YOUR IT - Technology for you

No. 1 Story

Telstra adds one million mobile services, but Sensis plummets

Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.

 read more
StumbleUponSubmit to redditShare this on TwitterShare on facebook | Print |PDF 

More From

What Apple should do to make Leopard more secure

Stuart Corner
Sunday, 09 March 2008 16:55

Your IT - Home IT

Page 1 of 2
Subrosasoft's MacForensicLabs has published a white paper describing vulnerabilities in the Mac OS X operating system making recommendations to Apple on how to reduce or eliminate these.
Microsoft Office 365 Get your free Trial

Related Articles

The white paper identifes three key aspects of OS X that it says could be exploited: the 'bundle' architecture under which the many files associated with an application are bundled together and appear to the user as a single file; the fact that the application folder in which these files are stored has no access restrictions; and the centralised Address Book application whose database can be read and written by any program running on the computer.

Components of an application 'bundle' could include multiple executables for different platforms such as Classic Mac OS, PowerPC or Intel-based computers, multiple language files so that a single copy of the application bundle can be used in different countries and appear in the native language of that country, graphics, buttons and media resources used within the application and help files, manuals, etc.

According to the White Paper, "The structure of the bundle architecture makes it easier to piggyback executable code within an existing trusted application by simply renaming the existing executable [eg] iTunes found in the [applications folder] and inserting a second executable into the [applications] folder with the original's executable name. When the user executes the bundle (in this case iTunes.app) the virus code would execute instead. The virus would then launch the renamed iTunes executable so that the user would not be aware they had run the wrong program."

Mac OS X also makes use of the bundle architecture for storage of user documents in many modern applications such as iMovie, iDVD, and the many pro tools. These bundles typically have their file extension marked invisible so, the white paper says, "it is possible to disguise an executable program as a data 'file' for such a tool. These bundles can open both their own malware code as well as the desired real application whilst conserving the look and feel of the real data." CONTINUED


Start 1 2 Next 

Sponsored Announcements

Websense #1 in Web Security Fourth Year in a Row

David Bass | For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…

You may have missed


Advertisement

- sponsored feature -

The Death of Traditional BI: What’s Next?

How to Make Business Discovery Work for Your Business IP PABX BUYING GUIDE

Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases