How secure is your Mac?

Apple's success with Mac OS X seems to be endless. But as the Unix-based operating system becomes more complex and feature rich wonder more and more about safety really related to.

Apple was from the mid-1990s until the early 2000's if not declared dead, then at least pretty close. Sales were very poor. As Apple well managed to get to a product that sold well, such as the laptop Powerbook, they either could not deliver enough units to stores, or so the quality was so bad that the product got a bad reputation and sales were at the bottom.

With the small computer iMac and since Mac OS X Apple reversed the trend. In March 2001 released the first version of its new operating system. Mac OS X was born - but brand new it was not.

Mac OS X was born out of something of a bastard called Rhapsody, a codename for what would become Apple's next operating system. Rhapsody was simply stated on Next Open Step operating system in combination with selected parts of Apple's old FAITHFUL to the operating system, Mac OS. In combination with elements from the Free BSD and Net BSD was this what later was called Mac OS X.

The selected parts of the Mac OS was purely cosmetic and were included in the Rhapsody to make the transition from the old Mac OS to a newer Unix-based operating system easier for users. After Steve Jobs returned to Apple because of the purchase of Next the old interface where ignored completely. It was replaced by Aqua, a new interface in which certain characteristics are taken from the old Mac OS.

The core of Mac OS X based on the Mach kernel, which is also used in the Next Step and Open Step. The operating system is POSIX-compliant and the kernel is called XNU (which will be borne X is Not Unix) and based on a combination of version 3.0 of the Mach kernel, and version 4.3 of the BSD kernel.

Combination of Mach and BSD came to overcome the limitations of the Mach kernel, which is a micro-kernel and that in some situations may suffer major performance problems when the kernel has much to do. BSD kernel solved the problem but also contributed with POSIX compatibility, process management, virtual memory management and networking functionality.

Since the launch of Mac OS X has security features at all times taken a step forward with each new version of the operating system. In version 10.4 introduced example function FileVault is an encryption function of the user files in home directory. It is based on a 256 bit AES encryption which is the same function, now also available for image files.

In Mac OS X 10.5, which most users now have on their Macs, introduced a new feature called trojan horse marking. It marks all the files downloaded from the internet. When the user then wants to open the file, warned him that the file is from a source that can not be guaranteed to be safe. On the same theme have security around the program is running in the operating system has improved and each program are encapsulated to prevent the program do things they should not.
One of the biggest problems of working professionally with Mac OS X is Apple's secrecy. Apple releases regular security updates for their operating system but it is far from always that Apple says what they contain.

You can use it at the time of writing most recent security update, Security Update 2008-007, which contains a plethora of bug fixes, for example, Apache, My SQL, Postfix, Clam AV, php, rlogin, and more. But Apple do not say what they do when they update these services. No security ¬ copies put on the existing configuration files when the update is because Apple assumes that all modifications made by the operating system has been made in the manner they stipulate. Do you have bad luck are you there with a partially defective server does not.

Apple PRETEND not that they do not want to discuss, or even reveal that a vulnerability exists until they have examined the problem and produced a solution. It argues that they do so because they want to protect their customers.
Mac OS X 10.5 offers five different authentication methods. The first is the local authentication where the user logs in with the login and password registered in the local database. The security is not sufficient as it is an installation CD or DVD for Mac OS X can boot your computer and reset the root password on the machine. Do not use this login method, which is by far the most common, is an encryption of all sensitive files with File Vault or any other encryption method ¬ say the least, a requirement.

Support for directory services has also been improved and now manage Mac OS X Open Directory, Active Directory and logins via Kerberos. Open Directory is a directory service that Apple has also been implemented on Mac OS X Server. It can handle all types of resources in a Macbaserat network.

Support for Active Directory in Mac OS X has been contested since it was first introduced in Mac OS X 10.4. In version 10.5 have been many bugs and those who had a functioning authentication against Active Directory in 10.4 got to see how it completely stopped working after updating to 10.5.

It took several months before the worst of these bugs had hamrats out of the code in Mac OS X. As of version 10.5.3, however, should be Active Directory links and logins work as promised.
Security problems exist and should be taken very seriously. Often, the bugs not only in the operating system but also in the programs that Apple produces. One can never be quite sure that these bugs are gone in the past has been fixed.

A good example of this is a rare stubborn bug in the built-in e-mail program Mail fixades in March 2006 when the Mac OS X still bar the version number 10.4. In the update to 10.5 this bug cropped up again. It made it possible to e-mail to receive a malicious program, which mask as for example a JPEG image, in the machine.

Apple had simply fipplat a little too much with the code in Mac OS X 10.5 and removed the warning that the user when he opens an attachment to an email. Bug fixades to the end of Apple.

Mac OS X is based in part on open source. Php, Samba, NFS, Apache, Bind, and Perl are some of the programs included with both client and server version. Them, Apple has no direct control over, except that they are just like any other can fix bugs and send them over to the project and hope that the code is adopted and that a bugfix circulated. Thank God Apple is eager to add bug fixes, and more from third party suppliers.

Apple says that they are quick to react and that they are active in, for example, the Forum of Incident Response and Security Teams (FIRST) and the security team that develops Free BSD. Yet, it took Apple more than three weeks longer to post the update of Mac OS X, who won a bug in the DNS server Bind compared to other suppliers. Microsoft, Cisco and Sun got the same bug in their operating system much faster.

It took more than a month before the same bug also fixades on the client computer implementation of Bind. Apple said that they thought it was a vulnerability in the client version of Mac OS X 10.5, but there were plenty of others who thought differently. It is no exaggeration to say that Apple's credibility suffered a major blow after the FOOLISHNESS.

Mac OS X has so far survived on "security by obscurity", ie a security which only exist thanks to the platform is still not popular and common enough that users of security to put time and energy to exploit them as is available in Mac OS X.

One issue that is really worth asking is whether Apple is ready on that day the cannons against Mac OS X and its users. Right now, Mac OS X compared to Sweden and our defense: we are safe until someone decides to attack.

Yours sincerely,
Alexander Engzell