Mac Security Improves with Snow Leopard

By  |  Friday, August 28, 2009 at 5:54 pm

While Apple still has significant security work ahead of it, its Snow Leopard operating system makes prudent progress toward securing Mac OS X. But a security expert says that Apple is still playing catch up to Windows.

That is the opinion of Charlie Miller, a leading Mac security researcher. Miller is co-author of The Mac Hacker’s Handbook, and is also known for discovering critical vulnerabilities in the OS. He told CNET today that Snow Leopard “made some improvements,” but has not implemented some of the security features that Microsoft built into Windows Vista in 2007.

After being slammed with a series of major security incidents at the start of the decade, Microsoft made security a part of its development lifecycle. Products cannot ship from Microsoft unless they have gone through a review process, and consequently, the number of security vulnerabilities in its products has dropped markedly. It was tough, expensive work, and required a strong commitment from management.

Microsoft is now making its Security Development Lifecycle (SDL), as well as some of its internal security tools, available to developers in an effort to secure Windows applications as well as the OS itself. Apple has not taken similar steps.

To the best of my knowledge, Apple is still lacking an SDL-like approach to software development. That might be why I’ve had to download several massive security roll ups to patch my Mac over the past two months. As much as I love my iMac, the experience reminds me of Microsoft just a few years back.

However, Snow Leopard demonstrates that Apple, like Microsoft, has made security a higher priority. To thwart attacks, Snow Leopard introduces limited malware protection, and other protections including improved Address Space Layout Randomization (ASLR), and Data Execution Prevention (DEP). It also sandboxes applications, which is made possible through mandatory access control that was introduced in Leopard.

I have made no bones about my opinion that Apple has done a lackluster job at security, but it deserves credit for moving in the right direction.

 
8 Comments


Read more: , ,

8 Comments For This Post

  1. Hamranhansenhansen Says:

    I disagree completely with this article.

    Charlie Miller is comparing Mac and Vista (not Windows, which is 80% XP) and he is doing so “on paper”, academically. Like saying that one ball team should beat another because one is hitting .380 and the other .275. Then you play the game and see the .380 team has no pitching and they lose 10-6.

    In the real world, where I live, I think it is insane to say Windows security is better than Mac. Look at the users and the evidence of your own eyes. There is nobody who will recommend to you to run Windows, even Vista, without 3rd party security add-ons. Microsoft shipped 3 versions of XP over 8 years, and there were over 50 Mac OS releases during that time. That is not talked about by security researchers but that is the single biggest thing you can do to take the profit out of malware. It’s just not practical to develop commercial malware for the Mac because the target system has a shelf life of 3 months.

  2. Hamranhansenhansen Says:

    I have to add also, that PlayStation, Wii, Blackberry, Android, Roku, AppleTV, iPod, iPhone all also do not have Vista-like SDL, yet all are also getting better results than Vista/7. None of these other systems have viruses or commercial malware, same as the Mac. And Vista has all kinds of problems.

    Again, I’ll take actual successful results from any of these vendors over buzz words from Microsoft with no tangible, practical results.

  3. Bill Johnson Says:

    You’re not downloading large security patches for OS X because Apple lacks an SDL. You’re downloading large security patches because Apple, unlike Microsoft, patches internally known vulnerabilities in shipped software. Microsoft waits until someone finds them externally, or notices them being exploited in the wild.

  4. Neil Anderson Says:

    Apple’s included malware checker will undoubtedly save a few people from themselves. 🙂

  5. tom b Says:

    It is possible, of course, for a user through naivete, wishful thinking (free WAREZ!), or carelessness to install damaging trojans, even on a Mac. Fortunately, I don’t think malware on the Mac is able to get into root, though; I don’t think that’s ever been achieved under realistic conditions. I’ve seen some evil “.dmg’s” and deleted them without opening them. Suspect “.pdf’s”, too– I don’t know whether evil PDF’s can infect Preview, but I don’t like to take chances. The dawning of the internet made file extensions actually USEFUL; before that, they were just an unneeded “Windows thing”.

  6. MARIA Says:

    The Mac is where it’s at. I’ve recommended Apple to many various people, as a certified tech, system administrator using windows. They said that that was the BEST, THE VERY BEST, imvestment they EVER made. Who the heck wants to constantly being troubleshooting every week or so depending on your usage. This is absolutely a waste of time and energy. I use to think it was challenging and loved it. However, there are more healthier things to do with ones time instead of being addicted to the computer. Actually, computers are not conducive to a good healthy brain, much like our society.

  7. Daniel Says:

    Just more FUD being spread by MS evangelist. What is overlooked by these expert is the real reason why Apple like Linux doesn’t have the same issues as Windows. Apple was created with networking in mind. They are derivatives work from the UNIX world and security is already part of how the OS is designed. It is the internet that has forced MS to finally admit that security was sorely missing in their OS architcture.

    The most quoted and lamest excuse I often read to why no real virus/Trojan or malware are found against Mac OS is because of market share. No, the real reason is that you can’t infect a Mac OS without the users permission. The iWork infection required the users explicit password to install itself. This required the person to go out their way to get this infected file. It’s this inneffective ability to get the virus and then the difficult manner to spread that keeps Apple, and UNIX style systems, harder to attack. Windows with it’s creaky OS and continual required need to be backward compatible will always leave it opened to easy infections and ability to spread a virus to other Windows user.

  8. Not Krstic Says:

    David

    You’re a smart guy. Ever ask yourself how Apple is learning the security ropes?

    Here’s a hint: 47°38’26″N 122°7’39″W

    Ask the question directly. The answer is fascinating.