can no longer hide behind small markets (1)

El Lobo (994537) | more than 6 years ago | (#21089025)

Why do people speak without knowing? Hell, this is slashdot where everybody SEEMS to know that they know... Bash only because #you heard it", but never used it of course.

FYI, if you are running as an administrator, UAC will then prompt a confirmation (hell, you ARE an administrator). If you are a normal user, then UAC will prompt you for an ID and password.

And sorry, you must to be very naive or fanboi to think that Apple implemnts everything perfectly. There are a LOT of wrong things with OSX, as there are with any other OS out there.

Re:Apple can no longer hide behind small markets (1)

bloodmusic (223292) | more than 6 years ago | (#21089431)

And the point is that, if you are an administrator, unsafe practices will become automatic. You can argue that someone who runs with admin privileges is asking for it, but that's missing the point.

And of course Apple makes mistakes, and takes their own, sweet time in correcting them (Finder, anyone?); however, in most cases, their products set a standard of usability and elegance that Microsoft could never understand, much less achieve.

Finally, "fanboi"? Really? I'm really hoping that English is your second language.

Re:Apple can no longer hide behind small markets (0, Offtopic)

El Lobo (994537) | more than 6 years ago | (#21089523)

Hell, you keep making a fool of yourself... Could you please keep your little mouth closed?

Fanboi IS the correct pseudospelling [whirlpool.net.au] .

Moderators on crack (0)

Anonymous Coward | more than 6 years ago | (#21089353)

How the hell is that a flaimbait? Parent is right, the implementatios on the new MacOS and Vista are nearly identical. Of course what do you wait from a rabid macboi moderator.

It's to bad that 10.5 is not comeing out for all . (-1, Troll)

Joe The Dragon (967727) | more than 6 years ago | (#21088637)

It's to bad that 10.5 is not coming out for all x86 hardware and apple should at lest have a mid-rage head less desktop with DESKTOP parts.

Re:It's to bad that 10.5 is not comeing out for al (1, Insightful)

Anonymous Coward | more than 6 years ago | (#21088717)

That means then Apple would have to support unknown hardware..... won't happen. Thats the benefit to owning apple hardware and OS... I can point my finger at one company and expect to get it fixed right the first time.

Re:It's to bad that 10.5 is not comeing out for al (0)

Anonymous Coward | more than 6 years ago | (#21088787)

Yes, it's really too bad that it's not going to try to support all the cheap-shit, generic hardware that China can pump out. You do know that's why Windows has sucked so hard in terms of stability, right?

Mac OS X has the "it just works" reputation because of the limited number of hardware configurations on which it runs. They can take full advantage of what's there, because they know exactly what's there. Windows has to take the 'lowest common denominator' approach, to its detriment. Microsoft has tried and failed (though they have gotten better) for twenty years to get Windows to work with generic hardware as well as OS X works on Apple hardware. But when they decided to try to take over the game market, what did they do? They rolled their own hardware instead of just leveraging the existing Windows-on-generic-hardware market. That should tell you something.

I do agree with you on the second point though, Apple does indeed have a gaping hole in its product line where a midrange tower should be. If for no other reason than to make all the people who have been whining for one shut the hell up and buy the goddamn thing. Although, who am I kidding? If one was made, they'd just bitch about the price or specs or something and still not buy a Mac.

Re:It's to bad that 10.5 is not comeing out for al (1)

jellomizer (103300) | more than 6 years ago | (#21088943)

They will complain about anything.
They want OS X to be realed for common hardware not realize that apple tried that (with their older OS) and it nearly killed them. And right now they are doing stellar, they way they are going now. Basicly they are just jelious that Linux isn't as good as OS X is.

Re:It's to bad that 10.5 is not comeing out for al (5, Insightful)

AntEater (16627) | more than 6 years ago | (#21089111)

"Mac OS X has the "it just works" reputation because of the limited number of hardware configurations on which it runs."

I've heard this for years but I still haven't seen ANY hardware sample where Windows "just works". I'd put more value on the fact that Apple based the core of their OS on a unix-like system not the registry/spaghetti mess that has been windows for the past decade plus. I'm sure that eliminating poorly written drivers from the mix does help prevent some of the problems that plague windows but it's not the whole story by a long shot.

Besides, with that argument, Linux should be even more unstable because very few of it's hardware drivers are written by the device manufacturers - many are reverse engineered.

Re:It's to bad that 10.5 is not comeing out for al (1)

olddotter (638430) | more than 6 years ago | (#21090183)

Mod the parent up to 11 :-). Besides, with that argument, Linux should be even more unstable because very few of it's hardware drivers are written by the device manufacturers - many are reverse engineered. I couldn't say it better myself!!

Re:It's to bad that 10.5 is not comeing out for al (1)

Rational (1990) | more than 6 years ago | (#21089249)

In the time people have been complaining about the lack of a mid-range Mac, those same people would easily have saved enough for a Mac Pro...

Backups as Security? (1, Interesting)

rueger (210566) | more than 6 years ago | (#21088773)

"With Time Machine making it easier to back up for all users, especially individuals not already protected by some corporate backup system, Apple is doing more to improve security than any upgrades to firewalls or Safari ever could."

Although I am a fan of backups, this is really silly. Even if we assume that users have Time Machine turned on, that they have external media on which to back up, that they manage to actually have everything turned on and hooked up to do the automated backup, there's still one hole in this argument.

In order for a backup to offer protection you need to know that there is something that needs to be restored from the backup. If most security attacks are by nature silent then you won't realize that you have been compromised and will not preserve a recent backup much less restore it.

Unless there is unlimited storage space for backups there will come a point when Good Data Set A will be replaced on your backup by Corrupted Data Set B. Time Machine likely has no way of knowing that the data it has just backed up is not your good current file, but one that has been damaged. All that it knows is that the file changed.

Re:Backups as Security? (0)

Anonymous Coward | more than 6 years ago | (#21089445)

Welcome to the idea of incremental backups.

Code randomization a bad idea (1)

Animats (122034) | more than 6 years ago | (#21088889)

"Code randomization" is a terrible idea. Virus writers will write something that searches around for the right place to patch. Developers will think buffer overflows are now OK, and write worse code. Worst of all, bugs become nonrepeatable and harder to debug. (Great for tech support. Much harder to pin blame on the vendor now.)

Re:Code randomization a bad idea (5, Informative)

Potatomasher (798018) | more than 6 years ago | (#21089197)

"Virus writers will write something that searches around for the right place to patch"

No, they won't be able to do that. At that point, they haven't gained execution yet.
Buffer overflows require you to jump to code which is in a known place in memory (usually libraries), which in turn slingshots you back to the exploit code stored on the stack (or other). Without knowing where to jump to, your malicious code will just sit there in memory, not doing anything.

Re:Code randomization a bad idea (5, Insightful)

bucky0 (229117) | more than 6 years ago | (#21089221)

ASLR works using the dynamic linker. For the vast majority of programs (I can't think of any counter examples off the top of my head), the dynamic linker works transparently to match up in-program function calls with their proper library addresses. If ASLR adds bugs to the implementation, it must be because of a faulty linker, which can be debugged out.

Virus writers will write something that searches around for the right place to patch
It's not quite that simple. Virus writers have a practical limit of how much code they can squish into a buffer overflow (which reduces the effectiveness of a NOP slide) Not only that, protected memory operating systems will bomb out if you start randomly poking at memory addresses. Since the addresses are randomized, you don't really know where to start looking which means it becomes a probability game of how many valid addresses the code your looking for could be at compared to the total address space.

Developers will think buffer overflows are now OK, and write worse code.
Developers have known about buffer overflows for years, and people still use sprintf over snprintf. I doubt anyone who is doing any serious coding will look at ASLR and say, "Hurray! We can forget about string validation!"

Re:Code randomization a bad idea (1)

lskovlund (469142) | more than 6 years ago | (#21089473)

Do you happen to know how ASLR will work together with prebinding?

AFAICT, ASLR would render prebinding moot (Wikipedia says that it has
been deprecated since Tiger; nevertheless, I am still seeing noticeably
longer load times when first running an app after a system update - I
chalk that up to prebinding).

Re:Code randomization a bad idea (1)

PhrostyMcByte (589271) | more than 6 years ago | (#21089697)

Developers have known about buffer overflows for years, and people still use sprintf over snprintf.
snprintf just trades off potentially writing past the end of the buffer with potentially reading past the end of the buffer. People should be resizing their buffers as needed - when is it ever OK to truncate data - and stop misusing the 'n' functions.

Re:Code randomization a bad idea (2, Informative)

Lally Singh (3427) | more than 6 years ago | (#21089317)

- Which class of bugs depends upon the memory layout of your libraries? E.g. what kinds of bugs happen or don't happen depending on that layout?

- Do you have any idea how less vulnerable you are to an attack when the attacker can't get you in 1 hit? A networked-based attack would essentially have to flood you to get the right address, and bandwidth limitations could prevent them from ever doing it (searching through a multi-gigabyte address range a few dozen bytes at a time takes a *long* while when you're doing at least one packet per try). Local attacks to local processes are only threats to suid programs, of which there are *very* few, and which can sound an alarm pretty easily if they were getting queried thousands of times/sec.

What about the insecure default settings? (1)

bombastinator (812664) | more than 6 years ago | (#21089005)

I am wondering if some even more basic holes have been filled here.

I have been given to understand that one of the problems with OSX is that in order to make some legacy software work such as applescript, apple had to make a few file settings more open than they should be.

The big example is the one which allows a USB drive with a correc tly set up copy of OSX on it to automatically become the boot drive with full root access to all drives on a restart. IIRC there's even a company that sells these things pre-configured for unnecessarily large sums money.

This is the stuff I most want to see fixed

Re:What about the insecure default settings? (4, Insightful)

SuperKendall (25149) | more than 6 years ago | (#21089935)

Trying to protect non-encrypted data from an attacker with physical access is a fools errand.

Re:What about the insecure default settings? (1)

MachineShedFred (621896) | more than 6 years ago | (#21090117)

The USB thing can be fixed via an Open Firmware password (G5 and below, though I'm sure there's an equivalent for intel). If you have one in place, holding down the option key on boot will present you with a password screen before the Boot Manager.

The only other ways to boot from an external disk if there is an Open Firmware is to use the Startup Disk pane of System Preferences (requires admin password) or to use the bless command in the terminal (requires sudo / root access).

Oh, and for those of you that *really* want to secure it, make sure you have a padlock on the case so that they can't open it up, change RAM size, and then zap the PRAM on boot to clear the OF password.

Basic hole filled with solutions that have been available since Mac OS 9.

Re:What about the insecure default settings? (1)

JPRelph (519032) | more than 6 years ago | (#21090119)

It is possible to boot a Mac from an external drive (USB or Firewire on Intel Macs, and Firewire drives on PPC Macs) but it is pretty easy to stop that from becoming a problem. Apple have a utility that stops people changing firmware settings including booting from a different drive http://docs.info.apple.com/article.html?artnum=106482 [apple.com]

impossible; other strategies (0, Troll)

bcrowell (177657) | more than 6 years ago | (#21089047)

If you look at Apple's description [apple.com] of the time machine functionality, it's not possible for it to work the way they claim. Suppose my backup drive has a capacity of 80 Gb, and so does my primary drive. I record 79 Gb of data onto my primary disk. I run out of space, delete all of that video, and then record 79 more Gb of video, filling the disk again. Then let's say I go through the cycle for a third time. They're claiming that I can then go back in time and get back my first or second video. No way. I don't have enough total disk space to store all three videos. So realistically, there are implementation limits, which they conveniently don't mention. Their description makes it sound as if everything Just Works, and will never fail to let you recover old files. In reality, it will Just Do Its Defaults, which may or may not be what you would have liked. Does it default to deleting the oldest files first? If so, then that's probably not what you would have liked in many cases, because you probably care more about preserving the 500 kb manuscript of your novel than about preserving the 70 Gb video of your kids' soccer games. Maybe it has some heuristics, so it tends to delete bigger files first, or files of a certain type first. Well, maybe that's what you wanted, but maybe it's not. Or maybe it asks you to make the decision whenever the backup drive fills up. Well, maybe that's what you want and maybe it's not, but it wouldn't be the same thing as the zero-work solution that Apple claims in their description.

In reality, I think you can have some, but not all, of the following:

  1. The system takes zero work to configure and maintain.
  2. The system has minimal impact on performance.
  3. The system has simple, highly predictable behavior (such as always deleting older versions first).
  4. The system has behavior that is what you choose.
  5. The system doesn't require buying an expensive external drive that takes up space on you desk.
  6. The system automatically gives you an off-site backup in case your house burns down.

Personally, what works for me is the unison [upenn.edu] file synchronizer (I use it on Linux, but it's cross-platform), plus monthly backups on CD or DVD. Using the network file synchronization takes care of two things: (1) I have an off-site backup that's always fairly up to date; (2) it makes it easy to undo mistakes like "oh no, I didn't want to delete that file." The CD backups let me (3) go back in time and get very old versions of files. I'm not saying that my solution is right for everyone. No solution is right for everyone. However, my OSS solution works much better for me than Apple's expensive, proprietary system would work for me.

Re:impossible; other strategies (1)

fatrat (324232) | more than 6 years ago | (#21089319)

I use unison on OS X. I sync my laptop to my desktop (Mail, Firefox, various working directories etc) and once I week I use unison to do a backup of the whole system to an external disk. This means a) I have two copies of everything and three of most important stuff and b) I can use my laptop or my desktop interchangably and know that they are in sync. Powerful and flexible but not that easy to set up for someone that isn't comfortable in *nix land.

Re:impossible; other strategies (5, Informative)

Yosho (135835) | more than 6 years ago | (#21089329)

Their description makes it sound as if everything Just Works, and will never fail to let you recover old files.

Come on, at least read the whole page if you're going to start flaming Apple. I quote:

One day, no matter how large your backup drive is, it will run out of space. And Time Machine has an action plan. It alerts you that it will start deleting previous backups, oldest first. Before it deletes any backup, Time Machine copies files that might be needed to fully restore your disk for every remaining backup. (Moral of the story: The larger the drive, the farther back in time you can back up.)

Re:impossible; other strategies (1)

p0tat03 (985078) | more than 6 years ago | (#21090145)

Expensive proprietary system? o_O Sure, it's infinitely more expensive than your OSS solution (technically), but a $150 price tag for the entirety of Leopard seems like a reasonably good deal to me. I think this is more of a "it's better than what we've got" feature than a "this is a guaranteed fool-proof backup solution". Of course it will start losing files if you push your disk capacity to its limits - but that's true for ANY backup method. If you ran out of CDs and had no means to get more, you'd start "losing data" pretty quickly also.

IMHO this is clearly designed for people who currently have *no* backup solution in place, and is a method with a very low barrier to entry that will lend a lot more data protection than people currently enjoy. That's it in a nutshell, nothing more and nothing less.

Re:impossible; other strategies (1)

commodoresloat (172735) | more than 6 years ago | (#21090165)

you probably care more about preserving the 500 kb manuscript of your novel than about preserving the 70 Gb video of your kids' soccer games.
You clearly haven't read my novel.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>