Security Topic


On Tuesday January 19, Apple released the first security update for 2010 labeled, "Security Update 2010-001" for Mac OS X Snow Leopard and Leopard. The update addresses security issues with CoreAudio, CUPS, Flash Player plug-in, ImageIO, Image RAW, and OpenSSL.  Users can apply the update with Software Update or download the installers listed below.


A report posted at Reuters by Jim Frinkle indicates that at the Black Hat USA 2009 conference in Las Vegas Nevada, a well known Mac researcher has uncovered a technique that could potentially allow hackers to take control of a Mac and steal encrypted data.  A few quotes from the article:


As more details emerge about the upcoming Snow Leopard operating system (Mac OS X 10.6), Apple has posted information on the security page for Mac OS X Snow Leopard that potentially recognizes the threat of viruses and malware to the Mac OS X operating system and the applications that run on Mac OS X.  Have Apple's most recent statements indicate they they are once again recommending the use of antivirus software?


Apple has issued a support article titled 'Mac OS: Antivirus utilities' in which they recommend the use of antivirus software on Mac OS.  Here's what Apple states:


With today's cyber-threats and focus on computer security, it's no surprise that many people are ditching their Windows PCs for Macs running OS X.  Even Apple's 'Get a Mac' ads highlight the security issues that plague Windows.  The requirement to protect Windows installations from viruses, spyware and malware, have prompted many to make the switch.


Things that make you go hmmm.  Mac users are quick to argue that Macs are not subject to virus infection.  Apple even touts this fact in numerous ways including on their web site and in their "Viruses" Get a Mac ad.  If that's the case, why is the Apple store selling antivirus software for the Mac? Is Apple endorsing antivirus software for the Mac?


A Consumer Reports "State of the net 2006" nationwide survey found that consumers paid as high as $7.8 billion over the past two years to replace or repair their computers that were infected with viruses and spyware.  The survey assessed the likelihood and impact of spam, viruses, spyware, and phishing.  The data from the survey demonstrates that PC users are suffering massive losses from Internet hazards that can cause havoc, slow down systems, and even make the systems unusable.


Computer users who are looking for a secure operating system need not look further than Mac OS X.  In a prior post, I described the Key Isolation Features in Mac OS X.  In this post I'll describe how Apple ships every Mac with default out-of-the-box security.  I will then outline some hardening tasks one can undertake to a make a Mac more secure.  The goal of this post is to describe to those not familiar with OS X how secure a Mac is and can be.  For those tired of viruses, spyware, malware, and security vulnerabilities, the inherent security features in Mac OS X could be reason enough to provoke the decision to make the switch.


In a blog post on July 13, 2006 at Symantec's website, Symantec states the following:

"Let’s start with the hot-button issue of Mac OS X viruses. Simply put, at the time of writing this article, there are no file-infecting viruses that can infect Mac OS X"


Sophos, a leader in integrated threat management solutions, is recommending that home computer users should consider making the Switch to a Mac.  The experts at SophosLabs demonstrate in the Sophos Security Threat Management Report (July 2006) that security threats to Windows based PCs have increased to such a degree that users should consider purchasing a Mac.


Although Apple released the desktop version of Mac OS X (10.0) in March 2001, the under pinning of the OS X operating system are over 30 years old.  In simplistic terms, Mac OS X is based on the BSD implementation of the UNIX operating system.  BSD in turn is a derivative of the original UNIX created by AT&T which was originally created in the 1960's and 1970's.  This article will describe the user account types as they are implemented in Mac OS X.


Most Windows users are familiar with Symantec in some shape or form.  Symantec sells the popular Norton line of products that includes Norton AntiVirus, Norton Personal Firewall, and Norton Internet Security.  Windows users typically install these or similar programs to protect their computers from the over 114,000 viruses, trojans, spyware, and malware.


Aside from an awesome user interface and a great underlying architecture, Apple built OS X with security in mind.  As part of that central security theme, OS X has been designed using three key isolation features:

  • System Isolation
  • User Isolation
  • Memory and Application Isolation