Mac Security Updates In OS X 10.5 “Leopard”

Rich Mogul of Securosis takes a look at the list of security additions in Leopard, and likes what he sees:

“A couple of features look pretty interesting. The biggest is the inclusion of ‘Library Randomization’, or what we call layout randomization (ASLR) in Vista. System functions are randomized in memory to make exploitation more difficult. I don’t have a Leopard seed to check it out, and I suspect some of the researchers out there will dig in and let us know how good (or bad) the implementation is. OS X already supports Data Execution Prevention, one of the other key XP, Server, and Vista anti-exploitation technologies.”

As he puts it at the end:

“I’m really looking forward to seeing how this all holds up once the security researchers get their hands on it. On paper it looks great, maybe even getting OS X up to the level of Vista (for security, usability on Vista still sucks). But I don’t believe anything until people smarter than me start banging on it and seeing where the cracks are.”

(Via securosis.com.)

  • http://www.technovia.co.uk/2007/10/mac-security-up.html Tester

    Mac Security Updates In OS X 10.5 Leopard

    Did you see this post at http://www.technovia.co.uk