According to the Apple website, “Mac OS X
delivers the highest level of security through
the adoption of industry standards, open
software development and wise architectural
decisions.” Of course, the Month of Apple
Bugs and the flurry of activity after the re -
lease of Safari for Windows showed that
Macs are just as susceptible to vulnerabilities
as other operating systems. Arguably , two
factors keep the number of announced vul-
nerabilities on Mac OS X low: the lack of re -
searchers interested in exploring this operat -
ing system due to its low market share and
the steep learning curve for researchers who
are unfamiliar with the platform. The first of
these reasons is going away as Apple’s mar-
ket share continues to rise. This paper hopes
to address the second reason, that is, to pro-
vide researchers already familiar with Win-
dows and Linux the knowledge and tools
necessary to search for new security bugs in
this operating system. Specifically, this paper
will address the new forthcoming release of
“Leopard”, the newest version of Mac OS X.
Happily, there are plenty of bugs and some
Mac-only tools that help to find them.
Legal Disclaimer: Due to the fact Apple
pushed back the release of Leopard, and the
only releases of Leopard are available under
NDA, this paper will avoid using screenshots
or code directly from Leopard. Most of the
information is not specific to Leopard anyway,
No comments:
Post a Comment