| 1 2 3 4 5 6 | Next Page

Preface and Disclaimer

This paper presents an overview of the secu­rity sit­u­a­tion of Mac OS X. The pur­pose of this paper is to present secu­rity in a very easy-​to-​understand fash­ion. I firmly believe that there is an absurd amount of FUD about com­puter secu­rity in gen­eral, mostly prop­a­gated by ven­dors of antivirus soft­ware and their part­ners. In the case of Mac OS X in spe­cific, it is very dif­fi­cult to get accu­rate, non-​sensational infor­ma­tion about what the real secu­rity threats are. This paper began as a gen­uine effort to figure out, and then convey, what the real status of Mac OS X secu­rity is.

Please be aware that I am no secu­rity expert (nor am I a hacker), but simply a normal com­puter nerd with a pas­sion for most things relat­ing to com­put­ers and design. I have made every effort to con­sult the writ­ings of secu­rity experts and convey accu­rate infor­ma­tion. If any secu­rity ninjas out there find any inac­cu­ra­cies, please let me know.

With the excep­tion of the sec­tion “Out Of The Box Secu­rity and Addi­tional Hard­en­ing Measures”, the entire report refers to Mac OS X 10.4 and prior ver­sions. Where pos­si­ble, I state spe­cific ver­sions of the oper­at­ing system that I am refer­ring to.

I’ve broken up this report into sev­eral pages because it is quite long. You can also down­load the report in its entirety in PDF format.

Table of Contents

1. Pref­ace and Dis­claimer
2. Exec­u­tive Sum­mary
3. Intro­duc­tion
4. OS X Back­ground
5. Exam­in­ing the OS X Secu­rity Record
6. Out Of The Box Secu­rity and Addi­tional Hard­en­ing Mea­sures
7. Con­clu­sion

Executive Summary

Mac OS X has for the most part, com­pared to other oper­at­ing sys­tems, enjoyed a care­free his­tory when it comes to secu­rity. There are cer­tainly some vul­ner­a­bil­i­ties, but rel­a­tively few known exploits for them. There are also almost no exam­ples of attacks in the wild. The few attacks that researchers have noted in the wild, although highly pub­li­cized, are mostly harm­less. This how­ever should not be taken as evi­dence that OS X is dif­fi­cult or impos­si­ble to attack.

Two rea­son­able expla­na­tions for the lack of any large-​scale secu­rity threats facing OS X are its small market share and supe­rior approach to secu­rity. OS X is based in BSD UNIX and uses time tested open source soft­ware for its secu­rity foun­da­tion. It was designed to be a multi­user oper­at­ing system and has strong built-​in file based per­mis­sion system. OS X is also very secure out of the box and includes many easily acces­si­ble addi­tional fea­tures. By default the root user in OS X is dis­abled, and most normal users should never even need to use it. Net­work ser­vices are also dis­abled by default. OS X pro­vides a unique com­bi­na­tion of good secu­rity by default and ease of use, making it a rel­a­tively secure system for normal users.

The first virus for OS X, OSX.Leap.A was dis­cov­ered in the wild in Feb­ru­ary of 2006. Although this par­tic­u­lar virus was innocu­ous, it should demon­strate that OS X is cer­tainly not immune to secu­rity threats. While the OS X market share is small, it is steadily increas­ing. As is becomes a more pop­u­lar oper­at­ing system, secu­rity threats are likely to increase and become more severe. OS X is not by any means a bul­let­proof oper­at­ing system and Apple will have to con­tinue to be vig­i­lant about secu­rity in order to stay ahead of hackers.

| 1 2 3 4 5 6 | Next Page