Snow Leopard security – The good, the bad and the missing

by admin August 29, 2009 at 8:44 am
0 Comment

Vista lessons not learned

Apple Engineers missed a key opportunity to implement an industry-standard technology in their latest operating system that would have made it more resistant to hacking attacks, three researchers have said.

Known as ASLR, or address space layout randomization, the measure picks a different memory location to load system components each time the OS is started. While Microsoft has had it implemented since the roll-out of Windows Vista, the analogous protection in Snow Leopard, which went on sale Friday, suffers from a crucial deficiency: It fails to randomize core parts of the OS, including the heap, stack and dynamic linker.

That means that attackers who identify buffer overflows and similar bugs in OS X components have a much better chance of causing the vulnerability to execute malicious code that compromises the machine. The halfhearted attempt at implementing ASLR has been a chief complaint of security researchers since Leopard, Snow Leopard’s predecessor. Many had hoped it would be made more robust in the new version.

Read more: channelregister.co.uk

Related Content
Realme C15 Launching in India on August 18: Everything We Know So Far
Facebook’s CEO to meet PM Modi today
Firefox 4 Beta 1: A Visual Tour
Now, access Facebook on mobile devices for free
more news from the blog
Gmail Now Tells You Where Your Email Comes From
Apple GPS System rumoured to debut in Mercedes cars
Similarity 1.0
Yahoo! and Microsoft set for IM love-in?
emesene 1.5
Windows, Mac OS to run side-by-side
mpop 1.0.12
Ares 2.1.5
Nokia Buys Open Source Trolltech For $150M
Backup2Net 1.1
NetworkActiv PIAFCTM 2.2.2
YouTube adds speech recogntion
ABI – CODER 3.6.1.4
Intel Reveals 22nm Chips And Atom Developer Program At IDF
Microsoft e-mails detail Vista woes
Toshiba intros 2GB miniSD card
Yahoo puts full songs in search
Tunnelier Portable 4.31
Excel flaw opens door to PC hijackers
ZS4 Video Editor 0.958
BootRacer 2.0 Beta
It’s Windows Vista! Only Cheaper!
Firefox browser has the most bugs
Kaspersky Virus Removal Tool 9.0.0.722 (03.05.2010)
TreeSheets 2009-04-26
'World's smallest' Windows phone to debut next month
UK government wants to toughen up anti-piracy measures
Nemo Fast Track 1.0.7.2 Beta
EditPad Lite 7.0.0
@icon sushi 1.21
Google sued for ‘stealing’ Android name
Via Envy24 Audio controller family driver 5.40F
Microsoft rolls out first Office 12 beta