Lion bares security claws

February 27, 2011

Despite the fact that few if any Mac users have actually been affected by malware, Apple gets a lot of grief for not taking security seriously. Nevertheless, the mothership is building new security features into its next-generation computer operating system, Mac OS X Lion, which some of among us refer to as version 10.7.

MacFixIt among a host of others reports that Apple’s just released Mac OS X Lion developer preview includes some significant changes to security. In general, these are features that others implemented years ago, but their integration in OS X and Cupertino’s discrete applications marks a significant change for the company:

      • New malware detection and blocking options, like Google Safe Browsing in Safari

      • Expansion of Snow Leopard’s XProtect malware protection into a full-service malware scanner

      • Lion is expected to incorporate more memory address randomization, which stores active processes in random locations in memory and making it harder for exploits, such as buffer overflows
      — Extension of this facility to third-party apps would be very, very helpful

      • Additional process sandboxing in the OS, a feature used in Safari and other browsers to prevent Flash, etc. from crashing, a common hacker attack vector

      • Tweaks to the built-in firewall, Filevault and log-in session limitations currently used Snow Leopard

Although I’m not interested in living like our Windows PC friends — endless OS warnings, ever present antivirus software, confusing update processes, etc. — Apple could be doing more to improve Mac security and the above is a judicious start…

What’s your take?

Be Sociable, Share!

2 Responses to “Lion bares security claws”

  1. theLedger:

    Even though the threat of hacks or viruses are small (though malware is a growing one), if Apple is going to find a place in the enterprise and government, it needs to be able to show just as much security strength as a Windows’s based system.

    The history with security on the Windows side has created the policies that everyone has to play by.

  2. william:

    I don’t think the sandboxing will prevent Flash, etc., from crashing but would help prevent such a crash from being exploited to modify anything outside said sandbox.

    Safari has had “safe” browsing in the form of Private Browsing for quite some time, possibly since v1.

    Agree with you entirely that Apple needs to be vigilant about security.

Leave a Reply:


Copyright © 2014 NS