No. 1 Story
Technology reinforces generation gap
If you believe that technology could be bridging the generation gap, think again. According to Deloitte’s first State of the Media report it’s as stark as ever.
read moreRelated Articles
Adoption of cloud computing has reached a tipping point - but don’t expect legacy...
In yet another blow to the Facebook IPO this week, following the withdrawal of...
Recruitment technology and social media have played a significant role in growing business in...
Fancy a 4G Windows Phone? Your wait may be over next Tuesday when Telstra...
Microsoft and its partners such as Nokia and HTC are trumpeting the virtues of...
More From
What Apple should do to make Leopard more secure
Stuart Corner
Sunday, 09 March 2008 15:55
Page 2 of 2
It argues that the dangers from these vulnerabilities are exacerbated because the Applications Folder in OS X is totally unprotected: "Any program running on a Mac OS X system can write to this folder and to most of the contents therein."
Although Apple, in Leopard, adopted 'sandboxing' whereby a user receives a warning when first they try and open any new executable file downloaded over the Internet, the white paper argues that the likelihood of the user simply clicking 'OK' makes this an unreliable security measure.
The white paper claims that the easy of access to Address Book combined with the ability to write to files within the applications folder creates the preconditions for a Mac version of the notorious "ILOVEYOU' worm that in 2000 was estimated to have infected 10 percent of all internet-connected Windows PCs and caused more than $5 billion in damage. "the mechanisms for dissemination exist on Mac OS X: a user base believing themselves safe; available open database of contacts; Ability to write to the applications folder."
It makes a number of suggestion for changes that Apple could make to OS X that would reduced these vulnerabilities. "Apple might consider implementing a mechanism whereby a bundle cannot contain more than one executable for any given 'Contents' subfolder. This would reduce the ability of malware authors to piggyback their code inside an otherwise legitimate bundle. Apple may also wish to discuss disallowing multiple extensions inside a .app bundle. This would reduce the ability of malware authors to disguise executable bundles as data files for their pro tools."
It suggests that Address Book could be made less easily accessible: "Apple should contemplate a similar system to the keychain whereby the Address Book can be locked/unlocked and access to the Address Book can be restricted to certain applications."
Also it suggest that Apple should require the entry of an admin password to write to the applications folder, and should extend 'sandbox' protection to include executable code created locally rather than only code downloaded over the Internet. This would, it says, slow down the reproduction of code that has already been authorised by the user.
You think you have a disaster recovery plan?
Think again. Most businesses only have PART of a DR plan - and this spells business disaster in the event of an IT disaster.
Download The Seven Sins of Disaster Recovery White Paper now and find out how you can prevent this happening to you.
