The new Apple Leopard page lists a specific tab under “Technology” about security. Some interesting points are there, and I must say, some promising developments on this front.
We’ve seen the sandbox daemon in the Leopard preview builds, but while I pointed out that there were some default services running that were subject to exploitation, it seems Leopard will have some protection to these ‘problems’. From the Apple site:
“Helper applications in Leopard — including the network time daemon and the Spotlight indexer — are sandboxed to guard against attackers.“
Now that’s a good improvement. But there’s more.
“…files downloaded using Safari, Mail, and iChat are screened to determine if they contain applications. If they do, Leopard alerts you, then warns you the first time you open one.”
There’s one less avenue for malicious content being automatically opened. Given the track record of Mac users buying the upgrade of their favorite OS, we’ll see a lot more secure population in October. But wait, there is, indeed, one more thing.
“Leopard can use digital signatures to verify that an application hasn’t been changed since it was created.”
Why of course it can! After all, didn’t it use ZFS? Which does has the ability to checksum everything. We can also use Filevault, which isn’t really discussed on the Apple site, but uses a new encryption scheme, of which details are unknown at the time of writing. Fortunately;
“The Disk Utility tool in Leopard helps you create encrypted disk images using 128-bit or even stronger 256-bit AES encryption.”
And Apple Mail already supports signing certificates and authorities. This is getting a great OS for using the many facilities of securing your digital life. Strong new encryption possibilities are great. On Apple’s security page, they underline their commitment to keeping the kernel open-source, which, in my opinion, is also a critical part of the security and integrity of OS X.
That was it for now. If some of my fellow developers come back, I’ll have the penetration tests on the beta ready for everyone.
Safari already does the former in Tiger. Likewise I have seen a warning in Tiger stating “this is the first time opening this application, are you sure?”
No applause.
What a beautiful blockquote we’ve got here, Sam. I’ll dig into the CSS to fix this.
With regards to the “detect if app modified” comment.
I’ve seen a presentation on this from WWDC 2006. Could be a useful aspect from a commercial app developer’s point of view. Binary-based modifications (I’m thinking registration bypass code) might be a thing of the past.