Did Apple miss major security feature with Snow Leopard?

[Schtibbie]

http://www.channelregister.co.uk/2009/08/29/snow_leopard_security/

Can any techie types confirm this? One of the major security features that security experts were hoping would get added to Snow Leopard apparently wasn't - complete ASLR. I think (?) Windows has this presently. NOT TO COMPARE THE TWO across the board, mind you. This is just one piece folks thought they'd fix up this time.

 

[rpp3po]

Yes, the article is accurate. Apple's ASLR implementation is half hearted compared to Vista and 7. ASLR doesn't mean total immunity, but doing it only half way really kind of invalidates the whole concept, when core parts of the system aren't included. Microsoft's reputation for security is much worse today (from <= XP times) than it is justified for current products. Regarding OS level security concepts even Vista was ahead of both 10.5 & 10.6. Of course, Microsoft always finds spots to totally mess things up. And so they wrapped a totally annoying pop-up concept on-top of all this.

 

[Schtibbie]

Yes, the article is accurate. Apple's ASLR implementation is half hearted compared to Vista and 7. ASLR doesn't mean total immunity, but doing it only half way really kind of invalidates the whole concept...

Yeah, but I had read elsewhere that the move to 64-bit would let them "hide" their code with ASLR even better than before - so they COULD but they didn't manage to randomize (Address Space Layout Randomization, for folks who don't know) any more stuff than they had in regular Leopard? I guess that's what the security guy in the article was saying. Oh well.

 

[xIGmanIx]

its unfortunately that they didn't take the time and survey the security scene and its possible future. I am no hacker, however when i think about security, i don't think about apple.