Linked by Thom Holwerda on Thu 3rd Nov 2011 22:54 UTC
Mac OS X And so the iOS-ification of Mac OS X continues. Apple has just announced that all applications submitted to the Mac App Store have to use sandboxing by March 2012. While this has obvious security advantages, the concerns are numerous - especially since Apple's current sandboxing implementation and associated rules makes a whole lot of applications impossible.
Permalink for comment 495956
To read all comments associated with this story, please click here.
RE[4]: Good move
by frderi on Sat 5th Nov 2011 00:53 UTC in reply to "RE[3]: Good move"
Member since:

I'd argue that DVD and Blu-Ray encryptions are broken by design, like many other forms of DRM, because they rely on distributing a "secret" copy of the decryption key with every single device and software that can playback them. In such circumstances, it is obvious that the decryption key will be leaked by someone at some point.

The biggest problem when it comes to security is software bugs. The bulk of exploits are based on the fact that there's a bug in the software that facilitates buffer overruns which allows one to execute code. The only way of making sure your system isn't compromised is to unplug it from the network and write the software it runs yourself. However, this doesn't tend to be a desirable use case these days. :-) Bottom line : Everything which is software is breakable. The point with running sensible security measurements is that you need to minimize the risks as much as possible.

To the best of my knowledge, there is no such known flaw with the design of sandboxing in itself.

As with any software implementation, its bound to have bugs and thus its exploitable. If the zero-day bug gets discovered by someone looking for them who has ill intentions, most of the time this information just gets sold in black markets online and it ends up in the hands of malware writers which exploit them in their code.

My question is : why is the PDF reader able to get root access to the device at all ?

Point is it doesn't have to have to be exploitable, a bug which allows for improper code execution is enough.

With proper sandboxing, an exploit in the PDF reader would only allow a cracker to have a look at the PDF reader's private data, which is a much, much less interesting trick.

Not necessarily. If memory is written outside the applications heap, its more than likely to have full access to the system allowing the malicious code (not the app itself) for any anything it wants to do.

Fair point, but doesn't this argument also hold for other repository systems where you can freely add other software sources to your OS beyond the vendor-provided one ?

Sure it does, and in the desktop space, there's been quite a few of them : tucows,, versiontracker and macupdate are just a few. But these are merely aggregators not App Stores. They offer no guarantee of the purchase process and in most cases even about the availability of the listed application.

It will also put you in front of heaps of thousands of different software to do the same thing, with no quick way of deciding what works best for your purposes except for relatively flawed indicators such as "featured" or "frequently downloaded" (also known as "popular" in some circles).

Not if you know what functionality you're looking for. You might search for an unrar app, a VNC client, an RSS Reader, … Doing those searches conveniently pops up a list of all available apps allowing you to pick the one with the functionality and price point you find appropriate for your needs.

So since exploring everything and making informed choices is not envisionable for most people in such centralized systems, you end up relying on others (magazines, websites, relatives...) to do the work for you. Which is why I say that word of mouth remains the #1 way of finding software even in big centralized software libraries.

You're more likely being served in a better way if you just consult the app ratings and read the user reviews in the App Store. Why wait 2 months for a published magazine to pick up a newly released app? This used to be my methodology of working in the past, but now we're talking about the nineties, when broadband wasn't among us yet and magazines with CD-ROMs were still a huge deal.

This is the positive side of things. The negative side of things is that if there's a lot of choice you'll end up going through a lot of uninteresting garbage (for you !) before finding what you're looking for.

You browse trough the list, you look at the user ratings, reading the reviews and description, and look at the screenshots. I don't see much difference in the selecting process. When you like something its a quick trip to the the buy button and you have it working. Instant gratification. The barrier can't get much lower than this.

Reply Parent Score: 1