Apple's new OS X tightens screws on some malware
Mountain Lion's default 'Gatekeeper' setting allows only approved Mac software to be installed
Computerworld - Apple will introduce a new Mac security model with OS X Mountain Lion this summer that by default lets users install only programs downloaded from the Mac App Store or those digitally signed by a registered developer.
Some experts called Gatekeeper -- Apple's name for the model and technology -- a game-changer while others criticized it as less than watertight.
Gatekeeper will block the installation of the most common kind of Mac malware yet: Trojan horses unwittingly executed by users who have been duped into downloading and installing fake software.
Last year, several campaigns of "scareware," programs that posed as antivirus software but actually infected systems with attack code, made headlines. Apple responded to the scareware threat by repeatedly updating a rudimentary blocking list that debuted two years earlier.
Apple even took the trouble during the skirmishing to issue a tool that scrubbed infected machines of the "Mac Defender" malware.
Mountain Lion, which Apple said Thursday will ship late this summer, uses a new mechanism to bar malicious applications from most Macs.
By default, only software downloaded from the Mac App Store -- the Apple curated market that debuted in January 2011 -- or signed with certificates Apple provides free-of-charge to registered developers can be installed on Mountain Lion.
Because each digital certificate is linked to an individual developer or company, Apple will know who was responsible for, say, sneaking a malicious app by users, and be able to revoke the certificate and ban the developer from its program.
Apple will not review these digitally-signed third-party programs, but Gatekeeper lets the company retaliate against malicious application makers, and by revoking certificates, gives it a way to block new installs and stifle a malware campaign in its early stages.
Mountain Lion's Security & Privacy preferences screen also has options for tightening or loosening Gatekeeper's vigilance. If "Mac App Store" is selected, only software downloaded from Apple's mart can be installed; choosing "Anywhere" lets users install programs obtained from, well, anywhere. The latter is the wide-open model that Macs -- and Windows PCs -- have used since personal computing's infancy.
At its default setting, Gatekeeper, which has roots in moves Apple has been making with OS X for several years, is a set-and-forget "whitelist," or list of approved programs. "It's like a giant whitelist button," said Andrew Storms, director of security operations at nCircle Security, of Gatekeeper.
Some security experts were enthusiastic about Gatekeeper.
Rich Mogull, a security consultant and former Gartner analyst, called it a game-changer in a post he wrote for the TidBits blog Thursday. And in a more technical description of Gatekeeper on his firm's blog, he argued it would attack hackers where it hurts.
- Mountain Lion mauls other OS X editions for top spot
- Apple consistently convinces customers to upgrade OS X
- Apple to kill Messages beta for OS X Lion next month
- OS X Mountain Lion's torrid upgrade pace cools
- Apple rolls out iOS 6, upgrades Mountain Lion
- OS X Mountain Lion grabs 20% share of all Macs
- Apple's Mountain Lion clears 10% bar, now runs 1 in 10 Macs
- Macs at risk from 'super dangerous' Java zero-day
- Mac laptop owners report shortened battery life after Mountain Lion upgrade
- Mac users left wondering if OS X Snow Leopard's retired
- Who does NSS Labs "Recommend" for NGFW? In 2012, NSS Labs found that most available NGFW solutions "fell short in performance and security effectiveness." In 2013 NSS Labs noted "marked...
- CIOs Deliver Productivity Breakthroughs with Intelligent Digital Signage Retailers have long recognized the influence that digital signage provides over a shopper's point-of-purchase decision making process.
- 9 Essentials for a Complete Cloud-to-Cloud Backup Solution In 9 Essentials for a Complete Cloud-to-Cloud Backup Solution, we'll walk you through potential sources of data loss in the cloud and provide...
- Workload Change: The 70 Percent of Your Business DevOps Forgot Adding WLA early in the development process ensures that the benefits of DevOps accrue for all applications, including your batch services. This paper...
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to...
- Protecting Critical SaaS Data Before It's Too Late In this webinar, you'll hear how to avoid SaaS data loss through best practices from a panel of experts. All Operating Systems White Papers | Webcasts