Linked by Thom Holwerda on Wed 16th Sep 2009 14:56 UTC
While Snow Leopard includes some improvements in the area of security, noted security researcher Charlie Miller, winner of two consecutive "Pwn2own" hacker contests and co-author of The Mac Hacker's Handbook, concludes that Apple missed the boat on security in Mac OS X Snow Leopard. "Snow Leopard's more secure than Leopard, but it's not as secure as Vista or Windows 7," Miller said.
Permalink for comment 384440
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2007-12-13
I find it very interesting that there's not really much meaningful discussion in the comments about ASLR in OS X. For example, while it's true that OS X doesn't implement ASLR like Windows does (mostly), it's still not true that you have predictable address space layouts in the same way pre-Vista versions of Windows did. Leopard introduced some simple ASLR, but also had prebinding of the libraries (replaced by the dyld cache in Snow Leopard) that randomized the addresses of the libraries, functions, and data. Also, in OS X, code on the stack is not executable, and sections of the heap can't be executed without explicitly being marked executable.
I think it's a little like comparing Apples to oranges to a certain extent. ASLR is designed to mitigate a risk that Apple addresses by other means. I'm not certain which is more effective -- both certainly make exploits harder -- but it's true that ASLR does require substantially more resources (at runtime) to implement the entropy collection and perform the periodic randomization.
Were I developing an exploit, I can think of more efficient ways of attacking both operating systems then trying to exploit buffer overruns on either system.