Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Memory protection

E

expat42451

macrumors regular
Original poster
Oct 25, 2013
102
0
where my backpack is
Curious about security in RAM in either 10.9 or 10.10. I understand that one of the updates on Mavericks provided some changes in memory randomization to try to increase RAM security. Is anything like ASLR or other procedures used in addition to this?

Thanks

Expat
 
Those versions of OS X have ASLR enabled system wide. I believe it also has W^X enabled system wide as well, but I'd have to double check. Prebinding is active by default and can't be disabled system wide IIRC so ASLR's effectiveness is somewhat diminished.
 
Thanks very much for the information it is deeply appreciated-


"Prebinding is active by default and can't be disabled system wide IIRC so ASLR's effectiveness is somewhat diminished."

That is interesting. Wonder why they elected to do that- also wonder if it is true in server 3.1?

Again many thanks for the interest and information.

Expat
 
expat42451 said:
Thanks very much for the information it is deeply appreciated-


"Prebinding is active by default and can't be disabled system wide IIRC so ASLR's effectiveness is somewhat diminished."

That is interesting. Wonder why they elected to do that- also wonder if it is true in server 3.1?

Again many thanks for the interest and information.

Expat
Click to expand...

I'm sure they like prebinding for faster application loading, but I don't know why you can't disable it like you can in Linux. At least, I have not found out how to disable it; hopefully someone can correct me if I'm wrong.

It appears that OS X does implement ProPolice as well.
 
Never have heard of Pro Police, a web search says it appears to be some sort of scam. ASLR I knew about and have questions about it. I can find no mention of W^X being implemented either.

Regards
 
Excellent. Many kind thanks for the information. I did a web search after your last post and only briefly looked at the results.

Again many thanks for the link. Sometimes good information is difficult to come by.

Regards

Expat
 
expat42451 said:
Excellent. Many kind thanks for the information. I did a web search after your last post and only briefly looked at the results.

Again many thanks for the link. Sometimes good information is difficult to come by.

Regards

Expat
Click to expand...

Keep in mind that's from 2003, so some of the techniques have changed.

Here's a pretty technical presentation from last year on exploit mitigation specific to OpenBSD, but a lot of it will apply to other systems that use it: http://tech.yandex.ru/events/yagosti/ruBSD/talks/1487/
 
The second is doubly appreciated. Will have a chance to look at it later tonight. I ve not administered anything worth talking about in several years and am involved in a project here in Ecuador where we are going to have to be very security conscious--- given various things that have happened recently I need all the help I can get--

Expat
 
Wanted to say again thanks for the link to yandex.ru. Was a good education for me on how much has changed! I also think this should be a must watch for anyone who is going to be responsible for mission critical systems- amazing how the exploits have changed and another lesson that working to achieve security is just that- like Zen, always becoming, never arriving. It also is fascinating to me how this clarified some of the things about both the SSL problems as well as-- how easy it might have been with memory protection running, to prevent the Heartbleed damage.......of course every sysadm had to consider what he mentioned about various of the protection features....seems like it basically breaks a hell of a lot in the port tree.....

I wonder if more of the mitigation tools are on in Yosemite?

Again many kind thanks for this- it I think is excellent.

Expat
 
Last edited:
expat42451 said:
Wanted to say again thanks for the link to yandex.ru. Was a good education for me on how much has changed! I also think this should be a must watch for anyone who is going to be responsible for mission critical systems- amazing how the exploits have changed and another lesson that working to achieve security is just that- like Zen, always becoming, never arriving. It also is fascinating to me how this clarified some of the things about both the SSL problems as well as-- how easy it might have been with memory protection running, to prevent the Heartbleed damage.......of course every sysadm had to consider what he mentioned about various of the protection features....seems like it basically breaks a hell of a lot in the port tree.....

I wonder if more of the mitigation tools are on in Yosemite?

Again many kind thanks for this- it I think is excellent.

Expat
Click to expand...

It's hard to find good info about the details of OS X. I've been looking everywhere and can't find out definitively what Apple uses besides ASLR. Theo says around the 35:30 mark in the second video at the Yandex site that Apple has ASLR and might have stack protection turned on in their next release (Yosemite). No idea if that turned out to be the case.

The interesting thing about Heartbleed is that the OpenSSL devs were not using normal malloc which would have caught the bug because they were afraid of performance issues on obsolete platforms. Ted Unangst calls it "exploit mitigation countermeasures" on his blog and has a pretty good description of the problem : http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse
 
"The interesting thing about Heartbleed is that the OpenSSL devs were not using normal malloc which would have caught the bug because they were afraid of performance issues on obsolete platforms. Ted Unangst calls it "exploit mitigation countermeasures" on his blog and has a pretty good description of the problem : http://www.tedunangst.com/flak/post/...freelist-reuse"

Damn thats just unreal........

Agree completely about not easily being able to find out more about the guts of the OSX'es. From one of my earlier threads asking about outbound firewall protection for example.....I was asked about this on another forum and asked here- no one seemed to know much. I don't say that to fault anyone but it just seems that as you point out, not a lot is known.......

Theo de Raadt's opinion, in the first video on your link, bolstered a nascent concern I had when some of the details of Heartbleed started to surface i.e. whether OS really was/is a more secure environment as many of us have thought for years....... granted he is probably a bit prejudiced :) Since I don't use Microsoft and have not for years, I was surprised at his comments about how they have implemented memory protection to the extent that they have.Of course.......there are a lot more areas other than just memory as well. To me its unreal that OpenSSL- something that is damn important in the scheme of things- has turned out to be such a disaster with deprecated code, no security reviews...and on and on and on...what else lurks out there one wonders.....
 
expat42451 said:
"The interesting thing about Heartbleed is that the OpenSSL devs were not using normal malloc which would have caught the bug because they were afraid of performance issues on obsolete platforms. Ted Unangst calls it "exploit mitigation countermeasures" on his blog and has a pretty good description of the problem : http://www.tedunangst.com/flak/post/...freelist-reuse"

Damn thats just unreal........

Agree completely about not easily being able to find out more about the guts of the OSX'es. From one of my earlier threads asking about outbound firewall protection for example.....I was asked about this on another forum and asked here- no one seemed to know much. I don't say that to fault anyone but it just seems that as you point out, not a lot is known.......

Theo de Raadt's opinion, in the first video on your link, bolstered a nascent concern I had when some of the details of Heartbleed started to surface i.e. whether OS really was/is a more secure environment as many of us have thought for years....... granted he is probably a bit prejudiced :) Since I don't use Microsoft and have not for years, I was surprised at his comments about how they have implemented memory protection to the extent that they have.Of course.......there are a lot more areas other than just memory as well. To me its unreal that OpenSSL- something that is damn important in the scheme of things- has turned out to be such a disaster with deprecated code, no security reviews...and on and on and on...what else lurks out there one wonders.....
Click to expand...

Yeah, OpenSSL is a big bag of hurt. Some of the stuff the OpenBSD guys found when forking LibreSSL is just mind boggling. Things like feeding your private RSA key into the PRNG for use as entropy, custom rewritten C functions, hardcoding sizes into the code instead of using sizeof, big endian amd64 support, etc.

Talk by Bob Beck and Ted Unangst about what they found in OpenSSL: https://www.youtube.com/watch?v=GnBbhXBDmwU

Some thoughts on worst common denominator programming in OpenSSL: http://www.tedunangst.com/flak/post/worst-common-denominator-programming



Fortunately, OS X does not use OpenSSL by default, but it's available for applications to use if they want to.
 
expat42451 said:
Just unreal--

Also excellent is the linked article from worst common denominator,

https://www.usenix.org/system/files/1403_02-08_mickens.pdf

but don't have any coffee in your mouth when you read it :) Hilarious and sobering.


Will look at Bob Beck tonight. Look forward to it

Regards and many kind thanks for the great information

Expat
Click to expand...

That was a great read. It echoed a lot of my complaints about the web today.

I found this thread on Stack Overflow that addresses ASLR in OS X: https://stackoverflow.com/questions/12824045/what-exactly-is-randomized-with-aslr-in-macos-x-and-ios

There's some conflicting info about PIE. Developers are warned if their apps aren't PIE binaries, but this thread and this blog post indicate such support is optional. That's from last year, so I don't know if they've since required it.

Still no idea about W^X (Wikipedia claims it has it, but provides no source) or any of the other mitigations.
 
Finally got to look at Bob Beck last night (recovering from yesterdays' visit to the dentist) You know-- it is amazing how things even work given that it seems the code base is by far worse than anyone knows.

ASLR itself does not inspire a lot of confidence but its better than nothing.......particularly if one is running in a server environment......PIE more so. I, like you, have not been able to find anything on W^X or anything else. It is surprising that someone isn't speaking out more about implementing these tools given what we are going through- the fact that what was trusted code (we thought) turned out to be -in the case of SSL- crap. I am going to look around today and see if I can't find out more about mitigations specifically in OSX...... Apple should do a hell of a lot better job making information on new versions available and I am talking about the nuts and bolts of the system rather than menus, fonts and colors in the GUI-- I ve just been through this a couple days ago asking a specific firewall question on the Yosemite forum that was met with a deafening silence. Were I had more than one machine I would have loaded and run Yosemite but I learned not to suck eggs a long time ago i.e. not put a beta in a production environment......more on this later today....hopefully something is about that can be "found out".....
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back