Skip to main content

Apple asks security researchers to dig into Mac OS X Lion

Apple has never had particularly warm relations with the computer security community, and has been frustratingly tight-lipped about the status of known problems and vulnerabilities in Mac OS X: sometimes Apple jumps right on top of security problems in Mac OS X, and sometimes they linger unpatched for months. However, the company may be trying to turn over a new leaf with its forthcoming Mac OS X Lion: it’s asking security researches for feedback on the developer release of Mac OS X 10.7 “Lion”—and offering free copies if they aren’t in Apple’s developer program.

Several Mac securuty researchers have reported that they’ve been contacted by Apple about trying out the new Lion preview release. The releases come with a non-disclosure agreement that would prevent security researchers from publicly discussing any flaws or concerns they might find. Apple has said that it planned many under-the-hood improvements to improve security in Mac OS X Lion, although it has not been specific about its plans. Some Apple-watchers have expected Mac OS X 10.7 to include address space layout randomization—ASLR—which re-arranges key areas of memory in an unpredictable manner to reduce potential threats from buffer overflows and other vulnerabilities. Microsoft Windows has had full ASLR since the release of Windows Vista; Apple’s current OS, Mac OS X 10.6, implements partial ASLR.

Related Videos

Researchers who have confirmed receiving invitations to look at Lion include Dai Zovi and Charlie Miller, co-authors of The Mac Hacker’s Handbook. Miller is particularly well-known for being unimpressed with Mac OS X security, having won prizes in the last three Pwn2Own contests by exploiting hols in Apple’s Safari browser and Mac OS X—in one case, in less than 10 seconds. Miller also demonstrated an SMS processing vulnerability that potentially enabled attackers to complete take over the Apple iPhone, and even launch attacks on other phones.

Apple has said it intends to release Mac OS X 10.7 “Lion” to consumers this summer.

Editors' Recommendations

How to cancel Spotify Premium on your desktop or iOS device
The app screen on Spotify that says Cancel Premium.

Spotify is the world's most popular music and podcast streaming service for a reason. It has a catalog of over 100 million songs, the interface is fun and easy to use, and it's full of features that allow for music discovery, great playlist creation, and sharing. And while its main Achilles heel is that it doesn't offer higher resolution audio like many of its competitors such as Apple Music, Tidal, and Amazon Music, it's Premium tiers are reasonably priced at between $10 and $16 per month. So why would anyone want to cancel Spotify?

Read more
The most common Chromebook problems and how to fix them
A person working on a Toshiba Chromebook.

Chromebooks are great alternatives to MacBooks and Windows 10 laptops, but they aren’t perfect. Any laptop computer is bound to have issues, and some of the most common problems faced by Chromebook users can feel difficult or even impossible to solve on their own. 

From issues with updates to internet connectivity, troubleshooting common Chromebook problems doesn’t have to ruin your day. Read on to discover easy fixes for the most frequent issues Chromebook users face. 
The Diagnostics app

Read more
How to drop a pin in Google Maps
google maps

Pins are a convenient Google Maps feature that allows you to save a location. You can drop a pin to save an address or mark a location if it doesn’t have an address or if the address is incorrect. Your pins will help you navigate to these locations again, and you can also share them with your friends to indicate a meetup location.

Read more