Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

Mac OS X Lion Brings Added Security and Privacy Features

Following yesterday’s announcement of record quarterly revenue of $28.57 billion and record quarterly profit of $7.31 billion, Apple today launched Mac OS X Lion, the eighth major release of its operating system.

While OS X Lion flaunts more than 250 new features, we thought it would be appropriate to run through them and highlight some of the security and privacy related features that would be of interest to our security-minded audience.

Following yesterday’s announcement of record quarterly revenue of $28.57 billion and record quarterly profit of $7.31 billion, Apple today launched Mac OS X Lion, the eighth major release of its operating system.

While OS X Lion flaunts more than 250 new features, we thought it would be appropriate to run through them and highlight some of the security and privacy related features that would be of interest to our security-minded audience.

Here are some of the security and privacy related features in Mac OS X Lion that stand out most:

FileVault 2, Encryption added in MacOS X LionEnhanced runtime protection – Apple has improved Address space layout randomization (ASLR) for all applications and made it available for 32-bit apps (as are heap memory protections), making 64-bit and 32-bit applications more resistant to attack.

Application sandboxing – Sandboxing protects the system by limiting the kinds of operations an application can perform, such as opening documents or accessing the network. Sandboxing makes it more difficult for a security threat to take advantage of an issue in a specific application to affect the greater system.

Revamped FileVault Technology: FileVault 2 new provides Full Disk Encryption, Instant wipe and External Drive Support: Built in (but not activated by default) FileVault now allows users to encrypt the entire drive on a Mac, helping to keep data more secure.

FileVault 2 uses XTS-AES 128 encryption to secure data. Apple optimized the initial disk encryption to be fast and nonintrusive. FileVault 2 quickly encrypts the entire drive live, so users can continue to work as it encrypts. It’s also designed to relinquish processor cycles to higher-priority user tasks like copying files or browsing.

With FileVault 2, an “instant wipe” feature removes the encryption key from the system instantaneously, making the data completely inaccessible. From there the Mac performs an entire wipe of the data from the disk.

Additionally, FileVault 2 now supports encryption of external USB and FireWire drives.

Advertisement. Scroll to continue reading.

Apple ID authentication for file sharing – An Apple ID can now be used to log in to a remote Mac for file sharing. If others need to access a folder on a Mac, users don’t have to create separate user accounts and only need to add their Apple IDs to the list of authorized users, allowing them to log in with their credentials.

File Sharing Privacy – When users share a document — through email, iChat, or AirDrop, for instance — only the current version is sent; all other versions remain on the system. This should be obvious functionality and not really considered a feature!

Encrypted Backups – Time Machine backups can be more secure by backing up to an external USB or FireWire drive encrypted with FileVault 2.

Observe Only mode in Screen Sharing – A new “Observe Only” mode lets you watch a remote computer without controlling the mouse or trackpad movements so users don’t have to hand over full control of a system when collaborating on a project or demonstrating something to another user.

Removing all Web Site Data – Safari makes it simple to clear the information websites can use to track users online. In the Privacy pane, clicking “Remove All Website Data” causes Safari to remove cookies and Flash plug-in data, as well as information from databases, local storage, and the application cache. Data can also be cleared on a site-by-site basis.

Safari Autofill Protect Against XSS Attacks?Private AutoFill in Safari – Designed to help users fill out forms quickly while keeping personal information private. Safari keeps information private until users choose to send it by detecting web forms and presenting users with a drop-down field, letting them choose to use AutoFill to complete the form with information from the Address Book. This is great feature, but will it be able to fight off carefully crafted XSS attacks?

Additional new features in Lion include the ability to bring apps back exactly how you left them when you restart your Mac or quit and relaunch an app, as well as a new Auto Save feature which automatically and continuously saves your documents as you work. A new “Versions” feature automatically records the history of documents as they are created, and gives user an easy way to browse, revert and even copy and paste from previous versions. OS X Lion also includes a new “AirDrop” feature that finds nearby Macs and automatically sets up a peer-to-peer wireless connection for easy file sharing.

Mac OS X Lion is available today as a 3.9GB download from the Mac App Store™ for $29.99. Apple said that users who do not have broadband access will be able to download Lion at Apple retail stores, and in August will be made available on a USB thumb drive through the Apple Store for $69. Lion requires an Intel-based Mac with a Core 2 Duo, i3, i5, i7 or Xeon processor and 2GB of RAM.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Endpoint Security

Gigabyte has announced BIOS updates that remove a recently identified backdoor feature in hundreds of its motherboards.

Endpoint Security

Several major companies have published advisories in response to the Downfall vulnerability affecting Intel CPUs.

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Endpoint Security

The Zero Day Dilemma

Endpoint Security

When establishing visibility and security controls across endpoints, security professionals need to understand that each endpoint bears some or all responsibility for its own...