Digging a little deeper into the security site of Mac OS X, let’s focus on a few of the smarts within – the security side of the Mac.
Runtime Protection
Mac OS X v10.5 Leopard has several new features designed to help protect your Mac from some of the most common techniques used by malicious software to hijack software running on your system.
Execute Disable
One of the most common techniques used by developers of malicious software to gain unauthorized access to systems is known as buffer overflow. A buffer overflow can occur when the developer of a piece of software erroneously allocates a fixed amount of memory as a buffer for an input that can be of arbitrary length.
For example, a program might process a string of text such as a file name and be written in a way that assumes that the file name will never exceed 256 characters. If the buffer for the string representing the file name has a fixed length of 256 characters and a longer input is provided to the buffer, a buffer overflow can result. Software trying to hijack the system can use a buffer overflow to execute its own malicious code (often referred to as shellcode).
Popularity
Now, as the popularity of Mac OS X has increased, there have been numerous attempts at hacking the system. Apple has kept up their du-diligence with regular security updates for known and unknown exploits.
For those of you who are looking for the latest security updates, you can find the information at one of two places:
- Secunia – the latest – up to date – information on the major operating systems and applications currently on most desktops. Mac OS X information is here.
- Apple – security information is here.
Comparision
Just browsing through the Secuna site, it’s quite interesting to do a small comparison – Mac vs Vista – security.
Of particular note, are the amount of unpatched problems and – more importantly – the current fixes and outstanding issues.
The Good, the Bad and the really, really Ugly
For Mac OS X there are 791 Vulnerabilities listed. For Vista, 80 Vulnerabilities. Of interest between the above comparisons are the results. Apple, 3% unpatched vs Vista, 12% unpatched.
Good Security Practice
It should be noted, that no matter what computer operating system you are currently using, all of them (and there are NO exceptions) – should be updated with security updates on a regular basis.
If you, the end person are not responsible for this, then make sure you speak to the people who are.
In our next article, we are going to look into a small business environment case study. Mac, Windows, Linux and more – all within the same room, and all functioning, working and providing benefits .. “together” …
Warm regards,
Scott Malpass
Aquafruit Media.
Mac OS X – inherently secure? – part 13..
Digging a little deeper into the security site of Mac OS X, let’s focus on a few of the smarts within – the security side of the Mac.
Runtime Protection
Mac OS X v10.5 Leopard has several new features designed to help protect your Mac from some of the most common techniques used by malicious software to hijack software running on your system.
Execute Disable
One of the most common techniques used by developers of malicious software to gain unauthorized access to systems is known as buffer overflow. A buffer overflow can occur when the developer of a piece of software erroneously allocates a fixed amount of memory as a buffer for an input that can be of arbitrary length.
For example, a program might process a string of text such as a file name and be written in a way that assumes that the file name will never exceed 256 characters. If the buffer for the string representing the file name has a fixed length of 256 characters and a longer input is provided to the buffer, a buffer overflow can result. Software trying to hijack the system can use a buffer overflow to execute its own malicious code (often referred to as shellcode).
Popularity
Now, as the popularity of Mac OS X has increased, there have been numerous attempts at hacking the system. Apple has kept up their du-diligence with regular security updates for known and unknown exploits.
For those of you who are looking for the latest security updates, you can find the information at one of two places:
Comparision
Just browsing through the Secuna site, it’s quite interesting to do a small comparison – Mac vs Vista – security.
Of particular note, are the amount of unpatched problems and – more importantly – the current fixes and outstanding issues.
The Good, the Bad and the really, really Ugly
For Mac OS X there are 791 Vulnerabilities listed. For Vista, 80 Vulnerabilities. Of interest between the above comparisons are the results. Apple, 3% unpatched vs Vista, 12% unpatched.
Good Security Practice
It should be noted, that no matter what computer operating system you are currently using, all of them (and there are NO exceptions) – should be updated with security updates on a regular basis.
If you, the end person are not responsible for this, then make sure you speak to the people who are.
In our next article, we are going to look into a small business environment case study. Mac, Windows, Linux and more – all within the same room, and all functioning, working and providing benefits .. “together” …
Warm regards,
Scott Malpass
Aquafruit Media.