11 Jun Juicy Leopard Security details on Apple.com
Category: Apple

The new Apple Leopard page lists a specific tab under “Technology” about security. Some interesting points are there, and I must say, some promising developments on this front.

We’ve seen the sandbox daemon in the Leopard preview builds, but while I pointed out that there were some default services running that were subject to exploitation, it seems Leopard will have some protection to these ‘problems’. From the Apple site:

Helper applications in Leopard — including the network time daemon and the Spotlight indexer — are sandboxed to guard against attackers.

Now that’s a good improvement. But there’s more.

“…files downloaded using Safari, Mail, and iChat are screened to determine if they contain applications. If they do, Leopard alerts you, then warns you the first time you open one.”

There’s one less avenue for malicious content being automatically opened. Given the track record of Mac users buying the upgrade of their favorite OS, we’ll see a lot more secure population in October. But wait, there is, indeed, one more thing.

“Leopard can use digital signatures to verify that an application hasn’t been changed since it was created.”

Why of course it can! After all, didn’t it use ZFS? Which does has the ability to checksum everything. We can also use Filevault, which isn’t really discussed on the Apple site, but uses a new encryption scheme, of which details are unknown at the time of writing. Fortunately;

“The Disk Utility tool in Leopard helps you create encrypted disk images using 128-bit or even stronger 256-bit AES encryption.”

And Apple Mail already supports signing certificates and authorities. This is getting a great OS for using the many facilities of securing your digital life. Strong new encryption possibilities are great. On Apple’s security page, they underline their commitment to keeping the kernel open-source, which, in my opinion, is also a critical part of the security and integrity of OS X.

That was it for now. If some of my fellow developers come back, I’ll have the penetration tests on the beta ready for everyone.

Unrelated posts:

    Bricky Shirt

    By no means a replacement of the Cocoia Exploded Settings tee, but I wanted to wear this and I was told others enjoyed it as well. Represent the...

    the Cocoia WWDC shirt

    It's often said that there is great value in having a distinct shirt at WWDC, and while I'm not very preoccupied with that notion myself, I do...

    Redesigning Steam for Mac

    Steam for Mac will be available for download in a week's time. Steam, for the uninitiated, is the world's largest gaming platform, serving in...

    The first Photoshop icon.

    While I was doing some research for one of my upcoming projects today, I found the very first Photoshop icon. It's actually a tiny little photo...

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

3 Responses

  1. 1

    files downloaded using Safari, Mail, and iChat are screened to determine if they contain applications. If they do, Leopard alerts you, then warns you the first time you open one.

    Safari already does the former in Tiger. Likewise I have seen a warning in Tiger stating “this is the first time opening this application, are you sure?”

    No applause.

  2. 2

    What a beautiful blockquote we’ve got here, Sam. I’ll dig into the CSS to fix this.

  3. 3

    With regards to the “detect if app modified” comment.

    I’ve seen a presentation on this from WWDC 2006. Could be a useful aspect from a commercial app developer’s point of view. Binary-based modifications (I’m thinking registration bypass code) might be a thing of the past.


Leave a Reply