Security Oriented and Mac OS X Part2

Posted: March 20, 2011 in Security Related

Continued Security Oriented and Mac OS X Part1

The most important part in security for any OS as I mentioned, is how to keep it secure against the continuous vulnerabilities discovered by the security community and Hacker.

Mac OS X security lifecycle doesn’t include any clear security model or framework. the reason of mentioning that is the lack of a centralized repository for the security issues in Mac OS X, actually most of what you can find is a personal or some corporative work done by third party.

Mac OS X proved to be one of the highest vulnerable OS in the market today. Based on the latest study research done by Secunia, Mac OS X till today has 1452 Vulnerabilities. this is on the Mac OS X side only. What do I mean by “Mac OS X side only”?

As mentioned in part one, Mac OS X is actually based on FreeBSD‘s and NetBSD‘s, so what Mac OS X actually is a FreeBSD, NetBSD and Mac OS X customization.

Mac OS X considered to be the User Mode of the Kernel, while FreeBSD is the kernel mode. on FreeBSD itself 84 Vulnerabilities, while the NetBSD is presenting the network kernel layer of the Mac OS X has 43 Vulnerabilities

So the total of infected vulnerability of a Mac System = Mac OS X + FreeBSD + NetBSD = 1579. this is a serious and dangerous number.

Now the criticality is not only in the number of vulnerability, the criticality relies beyond. The patching management is the key factor. you cannot find any reliable information in Mac OS X patching management as the absence of the patching cycle and addressing vulnerabilities and fixing them. Sure this doesn’t mean there is no patching or security implementation, but the absence of a clear resource and information about what has been patched and what not.

Some security advisory research keeps an eye to such changes, but still this is not the optimal way to handle a security for a well built promising OS like Mac OS X.

Generally speaking, all open source OS claims to be very secure, while the absence of a centralized repository for these multiple Linux and Unix-Like distributions is one of the concerns raised all the way.

OS popularity and the market share of use plays a huge role in orienting hacking against vulnerabilities, this why we find Windows Platform are more targeted to such exploits attempts. Windows 7 for example has 96 Vulnerabilities, where only 6 are not patched. which means, vulnerabilities are there, but they are well managed and handled by patches in a well known security cycle. Microsoft has a very nice Security Model called “SDLF – Security Development Life Cycle” which ensure developing applications against security standards to reduce the number of security breaches in MS Apps. the SDLF will not stop after producing the apps to the market, but it will continue improving security and addressing discovered vulnerabilities and work on patch them regularly following a nice model of Security Management.

Personally, I like Apple products and I am impressed with their quality build of hardware and the innovation part within it, but, what are the most important part, the soul of the outstanding hardware products, what about the Software? I hope in future Apple will take security more seriously apart from focusing on marketing and delivering nice looking products, spending some time in doing serious stuff is better than wasting all the time on marketing and presentations!!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s