Just a few years ago, Apple commanded only a small fraction of the computer market. Today, thanks to the success of OS X and iMacs, Apple is the third largest PC maker with about an 8 percent market share. This hasn't gone unnoticed by hackers, and you can expect to see more attacks on this increasingly popular platform. Already, a couple of instances of trojans targeting Mac users have occurred, such as a Flash-based trojan earlier this year, and another discovered in June that attempts to steal passwords and lower firewall settings.
Also, vulnerabilities in the operating system are on the rise: in 2002, there were fewer than 20 announced for the platform; in 2007 that figure surpassed 100. And this year, Apple plugged vulnerabilities in five security updates so far. So the state of relative security silence (compared to the Win/Intel platform) seems over as attackers increase their targeting of OS X. Security pros must gain a handle on how to lock down systems running in their enterprise.
When it comes to security, Apple isn't sitting still. Let's take a look at some of the new features inherent in OS X 10.5 that help keep the system secure. According to Apple, these security enhancements were added to 10.5, released last fall:
- Tagging and first-run warning: Mac OS X 10.5 marks files that are downloaded to help prevent users from inadvertently running malicious downloaded applications.
- Runtime protection: New technologies such as execute disable, library randomization, and sandboxing help prevent attacks that try to hijack or modify system software.
- Improved firewall: After the new application firewall is activated, the firewall configures itself so that users get the benefits of firewall protection without having to understand the details of network ports and protocols.
- Mandatory access control: These enforce restrictions on access to system resources. Not even a compromised “root” user can change some settings.
- Application signing: This enables users to verify the integrity and identity of applications on the Mac.
- Improved secure connectivity: Virtual private network (VPN) support has been enhanced to connect to more of the most popular VPN servers—without additional software.
The company also released the Mac OS X Security Configuration Guide, a detailed security configuration guide that is useful to anyone interested in locking down the operating system, or is responsible for protecting a corporate network. However, as Apple writes in its own disclaimer for the guide, it's important to have some experience using Apple's terminal application command-line interface.
As anyone involved in IT security knows, no OS is impenetrable. But what could make securing OS X a challenge for some security professionals is a simple lack of familiarity with the operating system. This guide, can solve that dilemma. The guide covers everything from introducing the OS X security architecture, account management, and Filevault (Mac's disk encryption), to how to physically protect hardware from attacks from RF eavesdropping and Bluetooth security. It's worth reading if you need to keep any Macs secure in your environment. In the event of a rush of MAC OS X attacks, it's a good idea to be prepared before anything happens.