Linked by Hadrien Grasland on Sat 25th Jun 2011 08:55 UTC, submitted by John
"Using a Mac may certainly be a safer choice for a lot of people as despite being vulnerable they are not targeted. However this is not the same as Macs being secure, something Eric Schmidt erroneously advised recently. I may be able to browse impervious to malware on a Mac at the moment, however I personally would not be comfortable using a platform so easily compromised if someone had the motivation to do so. In this article I address just why OS X is so insecure including the technical shortcomings of OS X as well as Apples policies as a company that contribute to the situation."
Thread beginning with comment 478573
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[4]: Just another article
by Alfman on Sat 25th Jun 2011 18:53
in reply to "RE[3]: Just another article"
Member since:2011-01-28
jack_perry,
"Fair enough. How does any OS defend against such an attack?"
Neolander,
"By only letting applications access their own folder and files explicitly pointed out by the user."
A user should not have to trust an app in order to run it. Untrusted apps should be allowed to run, but remain individually sandboxed. This way a user could in fact download and run untrusted software without compromising anything else on the system. I don't know of any OS which does this effectively. Java Web Start gets very close, it's a shame Sun never got much traction with it.
Obviously it's extremely difficult to implement sandboxing mid-game. Once we have a huge base of legitimate software which sets the precedent of requiring full access in order to run at all, the user is trained to routinely give app's escalated privileges. This means the security provided by the sandboxing becomes ineffective - ms vista is a good example of this.
RE[4]: Just another article
by pantheraleo on Sat 25th Jun 2011 19:58
in reply to "RE[3]: Just another article"
Member since:2007-03-07
By only letting applications access their own folder and files explicitly pointed out by the user. I've been told that Android does a bit of this, by forcing applications to tell the user what they want to access at installation time. This system just needs to be improved and polished until it shines.
Android runs each application inside its own chroot environment. Although whether that has made Android any more secure or not is very debatable. Recent reports from security research firms have suggested that Android is the second biggest vector of mobile malware now. Second only to Symbian. And that it is rapidly catching up to become the biggest vector of mobile malware. So it doesn't look like Android's security model actually works.
RE[5]: Just another article
by Neolander on Sat 25th Jun 2011 20:01
in reply to "RE[4]: Just another article"
Member since:2010-03-08
RE[4]: Just another article
by jack_perry on Sun 26th Jun 2011 00:13
in reply to "RE[3]: Just another article"
Member since:2005-07-06
By only letting applications access their own folder and files explicitly pointed out by the user.
I don't see how this is a solution. A trojan that can convince a user to install it, can also convince a user to grant it access to all files in a Documents directory. Never mind the hassle to the user who's trying to run serious programs.
RE[5]: Just another article
by Alfman on Sun 26th Jun 2011 04:58
in reply to "RE[4]: Just another article"
Member since:2011-01-28
Neolander,
"By only letting applications access their own folder and files explicitly pointed out by the user."
jack_perry,
"I don't see how this is a solution. A trojan that can convince a user to install it, can also convince a user to grant it access to all files in a Documents directory. Never mind the hassle to the user who's trying to run serious programs."
Imagine a new OS which doesn't have to inherit legacy software. A user can download, install, and run any application in a sandbox by default. The sandbox could access files opened explicitly through drag and drop or an open dialog box, as well as files created itself.
By far an large, legitimate applications (games/editors) will be able to run in the sandbox without any privilege escalation.
If an app turns out to be malicious, it's damage would be very limited in scope because of the sandbox.
If a game is downloaded from P2P network and requests higher privileges (let's say to access email), one could be fairly confident that it is malware.
RE[5]: Just another article
by Neolander on Sun 26th Jun 2011 05:35
in reply to "RE[4]: Just another article"
Member since:2010-03-08
I don't see how this is a solution. A trojan that can convince a user to install it, can also convince a user to grant it access to all files in a Documents directory. Never mind the hassle to the user who's trying to run serious programs.
I think you'd be surprised by how much desktop applications would be fine with no more access to your home or document folder than its own files and the files which you explicitly direct it to (through a system open file dialog, drag and drop or a CLI parameter). Most software is not dangerous by its very nature.
About six months ago, while I was using Windows as my primary OS, I've done the following exercise : opening the "Add and remove software" dialog of my Windows install, and finding out what security permissions each entry would need, given a redesign for a sandboxed OS. As it turns out, few entries actually needed disk access to more than their private folder and user-picked files at a conceptual level. These were...
-Adobe Flash Player, because it copies itself in web browsers' private folders (and as such alters your web browsing experience).
-AVG 2011, because current antivirus want to take over your entire system in the same way as malware.
-System updates.
-Driver software for my phone.
Would you agree that all of these are sufficiently dangerous to reasonably require a security warning and a double check that they come from a reliable source ?
Now imagine that the huge majority of applications which do not require a warning get installed very quickly, without hassle. Only when you install a truly dangerous piece of software do you get a warning. This way, you get a much improved user experience for everyday use and a much stronger user awareness and cooperation when some installation actually involves dangerous software. Add up a security warning dialog that is actually informative (unlike Windows UAC and its OSX equivalent), as permitted by the sandboxed model, and you get much stronger security than what we have now.
Edited 2011-06-26 05:55 UTC
Features
Linked by Thom Holwerda on 05/18/13 21:33 UTC
Why does Google get so much credit in the technology industry? Why, despite the company's many obvious failings, do many geeks and enthusiasts still hold a somewhat positive view on the all-knowing technology giant? A specific talk at Google I/O this week provides the answer.
Linked by David Adams on 05/16/13 4:23 UTC
OSNews is a sponsor of this year's O'Reilly OSCON in Portland, Oregon, USA. A lucky OSNews reader will win a free three-day pass, including two tutorials days. To win the pass, post a comment on this story saying something about Open Source Software or OSCON. We'll pick a winner at random next week. If you don't have an OSNews account, you may email us your entry. Part of the conference is the 9th annual Open Source Awards, and today the 16th is the deadline for nominations. If you'd like to nominate an outstanding open source contributor, do it here. Read on for more information about OSCON. Update: The 20% discount code for OSNews readers is "OSN."
Linked by Thom Holwerda on 05/11/13 21:41 UTC
"Windows is indeed slower than other operating systems in many scenarios, and the gap is worsening." That's one way to start an insider explanation of why Windows' performance isn't up to snuff. Written by someone who actually contributes code to the Windows NT kernel, the comment on Hacker News, later deleted but reposted with permission on Marc Bevand's blog, paints a very dreary picture of the state of Windows development. The root issue? Think of how Linux is developed, and you'll know the answer.
Linked by Thom Holwerda on 05/08/13 14:22 UTC
This is one of those news items that's fun to write, fun to read, fun to comment on, and where no one will be able to say anything unkind. It's all just one big ball of awesome fluffiness. TuneTracker, the BeOS radio automation software, has just released something very special: TuneTracker System 5, the first version designed entirely and specifically for Haiku. In fact, it actually includes Haiku in the software package. Better yet, TuneTracker also unveiled several system-in-a-box products - which have Haiku and TuneTracker pre-installed.
Linked by Thom Holwerda on 05/02/13 15:28 UTC
Exactly twenty years ago, a document was published that played a huge role in establishing the web as we know it today. Twenty years later, and this simple and straightforward document is proof of an irrefutable fact: while closed technologies can change markets, open technologies can change the world.
Linked by Thom Holwerda on 04/29/13 21:06 UTC
Oh multitasking. That staple of computing that got thrown out the window with many modern smartphones. We got some rudimentary thing in its place - but even as multitasking on phone and tablets improves, its user-visible side remains cumbersome. Windows 8 has a neat implementation, and now it's time Android follows in it footsteps.
Linked by Thom Holwerda on 04/24/13 22:24 UTC
They're here! Whether that excites you or not remains to be seen, but the Galaxy S4, which will most likely become the best selling Android smartphone of the year by a huge margin, has been reviewed by all the major sites, and there's lots of interesting conclusions in there - although I think most of you will get the gist.
Linked by Thom Holwerda on 04/18/13 11:21 UTC
Nokia has posted its quarterly results for the first quarter of 2013, and just like the quarters that came before, there's not a whole lot of good news in there. The rise in Lumia sales still can't even dream of making up for the sales drop in Symbian phones, and when broken down in versions, the sales figures for Windows Phone 8 Lumias in particular are very disappointing. In North America, Nokia is getting slaughtered.
Linked by Thom Holwerda on 04/16/13 9:29 UTC
The day has finally come: Google has started shipping Google Glass to the lucky few early adopters. Now that it's shipping, Google has also unveiled a lot more about the API and the specifications of the device itself. While the company had already given out substantial details at earlier occasions, there are still a few surprises here.
Linked by Thom Holwerda on 04/15/13 22:44 UTC
Almost exactly three years ago, I wrote about why OSNews was no longer OSNews: the alternative operating system scene had died, and OSNews, too, had to go with the times and move towards reporting on a new wave of operating systems - mobile, and all the repercussions that the explosion of smartphones and tablets have caused. Still, I was wondering something today: why aren't we seeing alternative operating systems on mobile?More Features »
Sponsored Links
Member since:
2010-03-08
By only letting applications access their own folder and files explicitly pointed out by the user. I've been told that Android does a bit of this, by forcing applications to tell the user what they want to access at installation time. This system just needs to be improved and polished until it shines.