Foundations of Mac OS X Leopard Security 213
jsuda writes "At least a half-dozen times in the book 'Foundations of Mac OS X Leopard Security' the authors state that there is a misconception that the Macintosh computer is immune from security problems. That allegation may explain why there are very few books published (and nearly none in recent years) about security for the Mac. This book is meant to change all that. The authors acknowledge that the Mac OS X software has had little of the security problem experience of Windows (and other operating systems, to a lesser extent) but they spend 455 pages detailing exactly where and how the Macintosh platform is (or may be) vulnerable." Read below for the rest of Jsuda's review.
Many of the security issues raised in the book are theoretical or deal with added elements of the Mac software install that contain non-Apple components — Apache Web server and Perl and PHP scripting packages, for example. Many of the items of concern deal with generic problem areas of computer usage in general, both software and hardware, which affect the Mac as well as any other computers and networks. While the perspective of the book is on the Mac, much of the security review will apply to any type of computer or network.Foundations of Mac OS X Leopard Security | |
author | Charles S. Edge, Jr., William Barker, and Zack Smith |
pages | 455 |
publisher | Apress |
rating | 9 |
reviewer | jsuda |
ISBN | 978-1-59059-989-1 |
summary | Best book on Mac Security |
Messieurs Edge, Barker, and Smith are seasoned Mac and security professionals who point out in a very systematic and comprehensive way the potential problems of running the Mac both in single use and networked environments. The focus is primarily on Mac OS X Leopard and the other software which comes with any new Mac computer, although there is some discussion of earlier OS X versions and earlier generations of Apple applications like Airport.
The book has five main parts covering general security matters, essential security fundamentals, networking, sharing, and workplace security issues. There are four very short appendices of modest value.
The initial first three chapters deal with general security and security fundamentals is basic stuff discussing how technical computer security issues are entwined with practical realities of using computers in a business or home, and that compromises between security and practicality generally must be made. There is discussion of types of security attacks, how the Windows booting programs, Parallels and Boot Camp, implicate Windows security issues on the Mac, and how the UNIX underpinnings of the Mac OS X allow for more sophisticated techniques and tools in securing the Mac computer and networks. Chapter 1 is a useful "quick start" guide of items which can be addressed readily by nearly any level of user to safeguard the Mac from many security concerns. Apple has provided a lot of built-in security features and services which can be adjusted by individual users to his or her own needs, like FileVault, Secure Trash, Keychain, permissions, and others. Higher-level users and maybe experienced security professionals not used to the Mac may be bored with the first part of the book.
Part two deals with protecting the Mac from malware and exploitable services in the OS and major applications like the Safari browser and Mail applications. It explains how malware can affect the Mac through script viruses, social engineering techniques, and other exploits. The book lists a number of available software tools which can help solve some of the potential problems. The section on reviewing and configuring monitoring processes and logs is especially interesting.
Securing networks, using and configuring firewalls, and wireless networking make up the bulk of part three. The content in chapters 7 through 9 is quite technical covering types of networks; routers, hubs and switches;proxy, DMZ, and other servers and hardware setups, advanced firewall configuration using both GUI and command line interfaces; filtering; traffic throttling; and more. The sections describing testing of firewalls and hacking wireless networks using tools like Kismac and iStumbler are especially useful.
Chapter 11, in part four, dealing with website security when utilizing the built-in Apple web services, includes a checklist of at least a dozen items to be dealt with in locking down a site. Security for remote conductivity is addressed also, with particular emphasis given to VPN, secure shell, and the use of network administration tools like Timbuktu and DAVE. Attention is given to both the standard Mac OS X installation as well as to OS X Server. The most complex discussions involve using Open Directory in a security plan. My favorite sections were in chapters 14 on network scanning, monitoring, and intrusion prevention tools. The book describes how to understand your own machine/network security status by learning how to attack other networks. And how to use techniques like white/black box testing, fingerprinting, enumeration, port and TCP/UDP scans, ping sweeps, and more.
The book describes how intrusion detection is accomplished. Guidance is provided on software tools like Tripwire, snort, Checkmate, and others. The last chapter concerns forensics and how to handle attempted or successful intrusions to both understand security weaknesses and to preserve evidence for civil or criminal proceedings, CSI-like.
Nearly all of the presentations cover two levels of interactivity using either GUI-based tools or the command line. Except for a handful of sections, the presentations are useful even for higher-end users, including those dealing with medium to large networks.
The writing is workmanlike and without style or wit, but carefully organized and expressed. There are plenty of (grayscale) screenshots of relevant software application configurations, and sidebar Notes and Tips on many topics. Anyone who has a serious interest in Mac OS X security will benefit from this book as its main virtue is its systematic and comprehensive approach to the issues. It is designed to inform users of all levels how and why to think about OS X security. Geeks who want or need to know Mac OS X security will get a nicely organized book sufficiently filled with useful content. This is not a book intended to raise all security issues or to provide all the answers. It does answer many problems, and will point nearly all users in the right direction for their specific needs.
You can purchase Foundations of Mac OS X Leopard Security from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Re:A good start to the discussion (Score:5, Interesting)
OS X has a solid architecture, but all the evidence indicates that Apple has not taken security seriously as a process issue to the same extent that Microsoft has.
Some of the recent bugs with Safari remind me of the stuff MS was doing 10 years ago, where junior programers hacked together E-Z features without any consideration for the security implications.
The other issue is that QuickTime is a huge smelly bug-filled legacy turd, but thankfully Apple has announced that they are rewriting a replacement.
Re:A good start to the discussion (Score:4, Interesting)
It's hard to write much about security holes when there isn't much of a history of attacks. Can we say "OSX is intrinsically more secure?" Maybe, certainly a lot of its default configuration tend to be more secure than Windows' defaults.
But what's made, and perpetuated, the notion that Macs are immune to viruses and other attacks is that there just aren't very many of them out there. Even with Mac's quickly growing market share, it's still far more lucrative to target mass market windows machines.
Look at how they are attacked. (Score:5, Interesting)
Put an unpatched WinXP on the Internet and watch how quickly it is cracked by an automated process randomly scanning IP blocks.
So you'd turn down $5 million for a chance at a portion of $90 million?No. If they were easy to crack, they would be cracked. Automatically. By a zombie scanning IP blocks.
The real issue is that Macs are very secure ON THEIR OWN. Not in relation to anything else.Today, most boxes are cracked via worms, browser exploits and email attachments.
Removing entire avenues of attack is possible with a Mac. Remove an avenue of attack and you've increased your security.
Then, as long as the DIS-INFECTION rate is HIGHER than the INFECTION rate, those systems will be "secure". At least, they will not be cracked by worms, browser exploits or email attachments.
Re:A good start to the discussion (Score:1, Interesting)
To illustrate, consider this text-book style fallacy: Juan claims metal baseball bats are just as likely to break as wood ones. "Because metal baseball bats aren't used as often* they only seem to be stronger. Believe me, if guys used metal enough, you'd be breaking bats all the time. So stick with wood."
You can now be certain metal bats are as weak as wood?
* disclaimer: I know very little about baseball or bats!
Re:A good start to the discussion (Score:5, Interesting)
What, intrinsically, makes OSX immune to spyware?
OSX cannot stop you from running software that is inherently evil.
The fact that there isn't spyware on OSX proves that small marketshare is indeed a huge factor in lack of exploits in OSX... because there is absolutely no technical reason for spyware not to work on OSX.
Re:You're wrong. (Score:5, Interesting)
Actually, there are other advantages... (Score:3, Interesting)
Mac OS X has some advantages in security. But I can't really say those advantages are due to Apple being somehow inherently 'better' coders than Microsoft or having made some kind of perfect system.
I slightly disagree with that statement.
Most programming done on other systems for higher level OS and application stuff, is C or C++.
In OS X, it is Objective C.
SImply because of the message passing nature and the way the frameworks are built, I would say that generally any application written in Objective C would have many fewer problems with things like buffer overruns. Also possible, is that the very dynamic nature of Objective C makes it more likely code will be checking inputs from other modules for sanity.
This would also agree with your assessment that Quicktime seems to show more problems than other areas of code - because more of it is at a very low level that is more pure C and uses the frameworks less.
But I do agree with your assessment that Apple being willing to break from legacy code makes a difference too.
Re:Wait (Score:3, Interesting)
"Sadly, there are plenty of Mac hipsters out there who do think that it is totally immune."
Are there? Show me a quote or two where somebody has actually written that. NOBODY actually believes Mac OS is totally immune, not even the most fervent of hipsters.
Re:You're wrong. (Score:3, Interesting)
The attitude of Mac users is what worries me (Score:5, Interesting)
I own four macs and am a sysadmin to a company running about 45 macs. I really like Mac OSX as an OS, as it is generally very robust and flexible, and, in my experience, the OS contains many features that make it both more productive and secure than Windows.
That, however, is a generalisation. Windows has made strides to improve its security record and Vista is much better in this respect than XP was (even if one does get the feeling that a lot of Vista functionality was "bolted on" after the fact). I would be wary of making wild claims about Vista being less secure than OSX, but I think, in general, Apple's use of ACLs in 10.5, coupled with other security features do give it a slight edge.
That said, the exploit this week about the Applescript ARDAgent vulnerability, and above all, the general reaction of Mac users to this vulnerability, and again as expressed in this slashdot comments section, coupled with my experiences with my users at work shows me a few things:
Mac users in general, tend to hold on to myths and marketing claims put out by Apple's PR more that users of other platforms do. I honestly think that the Mac vs. PC ads do Mac users a disservice because so many belive the claims without even asking any questions about them. An example: PC is frustrated because Mac now has Office 2008 which can do all that Office 2007 can. This is simply false. Office 2008 lacks VBA for one thing, lacks conditional formatting in Excel for another, and is so slow, it is barely usable on a new Mac Pro tower. Our older Office version, Office v.X runs faster in Rosetta emulation.
Another example. Coincidentally, I discovered this week that Apple Mail will run a Mac application thta has been attached to an email directly out of Mail. It will warn you, twice, about this, but Windows warns you about new apps as well that hasn't stopped millions of clueless end users ignoring the warnings and just clicking away. I did a few tests on users at work and they *all* opened the app. An app, combined with the applescript ARDAgent exploit would be an excellent way for an attacker to install a trojan for phishing or zombie purposes.
The atttude of Mac users that the platform is magically secure than Windows (it is more secure than XP, but not much more than Vista if at all) in the same way that Mac users were still crowing about Win98 BSODs the same way Windows users were crowing about OS9 crashing all over the place, years after neither one was used very much any more, is indicative of the problems that we, the Mac using community will face when malware exploits start to gather pace on the Mac.
I honestly believe that the Mac has been mostly protected by its small marketshare up until now. Most exploits come out of China and Russia, and most malware authors there do not have Macs. That will eventually change.
I say that Mac users should be less confident in the platform and more aware of security. I suspect that in 5 years, Anti-Virus software will also be a mainstay on OSX.
MacOS X and Spyware (Score:4, Interesting)
Think about how spyware gets on a computer.
From what I understand, there are two basic ways: Drive by downloads and host programs that carry spyware with their installation.
Drive by downloads under Windows are installed thanks to Internet Explorer bugs. IE is capable of installing operating system updates and so it automatically has the access needed to do so.(*) Safari has no special operating system privileges and so it cannot install software on its own without user intervention.
As far as I can tell, other spyware vectors such as commercially developed BitTorrent clients and "smiley face" silliness have not taken off on the Mac.
So as far as I know, the major ways to distribute spyware don't exist on the Mac and probably never will. Thus, Apple is likely to be spared the spyware phenomenon, at least to the dreadful extent it occurs on Windows machines.
D
(*) I think Vista was supposed to fix this but I don't know if that is the case or not. In any event, most Windows users continue to use XP.
Re:The attitude of Mac users is what worries me (Score:2, Interesting)
Re:MacOS X and Spyware (Score:3, Interesting)
Unfortunately, I live in Pittsburgh, which is an area where most people like the tried and true and don't think much of being up to date. So the problems you mention are still very much alive here, and pretty much every PC I see is encrusted with enormous amounts of spyware and invasive software.
Since Apple's user base skews towards better educated individuals in general, and creative artists and writers specifically, I suspect that fewer of them have the bad taste to download the "Incredimail" and smiley face software that are common spyware vectors. However, in all fairness, I think that software is not available for the platform in any event. If and when it becomes available, it will be interesting to see how much spyware proliferates.
D
Re:A good start to the discussion (Score:3, Interesting)
I'm aware that Window's market share makes them the "low-hanging fruit," but even without considering market share, OSX has fewer security holes than Windows
Really? Compare Vista to OS X... Heck even compare 10.5 to Vista...
When you get back from your research, please post a retraction to your clueless assertion.
Most of the difference seems (to me, YMMV) to be remnants of OSX's background in BSD
Do you even understand what you are trying to state? BSD is not a 'secure' end all OS design. One, I repeat one BSD variant is very secure because of the detail that it is given. When you get outside of this variant/distribution like FreeBSD or OS X the security of BSD from the secure variant has no relevance.
Go look up what BSD is and stop with the insane (Because it uses BSD it is JUST more secure) crap...
People have no freaking clue what BSD is, other than the reputation of ONE BSD variant, and even it has ran into a few holes in the past few years (Google: University Records stolen California) for an example...