While Snow Leopard includes some improvements in the area of security, noted security researcher Charlie Miller, winner of two consecutive "Pwn2own" hacker contests and co-author of The Mac Hacker's Handbook, concludes that Apple missed the boat on security in Mac OS X Snow Leopard. "Snow Leopard's more secure than Leopard, but it's not as secure as Vista or Windows 7," Miller said.
To read all comments associated with this story, please click here.
Member since:2006-04-21
Darwin (Apple open source core OS) is from bottom to top (non exhaustive list):
- osfmk (based on Mach micro-kernel)
- plateform expert
- IOKit (driver interface)
- BSD interface for user/kernel land.
It is important to undersand that the fact that Apple decided to use the FreeBSD 5.0 interface has NOTHING to do with FreeBSD 5.0 implementation (and flaws,bugs...). To make it simple, the interface is the same but the implementation is very different (but sometimes not that different). The Mach micro-kernel don't have any notion of process, PID, user associated rights, TCP/IP... Mainly it is an abstraction layer above hardware which deal with processors and memory to provide the notion of Tasks and threads which execute within a task. The BSD interface gives Mach derivative kernels (xnu is our case) very common interface (UNIX/BSD) for process to execute (process concept, user rights, network....). BSD process are mapped on Mach tasks. BSD thread are mapped on Mach threads... Some years ago a Linux flavor was built above Mach (see Mklinux) just like SunOS. Interface and implementation are very different thing. It is interesting to note that the two major devs who's built the Mach kernel are Rick Rashid and Avie Tevanian (among other devs), Rick Rashid went to Microsoft (NT Kernel ?)and Avie Tevanian went to NeXT then Apple.
Edit: some typos...
Edited 2009-09-21 18:53 UTC
Member since:
2005-07-06
I think most of us know that FreeBSD 5.0 was one of the components on which the OS X kernel is based (besides the Mach Kernel). Since there have been various updates and upgrades to the FreeBSD kernel, many of which would have been related to security how many of those have been incorporated in the latest release of Snow Leopard. Meanwhile FreeBSD is at 8.0 beta 4 stage, Apple is still stuck at FreeBSD 5.0. I am not an expert in this field but isn't FreeBSD 5.0 like 4 years old to say the least and a lot has changed in the world of FreeBSD ever since, better optimization for 64 bit, multi-threading etc. Your comments are most welcome.