Skip to main content

Apple joins the big leagues

I've been hearing 'OS X is secure' for a decade now. For a decade, I've been challenging that assertion.

The challenges to that assertion generally end up with a response of  'because it's Unix' or 'because it's not Microsoft'. I don't recall 'OS X is secure' assertions being backed up by detailed explanations of anything in the kernel, operating system, development tools or coding practices that assures a higher level of security than competing operating systems, and I don't hold that a Unix history automatically ensures a more secure platform. My first forensic examinations were Unix, not Windows, and I can easily assert that the reason that we have more compromised Windows servers and desktops is because we have more Windows servers and desktops. 

Unfortunately the 'OS X is more secure' fantasy has left some (or many) with the impression that they don't need to practice safe computing on Macs. It is OK to run as admin. Anti-virus is not necessary. Drivebys are a Microsoft problem. In my opinion the smoke and mirrors surrounding 'OS X is secure'  have also lead to complacency on Apples part. They are not as aggressive at implementing security related operating system improvements (such as ASLR) or routine security patches, nor have they implemented really the really basic security controls that I implemented more than twenty years ago on our NetWare servers (remove the execute permission from directories that contain user data, remove the create/write permission from directories that contain executable code). With the latest attacks on OS X applications and with Apples apparent inability to defend its operating system against drive-by vulnerabilities in third party software, the 'OS X is secure' attitude should must change. A half million users can't be wrong, and those users will eventually move past their denial phase and expect Apple to step up to the plate.

Apple will have to up their game a bit on incident response, too. An urgent fix for a months-old vulnerability followed by a fast tracked effort to provide a malware removal tool, resulting in three updates in ten days, doesn't leave me with the impression that they have a well oiled response machine. Apple will feel heat that has been directed at Microsoft the last decade (and Unix systems before that.) Hopefully they will learn from their competitors and react to the new landscape better and faster than their peers did. 

Apple can't blame Sun either. The vulnerability of Java is well known (as are the vulnerabilities of Flash, Reader, Safari, Firefox…). Apple also has had plenty of opportunity to learn from their own mistakes, having repeatedly offered multiple versions of vulnerable desktop software to their customers.

I figure that it'd be pretty boring surfing the web with a platform that isn't exposed to drivebys and remote root exploits so I never really embraced OS X as my preferred home desktop. Now that OS X is playing in the big leagues I figure that it is sufficiently challenging for me to use it as my preferred desktop, and I went out and bought an 11" Air for my home computer.

Update 2012-05-11: Apple accidentally logs passwords in clear text. In football (soccer) that would be an "own goal". A major league fail. 


Popular posts from this blog

Cargo Cult System Administration

Cargo Cult: …imitate the superficial exterior of a process or system without having any understanding of the underlying substance --Wikipedia During and after WWII, some native south pacific islanders erroneously associated the presence of war related technology with the delivery of highly desirable cargo. When the war ended and the cargo stopped showing up, they built crude facsimiles of runways, control towers, and airplanes in the belief that the presence of war technology caused the delivery of desirable cargo. From our point of view, it looks pretty amusing to see people build fake airplanes, runways and control towers  and wait for cargo to fall from the sky.
The question is, how amusing are we?We have cargo cult science[1], cargo cult management[2], cargo cult programming[3], how about cargo cult system management?Here’s some common system administration failures that might be ‘cargo cult’:
Failing to understand the difference between necessary and sufficient. A daily backup …

Ad-Hoc Versus Structured System Management

Structured system management is a concept that covers the fundamentals of building, securing, deploying, monitoring, logging, alerting, and documenting networks, servers and applications. Structured system management implies that you have those fundamentals in place, you execute them consistently, and you know all cases where you are inconsistent. The converse of structured system management is what I call ad hoc system management, where every system has it own plan, undocumented and inconsistent, and you don't know how inconsistent they are, because you've never looked.

In previous posts (here and here) I implied that structured system management was an integral part of improving system availability. Having inherited several platforms that had, at best, ad hoc system management, and having moved the platforms to something resembling structured system management, I've concluded that implementing basic structure around system management will be the best and fastest path to…

The Cloud – Provider Failure Modes

In The Cloud - Outsourcing Moved up the Stack[1] I compared the outsourcing that we do routinely (wide area networks) with the outsourcing of the higher layers of the application stack (processor, memory, storage). Conceptually they are similar:In both cases you’ve entrusted your bits to someone else, you’ve shared physical and logical resources with others, you’ve disassociated physical devices (circuits or servers) from logical devices (virtual circuits, virtual severs), and in exchange for what is hopefully better, faster, cheaper service, you give up visibility, manageability and control to a provider. There are differences though. In the case of networking, your cloud provider is only entrusted with your bits for the time it takes for those bits to cross the providers network, and the loss of a few bits is not catastrophic. For providers of higher layer services, the bits are entrusted to the provider for the life of the bits, and the loss of a few bits is a major problem. These …