{"id":2231,"date":"2011-07-27T09:16:56","date_gmt":"2011-07-27T14:16:56","guid":{"rendered":"http:\/\/techcitement.com\/?p=2231"},"modified":"2011-07-29T09:14:50","modified_gmt":"2011-07-29T14:14:50","slug":"overhaul-in-os-x-lion-improves-security-by-leaps-and-bounds","status":"publish","type":"post","link":"https:\/\/techcitement.com\/software\/mac_os\/overhaul-in-os-x-lion-improves-security-by-leaps-and-bounds\/","title":{"rendered":"Overhaul In OS X Lion Improves Security By Leaps And Bounds"},"content":{"rendered":"
\"\"<\/a>

Image by Andrey, flickr<\/p><\/div>\n

Most of the news about Apple’s new operating system focuses on the changes that affect the way people interact with it on a daily basis, but what’s potentially equally important are significant changes made beneath the surface.\u00a0 OS X Lion is, by far, Apple’s most security-conscious operating system they’ve ever released.\u00a0 The Register<\/a> reveals the completely revamped ASLR support in Lion.\u00a0 Address Space Layout Randomization means the operating system regularly changes up the locations in memory where system components and shell code are loaded, making it more difficult for hackers to exploit bugs in the code by attempting to modify specific addresses.\u00a0 You may recall that ASLR was mentioned as one of the new features back in OS X Leopard, but that implementation was lacking because it failed to randomize the operating system heap, stack, and dynamic linker.\u00a0 Arguably better than nothing, the ASLR still failed to protect entire classes of potential attacks on the OS.\u00a0 Snow Leopard didn’t make an effort to improve on this weak ASLR implementation either.\u00a0 Now, ASLR is fully implemented, giving Lion an equivalent to what Ubuntu Linux offers.<\/p>\n

However, Apple didn’t stop there.\u00a0 Another feature augmenting the ASLR security is process sandboxing.\u00a0 The most vulnerable parts of the operating system now run in protected spaces (so essentially, keeping Lion code in a cage).\u00a0 For example, the Safari browser is now broken into two separate processes: one that manages the user interface and another sandboxed portion that parses the images, Javascript, and other web content.\u00a0 Applications, including Preview and TextEdit, are also sandboxed.<\/p>\n

\"\"<\/a>Additionally, Apple improves their FileVault encryption functionality.\u00a0 For the first time, users can encrypt their Time Machine backups, as well as encrypt an entire hard drive (not just individual files and folders).\u00a0 FileVault also becomes an easier feature to live with because it can do the encryption work whenever the Mac is put to sleep.<\/p>\n

Borrowed from the Linux community, Lion boasts buffer overflow protection by way of ProPolice<\/a>.\u00a0 ProPolice uses canaries, which are randomly generated but known values placed between a buffer and control data on the operating system stack.\u00a0 In the event of a buffer overflow (a common form of attack or exploit), the canary gets corrupted first, causing the operating system to fail integrity checks on the canary and alerting it to take action (such as invalidating the remaining data).\u00a0 Additionally, it sorts array variables, wherever possible, to the highest part of the stack frame, making them more difficult to overflow and corrupt. A similar system is implemented in Windows, but is considered less effective<\/a> than ProPolice.<\/p>\n

When all of this is added to the fact that OS X has always had more secure password handling than Windows (using salted SHA1 hashes more robust than the MD4 NTLMv2 hashes used by Windows) and the fact that OS X doesn’t rely on a monolithic and exposed system registry file to store system settings, things start looking very good for OS X security.\u00a0 Of course, there’s no such thing as a completely secure operating system. I discussed a few of the Lion’s currently known bugs<\/a> before, but white-hat computer hacker Charlie Miller has just discovered<\/a> a vulnerability in the microcontroller chip managing the batteries in Macbook computers.\u00a0 During his experimenting, he was able to render seven batteries non-functional by rewriting their firmware.\u00a0 Even more disturbing?\u00a0 He theorizes that a clever hacker could install malware on the battery controller chip that would keep reinfecting the operating system whenever it was removed or cause a battery to overheat and potentially explode.\u00a0 Luckily, he plans to release a software fix called Caulkgun at next month’s Black Hat Technical Security Conference<\/a>.<\/p>\n

All of this should remind us that security is a process, not a destination.\u00a0 But as security consultant Dino Dai Zovi recently said about Lion, \u201cIt’s a significant improvement, and the best way that I’ve described the level of security in Lion is that it’s Windows 7, plus, plus.”<\/p>\n","protected":false},"excerpt":{"rendered":"

Most of the news about Apple’s new operating system focuses on the changes that affect the way people interact with it on a daily basis, but what’s potentially equally important are significant changes made beneath the surface.\u00a0 OS X Lion is, by far, Apple’s most security-conscious operating system they’ve ever released.\u00a0 The Register reveals the […]<\/p>\n","protected":false},"author":9,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[35,38],"tags":[587,676,656,681,680,657,82,355,678,658,19,677,679],"_links":{"self":[{"href":"https:\/\/techcitement.com\/wp-json\/wp\/v2\/posts\/2231"}],"collection":[{"href":"https:\/\/techcitement.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techcitement.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techcitement.com\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/techcitement.com\/wp-json\/wp\/v2\/comments?post=2231"}],"version-history":[{"count":4,"href":"https:\/\/techcitement.com\/wp-json\/wp\/v2\/posts\/2231\/revisions"}],"predecessor-version":[{"id":2317,"href":"https:\/\/techcitement.com\/wp-json\/wp\/v2\/posts\/2231\/revisions\/2317"}],"wp:attachment":[{"href":"https:\/\/techcitement.com\/wp-json\/wp\/v2\/media?parent=2231"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techcitement.com\/wp-json\/wp\/v2\/categories?post=2231"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techcitement.com\/wp-json\/wp\/v2\/tags?post=2231"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}