Apple + Security & Privacy

Apple yesterday made a final presentation of Snow Leopard, or Mac OS X 10.6. This new version of Apple’s operating system is an enhancement of Leopard, Mac OS X 10.5, rather than a radically new OS. Its new features are improvements, not innovations. Apple is refining the operating system, making it 64-bit, and improving the use of multiple processors, but shying away from adding a plethora of visible new features: the changes will mostly be under the hood.

One change we had hoped to see was improved security. Not individual security fixes, but a hardened security backbone for the OS. But Apple seems to have either made few changes in security, or has decided not to publicize them. The only comments about security in Snow Leopard on the Apple web site are the following:

Another benefit of the 64-bit applications in Snow Leopard is that they’re even more secure from hackers and malware than the 32-bit versions. That’s because 64-bit applications can use more advanced security techniques to fend off malicious code.

First, 64-bit applications can keep their data out of harm’s way thanks to a more secure function-passing mechanism and the use of hardware-based execute disable for heap memory. In addition, memory on the system heap is marked using strengthened cryptographic signatures, helping to prevent attacks that rely on corrupting memory.

This talks about applications, which are important, but not about the operating system itself. It is true that preventing attacks that “rely on corrupting memory” is important, because many exploits use such weaknesses to get into the operating system, but we would have liked to see more. Perhaps Apple simply hasn’t felt like presenting other security enhancements, because of their shy attitude toward discussing security. Let’s hope so, and let’s hope to see more security features between now and the release date of September.