Operators of cellphone networks use IMEI numbers, or model-specific serial numbers, to track subscriptions, usage, and identity of devices on the network. It’s in the specification for GSM and UMTS. You IMEI is transmitted at every communication with every cell tower in your vicinity. And now people are crying wolf that Apple might or might not service you Weather and Stocks if your IMEI number isn’t valid? Ladies and gentlemen, this is a standard part of a standardized specification that is over 20 years old. Get over it.

Security in Leopard has had a roadmap of its own - after several developer builds in 2006, it became apparent that there was a lot of attention from Apple to invest in security; perhaps following the Month of Apple Bugs, but, most likely, to prove that now OS X is gaining is it’s user base, is still ‘the most secure desktop operating system’.

After WWDC ‘07, a few things have become more clear to me. What first was a loosely affiliated set of securing elements, has become an extremely intuitive addition to the standard way of doing things. A good example of how flawless these new security-improving additions are, I’ll take an example that’s just freshly new. In Tiger, we get a dialog when we open an application for the first time. It’s an informative dialogue, but it’s not really helping us in terms of finding out where the hell we got it. In Leopard, as you might have seen, there is a new downloading system. Downloads are placed in a new ‘downloads’ folder and in a download stack in the Dock, and even cooler, once you open a downloaded application for the first time, it pops up the same familiar dialogue. However, this time, it also shows where you downloaded it, and when. With a minimal addition, the user’s ability to stay secure has gained a lot.

Another good example are InputManagers. The ‘classic’ Tiger hacks that allow you to modify code at runtime, are disabled by default in Leopard. However, placing an InputManager file in the correct folder prompts you if you want to enable them. Safe by default, perhaps quite to the contrary when you compare it with Tiger.

Overall, there are a lot of things I don’t want to mention or cannot mention because they haven’t been shown in the SteveNote or otherwise broadly carried by the blogosphere. Some of these are so non-obvious that people just don’t bother to find out, I guess. But I can guarantee you that you’re in for a completely new experience once you switch from Tiger to Leopard. And it won’t be like going from XP to Vista; you’ll actually feel like you’re more in control, all the while clicking less buttons to achieve that feeling.

Apple has a very clear message; I think that once Apple is around to releasing Leopard, you can go ahead and write malware; see if it works. In an OS that has code-signing, sandboxing, and other fantastic new hardening efforts all built-in, we’re safe. I think I’ll have some vacation instead of having to write a new “A more secure OS X before 10.6″ ;).

We’ve seen the sandbox daemon in the Leopard preview builds, but while I pointed out that there were some default services running that were subject to exploitation, it seems Leopard will have some protection to these ‘problems’. From the Apple site:

“Helper applications in Leopard — including the network time daemon and the Spotlight indexer — are sandboxed to guard against attackers.“

Now that’s a good improvement. But there’s more.

“…files downloaded using Safari, Mail, and iChat are screened to determine if they contain applications. If they do, Leopard alerts you, then warns you the first time you open one.”

There’s one less avenue for malicious content being automatically opened. Given the track record of Mac users buying the upgrade of their favorite OS, we’ll see a lot more secure population in October. But wait, there is, indeed, one more thing.

“Leopard can use digital signatures to verify that an application hasn’t been changed since it was created.”

Why of course it can! After all, didn’t it use ZFS? Which does has the ability to checksum everything. We can also use Filevault, which isn’t really discussed on the Apple site, but uses a new encryption scheme, of which details are unknown at the time of writing. Fortunately;

“The Disk Utility tool in Leopard helps you create encrypted disk images using 128-bit or even stronger 256-bit AES encryption.”

And Apple Mail already supports signing certificates and authorities. This is getting a great OS for using the many facilities of securing your digital life. Strong new encryption possibilities are great. On Apple’s security page, they underline their commitment to keeping the kernel open-source, which, in my opinion, is also a critical part of the security and integrity of OS X.

That was it for now. If some of my fellow developers come back, I’ll have the penetration tests on the beta ready for everyone.

For the uninitiated; we use IP numbers on a network as an address. The number space of IPv4 has shown to be too limited for our growth (if you want to read more into this, check this out).
IPv6 is, for the semi-geek, an extremely scary concept because it makes them feel like all their knowledge of networking will become obsolete. The ‘long and complex’ number system and all of it’s features (that are really, really much nicer to use than the old decimal ones once you get around it) are subject to much critique in any IPv6-related Slashdot post. Over and over again, it’s supposed ‘pitfalls’ are exposed. I was extremely surprised to find that when I spoke to some people that followed my how-to (which Iljitsch put on Ars Technica appropriately as “Make your Mac more secure (than you can stand)” ), that when I brought up using IPv6 with IPSec-enabled services is quite secure - more so than conventional IPv4, of course, they pointed me to my how-to, that told them to disable IPv6. I really slapped myself to the forehead when I heard that from more than three people who took it to the heart.

What I suggested is that you disable IPv6 if you don’t use it. IPv6 is pretty cool. It’s not a gaping security hole, but I touched on any hypothetical avenue for attack that you can take away from the default configuration. Who knows, there might be a zero-day exploit out there that does do nasty stuff but breaks if you disable IPv6 (which I strongly doubt - but it’s a quantum universe we live in). Please don’t hesitate to adopt IPv6 if you feel like learning about it. It’s knowledge that you will, no doubt, have to use in the future anyway.

So apparently, IPv6 has some identity issues. We really need to get rid of the negative image. KAME has been doing that well, as well as the “ASCII Star Wars in your terminal” server towel.blinkenlights.nl. However, let’s keep showing people that IPv6 isn’t all that scary, but i
t’s a great step into the future of our communication technologies. For that, a little icon.