Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Thank you for taking the time to supply additional info.

So, ASLR on 10.7 is a catch-up to Windows circa 2006 and Linux.

Sandboxing looks very interesting, but also looks like it won't be trivial for applications to use it.

I didn't see where the FDE description compared Vista BitLocker with OSX 10.7 FileVault on a feature-by-feature basis.
 
Thank you for taking the time to supply additional info.

So, ASLR on 10.7 is a catch-up to Windows circa 2006 and Linux.

I assume it's a bit more than that, since processors support new features to support ASLR that weren't there in 2006 :) (Not saying that ASLR on mac is somehow better than on those other systems as they are today, though).


Sandboxing looks very interesting, but also looks like it won't be trivial for applications to use it.

It looks fairly trivial to me: http://developer.apple.com/library/...roduction.html#//apple_ref/doc/uid/TP40005929

For sandboxing, in particular:

http://developer.apple.com/library/...g.html#//apple_ref/doc/uid/TP40005929-CH6-SW1

Looks to me like you just edit a plist and provide a list of entitlements, more or less. I'll play around with it this weekend and see.

I didn't see where the FDE description compared Vista BitLocker with OSX 10.7 FileVault on a feature-by-feature basis.

Didn't say there was one, but Siracusa does go into some detail about how it works (I have no idea how bitlocker works, but figure someone does).
 
Looks to me like you just edit a plist and provide a list of entitlements, more or less. I'll play around with it this weekend and see.

In some ways, this sounds like the way VMS process privileges worked in 1977.... ;)

As was mentioned in one of the threads on patent suits, it seems like most of the real inventions happened 30 to 50 years ago - and current developers are just cutting-and-pasting that into current products.

The only significant difference that I see is that VMS was focussed on giving the sandbox a superset of privileges, but it's a minor tweak to the concept to give the sandbox a subset.
 
In some ways, this sounds like the way VMS process privileges worked in 1977.... ;)

As was mentioned in one of the threads on patent suits, it seems like most of the real inventions happened 30 to 50 years ago - and current developers are just cutting-and-pasting that into current products.

The only significant difference that I see is that VMS was focussed on giving the sandbox a superset of privileges, but it's a minor tweak to the concept to give the sandbox a subset.

heh heh. VMS. "purge." That brings back memories.
 
Mouse Droppings

Have played around for 2 days now, getting used to reverse scrolling, love Reading List and the new Mail. Hope I will find Full Screen useful, i.e. have more than one app open in Full Screen and swipe between them.

Meanwhile everything works except my Magic Mouse does not reconnect after "sleep" or "close lid" on my MacBook. Won't even come back on by "Connect"ing in my Bluetooth pulldown. Does come back on after turning Bluetooth off and then on again, or after a restart or after opening Mouse in System Preferences. Weird. Heard about this problem on previous releases, but never had the problem until now.

Only other anomaly is my Time Machine putdown now calls my WD hard drive attached to an Airport Extreme a Time Capsule, even though it isn't.
 
Oh, how I wish that "purge" were part of every system today.

File versioning done right - in 1972. The first great Dave Cutler operating system.

My recollection, though, is that file;1 and file;2 were complete copies - not just the diffs?

And the verbosity of VMS never felt right to me - a lot of [set directory foo] type stuff going on (I seem to recall I had aliases for much of it, but it's been 15 years...)
 
My recollection, though, is that file;1 and file;2 were complete copies - not just the diffs?

And the verbosity of VMS never felt right to me - a lot of [set directory foo] type stuff going on (I seem to recall I had aliases for much of it, but it's been 15 years...)

Yes, foo;1 and foo;2 (up to foo;32767) were complete copies - which is why "purge" was so important - since VMS ran on systems with 14 MB disk drives.

(If you edited foo.bar;17, and wrote the file out, file foo.bar;18 would be created on the disk. The name "foo.bar" was shorthand for "foo.bar;<latest>", "foo.bar;0" was "foo.bar;<oldest>". The command "purge foo.bar" would delete all but the latest version.)

"14 MB" is not a typo.

For VMS users, the cryptic shorthand of UNIX never felt right ;) .
 
Yes, foo;1 and foo;2 (up to foo;32767) were complete copies - which is why "purge" was so important - since VMS ran on systems with 14 MB disk drives.

(If you edited foo.bar;17, and wrote the file out, file foo.bar;18 would be created on the disk. The name "foo.bar" was shorthand for "foo.bar;<latest>", "foo.bar;0" was "foo.bar;<oldest>". The command "purge foo.bar" would delete all but the latest version.)

"14 MB" is not a typo.

For VMS users, the cryptic shorthand of UNIX never felt right ;) .

In the day I used Unix and VMS, and a horrible monstrosity called MTS each about 33% of the time. I remember having to purge - a lot - as disks filled up.
 
Major overhaul makes OS X Lion king of security
http://www.theregister.co.uk/2011/07/21/mac_os_x_lion_security/


“It's a significant improvement, and the best way that I've described the level of security in Lion is that it's Windows 7, plus, plus,” said Dino Dai Zovi, principal of security consultancy Trail of Bits and the coauthor of The Mac Hacker's Handbook. “I generally tell Mac users that if they care about security, they should upgrade to Lion sooner rather than later, and the same goes for Windows users, too.

Here is a more thorough comparison:

1) Until Vista, the admin account in Windows did not implement DAC in a way to prevent malware by default. Also, Windows has a far greater number of privilege escalation vulnerabilities that allow bypassing DAC restrictions even if DAC is enabled in Windows.

Much of the ability to turn these vulnerabilities into exploits is due to the insecurity of the Windows registry. Also, more easily being able to link remote exploits to local privilege escalation exploits in Windows is due to the Windows registry.

Mac OS X does not use an exposed monolithic structure, such as the Windows registry, to store system settings. Also, exposed configuration files in OS X do not exert as much influence over associated processes as the registry does in Windows.

Mac OS X Snow Leopard has contained only 2 elevation of privilege vulnerabilities since it was released; obviously, neither of these were used in malware.

http://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7-mirror/ -> guide to develop exploits to bypass UAC by manipulating registry entries for kernel mode driver vulnerabilities.

https://media.blackhat.com/bh-dc-11/Mandt/BlackHat_DC_2011_Mandt_kernelpool-wp.pdf -> more complete documentation about Windows kernel exploitation.

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=win32k+ -> list of incidences of kernel mode driver vulnerabilities.

http://threatpost.com/en_us/blogs/tdl4-rootkit-now-using-stuxnet-bug-120710 -> article about the TDL-4 botnet which uses a UAC bypass exploit when infecting Windows 7.

2) Windows has the potential to have full ASLR but most software does not fully implement the feature. Most software in Windows has some DLLs (dynamic link libraries = Windows equivalent to dyld) which are not randomized.

http://secunia.com/gfx/pdf/DEP_ASLR_2010_paper.pdf -> article overviewing the issues with ASLR and DEP implementation in Windows.

Also, methods have been found to bypass ASLR in Windows 7.

http://vreugdenhilresearch.nl/Pwn2Own-2010-Windows7-InternetExplorer8.pdf -> article describing bypassing ASLR in Windows 7.

Mac OS X has full ASLR implemented on par with Linux. This includes ASLR with position independent executables (PIE). DLLs in Windows have to be pre-mapped at fixed addresses to avoid conflicts so full PIE is not possible with ASLR in Windows.

3) Mac OS X Lion has DEP on stack and heap for both 64-bit and 32-bit processes. Third party software that is 32-bit may lack this feature until recompiled in Xcode 4 within Lion. Not much software for OS X is still 32-bit.

But, not all software in Windows uses DEP; this includes 64-bit software. See article linked in #2.

4) Mac OS X implements canaries using ProPolice, the same mitigation used in Linux. ProPolice is considered the most thorough implementation of canaries. It is known to be much more effective than the similar system used in Windows.

http://www.blackhat.com/presentations/bh-usa-04/bh-us-04-silberman/bh-us-04-silberman-paper.pdf -> article comparing ProPolice to stack canary implementation in Windows.

5) Application sandboxing and mandatory access controls (MAC) in OS X are the same thing. More specifically, applications are sandboxed in OS X via MAC. Mac OS X uses the TrustedBSD MAC framework, which is a derivative of MAC from SE-Linux. This system is mandatory because it does not rely on inherited permissions. Both mandatorily exposed services (mDNSresponder, netbios...) and many client-side apps (Safari, Preview, TextEdit…) are sandboxed in Lion.

Windows does not have MAC. The system that provides sandboxing in Windows, called mandatory integrity controls (MIC), does not function like MAC because it is not actually mandatory. MIC functions based on inherited permissions so it is essentially an extension of DAC (see #1). If UAC is set with less restrictions or disabled in Windows, then MIC has less restrictions or is disabled.

http://www.exploit-db.com/download_pdf/16031 -> article about Mac sandbox.

http://msdn.microsoft.com/en-us/library/bb648648(v=VS.85).aspx -> MS documentation about MIC.

https://media.blackhat.com/bh-eu-11/Tom_Keetch/BlackHat_EU_2011_Keetch_Sandboxes-Slides.pdf -> researchers have found the MIC in IE is not a security boundary.

6) In relation to DAC and interprocess sandboxing in OS X in comparison with some functionality of MIC in Windows 7 (see #5), the XNU kernel used in OS X has always had more secure interprocess communication (IPC) since the initial release of OS X.

Mac OS X, via being based on Mach and BSD (UNIX foundation), facilitates IPC using mach messages secured using port rights that implement a measure of access controls on that communication. These access controls applied to IPC make it more difficult to migrate injected code from one process to another.

Adding difficulty to transporting injected code across processes reduces the likelihood of linking remote exploits to local exploits to achieve system level access.

As of OS X Lion, the XPC service has also been added to implement MAC (see #5) on IPC in OS X. (http://developer.apple.com/library/...stemStartup/Chapters/CreatingXPCServices.html)

7) Windows has far more public and/or unpatched vulnerabilities than OS X.

http://www.vupen.com/english/zerodays/ -> list of public 0days.

http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker -> another list of public 0days.

http://m.prnewswire.com/news-releas...-vulnerability-in-microsoft-os-110606584.html -> article about 18 year old UAC bypass vulnerability.

8) Password handling in OS X is much more secure than Windows.

The default account created in Windows does not require a password. The protected storage API in Windows incorporates the users password into the encryption key for items located in protected storage. If no password is set, then the encryption algorithm used is not as strong. Also, no access controls are applied to items within protected storage.

In Mac OS X, the system prompts the user to define a password at setup. This password is incorporated into the encryption keys for items stored in keychain. Access controls are implemented for items within keychain.

Also, Mac OS X uses a salted SHA1 hash, which is still considered cryptographically secure. It is more robust than the MD4 NTLMv2 hash used in Windows 7.

http://www.windowsecurity.com/articles/How-Cracked-Windows-Password-Part1.html -> article about Windows password hashing.
 
Last edited:
Has anyone had their mac freeze up when watching a flash video? It happens only sometimes but nothing will respond except the cursor. I've left the iMac for about half an hour and its still the same. Flash is up to date and this has only happened in Lion. I like this OS but issues like this one and general instability and weird screen artefacts (has happened to the menu bar and quicktime, hopefully not a graphics card issue) have made my two week old iMac feel just a crawl ahead of my 2006 macbook.
 
Has anyone had their mac freeze up when watching a flash video? It happens only sometimes but nothing will respond except the cursor.

Yes - I've had a couple of 'total lockups' on my mid 2011 iMac 27 since installing Lion. Hopefully they'll fix it soon because I'm loving the rest of Lion.
 
I just got an error message after downloading and starting the install process: "Cannot install. Your hard drive is damaged." !! It's only a year old and I've never had any issue. Attempting restart...

1. Using Disk utility to verify. It stopped and says repair it, but Repair button is greyed out :(.
=============================
I'm pretty sure you need to startup from another mountable volume (external disk or thumb drive) to do repairs on a damaged drive.
 
Why do a bunch of individuals obviously biased towards preferring Windows spend so much time on a Mac orientated forum being antagonistic about any little possible thing that is available to complain about.

I have only made one post on a forum that caters to Windows and do not even lurk on such forums.

It doesn't take much exposure to some of the individuals' posts that I have recently responded to in this thread to realize that this is not a behaviour that any of you are going to give up.

My question is why do this?

I come here to give people suggestions toward fixing their issues and often get roped into responding to this pointless propaganda in the hopes that it becomes obviously pointless to all parties. This now seems like an impossibility.

What motivates you?
=========================
I'm old and have thought about that very same question for a very long time. I've concluded the root cause is in the very fact that dozens of computer brands use the Windows OS. More users, more diversity (usually lower economic and social order as Apple products are premium priced). With more users you get more folks having 'issues' like "...my Dad's pecker is bigger than your Dad's." These immature folks are mostly little children, teens, and man-children who have a fixated hate- based on jealousy. Sad, isn't it. To waste precious life time to pout in public about a machine.
 
Last edited:
Memories . . . ;^)

Oh, how I wish that "purge" were part of every system today.

File versioning done right - in 1972. The first great Dave Cutler operating system.

Dave Cutler at Digital Equipment? With RSX-11?

Wow, what memories - I hope I'm remembering them correctly! ;^)
 
Wow, that's not my experience . . .

Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_4 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8K2 Safari/6533.18.5)

Lion is awful on 2.4 c2d 9400m 4gb ram laptop

I can't even load macrumors on the laptop because it is so slow. 4 gb at 1067 and a year old machine can't keep up, I'm astonished and confused. Only been trying to run mail and safari and it is just too slow to operate, reverting to snow leopard tomorrow afternoon.

I've got a 2008 white MacBook 2.4GHz C2D (7,1) with 4GB at 667 - running
4 desktops with Mail, Chrome, Safari, Address Book and iCal running. No
problems at all . . .
 
You still can ;^)

Makes me laugh that almost everyone's complaining about Lion. It's only been out for 24 hours guys.
Wait a week and the majority of the bugs are gonna be gone.
Wait a month all almost all the apps you used are gonna be updated and/or you'll find new apps.

Only thing that really bothers me with Lion is the fact that I can't put my Spaces in a square. I used to be able to go to any space with the push of a key...

Edit: another thing too (that is gonna be updated anyway...) but just to let you know that the three fingers swipe in chrome/rockmelt is not working right now.

Go into the Keyboard System Preferences and select the key you want to correspond to the desktop you want.
 
=========================
Sad, isn't it. To waste precious life time to pout in public about a machine.

Everybody has to waste time on something I guess.

I like to read a lot of stuff about computer security because I find it interesting and I don't watch much TV. I also don't like fiction.

I like to read about any domain in which there is a discrepancy between what pragmatically appears to true and the information that is provided via the media.

I find that investigating such discrepancies is a good way to get lost for the same amount of time that I would waste watching TV.
 
In love!

I'm absolutely loving Lion. It might be my favorite upgrade since 10.1. Now that I've gotten used to the scrolling (it took me a day), going back doesn't make sense. All the gestures make interacting incredibly intuitive... this was well thought out. I was expecting to like Lion, but not to this extent. I love how refined the UI is becoming. Snow Leopard looks garish along with old Aqua. I have found a bug or two (my pinch to zoom stopped working for a little bit). It's back. No show stoppers and I'm sure things will get fixed, but I'm glad I early adopted. Air Drop is spectacular. I love the new QuickLook everywhere. I finally use Spaces. I never had a problem with Exposé, but Mission Control doesn't bug me either.

I'm sorry to anyone who is having trouble. I wish everyone could have the lovely experience that I'm having with my MBP.
 
I'm absolutely loving Lion. It might be my favorite upgrade since 10.1. Now that I've gotten used to the scrolling (it took me a day), going back doesn't make sense. All the gestures make interacting incredibly intuitive... this was well thought out. I was expecting to like Lion, but not to this extent. I love how refined the UI is becoming. Snow Leopard looks garish along with old Aqua. I have found a bug or two (my pinch to zoom stopped working for a little bit). It's back. No show stoppers and I'm sure things will get fixed, but I'm glad I early adopted. Air Drop is spectacular. I love the new QuickLook everywhere. I finally use Spaces. I never had a problem with Exposé, but Mission Control doesn't bug me either.

I'm sorry to anyone who is having trouble. I wish everyone could have the lovely experience that I'm having with my MBP.

Oh yeah!

6a00d8341c652b53ef0133edb7714d970b-800wi
 
Here is a more thorough comparison:

Until Vista, the admin account in Windows did not implement DAC in a way to prevent malware by default. Also, Windows has a far greater number of privilege escalation vulnerabilities that allow bypassing DAC restrictions even if DAC is enabled in Windows.

Much of the ability to turn these vulnerabilities into exploits is due to the insecurity of the Windows registry. Also, more easily being able to link remote exploits to local privilege escalation exploits in Windows is due to the Windows registry.

Mac OS X does not use an exposed monolithic structure, such as the Windows registry, to store system settings. Also, exposed configuration files in OS X do not exert as much influence over associated processes as the registry does in Windows.

Part of this is quite important since there's quite a bit of XP users out there globally and Microsoft has announced that official XP support will continue for a little over 3 more years.

However comparing Apples to Apples, new OS vs new OS (Win7 SP1 vs OSX Lion), the above mentioned issues are not quite as critical.

The registry has a love-hate relationship with everyone, to include Windows Power Users such as myself. Unauthorized access via exploitations through elevated privs are almost a non-issue with Windows 7 unless a user altered the permissions and/or security measures to allow unannounced arbitrary access. Granted a user can be tricked into allowing unwanted access either permanent or temporary, but that can happen in any other OS, even Linux and OSX.

The upsides of the Registry is that it allows me to set permissions and policies at any level not limited to just adding/modifying/deleting keys/string values, etc. From an administration standpoint, it allows me very simple management options for regulation how each app interacts with any user from 1 location.

The downsides is obvious in such it's not easy to backup just specific entries associated with 1 or just a few programs since the entries tend to be scattered throughout the Registry. Many coders aren't very good at writing installers/uninstallers which may lead to conflicting entries (with other apps) and may leave junk behind. This is where the plist implementation is really nice.

Windows has the potential to have full ASLR but most software does not fully implement the feature. Most software in Windows has some DLLs (dynamic link libraries = Windows equivalent to dyld) which are not randomized.

This is something I keep hearing but I never can get a straight answer on the topic. We've implemented DLL's for some of our proprietary apps and whether they're randomized or not, I've yet to see any malware/threat that can alter them at the user level. We use them to allow interaction with legacy apps from differing vendors, granted we don't have to use DLL's if we simply dumped support for older apps, however... Arbitrary action through elevated privs has never happened since I've used Windows 7. GP (group policies) along with user account privs/permissions literally eliminate most of the risks involving DLL corruption/hacks.

So my question is, under what specific condition can the DLL issue be a significant risk/hazard?

Mac OS X has full ASLR implemented on par with Linux. This includes ASLR with position independent executables (PIE). DLLs in Windows have to be pre-mapped at fixed addresses to avoid conflicts so full PIE is not possible with ASLR in Windows.
OSX just got full ASLR, Windows Vista has had something superior to OSX of that time for about 5 years I believe. Granted I'm very happy that OSX Lion finally has full support for it, but I think this is an issue of tug-o-war, it's only a matter of time before Microsoft fires back with their share of improvements. IMHO this is the natural progression of modern/future operating systems.

Windows does not have MAC. The system that provides sandboxing in Windows, called mandatory integrity controls (MIC), does not function like MAC because it is not actually mandatory. MIC functions based on inherited permissions so it is essentially an extension of DAC (see #1). If UAC is set with less restrictions or disabled in Windows, then MIC has less restrictions or is disabled.

Sandboxing is available through certain apps on Windows, for example Google Chrome however this also applies to OSX users of Google Chrome.

The problem with sandboxing on Windows is while it works great under the 32 bit platforms (through a 3rd party app like Sandboxie), on a x64 platform it can be difficult due to the x64 kernel patchguard which already prevents all unauthorized modifications that can interact/change/damage the kernel. Personally I find very little value at the moment to use sandbox features on my x64 machine. The sandbox environment itself may become damaged/corrupted and may affect anything and everything you use within it.

My question is, does OSX Lion provide a full sandbox for everything or is it just for certain situations? And how did this differ from Snow Leopard?

Windows has far more public and/or unpatched vulnerabilities than OS X.

http://www.vupen.com/english/zerodays/ -> list of public 0days.

http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker -> another list of public 0days.

http://m.prnewswire.com/news-releas...-vulnerability-in-microsoft-os-110606584.html -> article about 18 year old UAC bypass vulnerability.

There are a lot of older articles pointing to Windows 7 vulnerabilities when in actuality to be completely honest, I'm uncertain as to the truth behind the actual risk of those vulnerabilities. As a programmer you have to assess each situation based on the environment, conditions, frequency and specific situation(s) that must be met in order to determine the overall risk level of that threat. If current Windows users were being subjected to issues in accordance with what's posted in those links on a fairly frequent basis, I believe MS would've pushed out a fix whether temp or permanent by now. However this is just my opinion on the matter.

Also, methods have been found to bypass ASLR in Windows 7.

http://vreugdenhilresearch.nl/Pwn2Ow...tExplorer8.pdf -> article describing bypassing ASLR in Windows 7.

That's actually an issue with IE8, not with Windows 7 itself as no current machine ships with IE8 installed anymore, all are on IE9.

BTW great post, I had a great time reading the links.
 
Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5)

Having been using it for a couple of days, I think I know what they need to do with Mission Control, to keep all the spaces users happy - just add the ability to toggle between the current view, and a second view that pulls down the desktop thumbnails to take up the full screen.

So maybe just a swipe down to do that (from where you move any window into any other space), and a swipe up to get back to the original view.

And make it possible to get into either view initially.

And with Expose, just add the option to view app windows grouped or ungrouped, and maybe to toggle between the two. Perhaps instead of moving them slightly with a gesture, they could split apart completely.
 
Well having tried the "natural way" of scrolling with Lion, I have gone back to the tried and tested "reverse scrolling". Whilst I don't doubt I could have got used to "natural" the problem is that most of us have to live in the real world and for me that entails using XP all day at the office. I cannot be doing with two different methods of scrolling which would have led to real mistakes at work - sorry Apple.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.