Filed under: Security, Leopard
A look at security in Leopard
That sound you just heard was an NDA being broken. That's right one of Sebastiaan's dev friends let him take a peek at his Leopard dev box. Being the good Mac person Sebastiaan is, he decided to look at some security enhancements in both the server and client version of Leopard. If you want all the gory details check out his post, but briefly Leopard offers much more granular control of what sort of network traffic you allow to and from your Mac. Sebastiaan also mentions the end of Input Managers, though he thinks it is a good thing (and it is, from strictly an OS security standpoint). [via Digg]
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
michel said 10:28AM on 3-26-2007
"end of Input Managers" is _not_ a good thing.
it's to remove a standard plugin way in the Text input of applications.
in stricto-senso, you should to REMOVE EVERY way to run binaries in the computer by the user or administrator to secure a computer!
remove Drivers, remove printers stuff, remove firefox plugins, remove aperture plugins, remove Flash, remove Javascript code in SAfari (what? you expect your internet navigator to be bug free of code injection?)
you can cripple your computer if you want and stop to do things with it
a saner way would be to prevent easy download of binary/executable files.
Reply
michel said 10:28AM on 3-26-2007
"end of Input Managers" is _not_ a good thing.
it's to remove a standard plugin way in the Text input of applications.
in stricto-senso, you should to REMOVE EVERY way to run binaries in the computer by the user or administrator to secure a computer!
remove Drivers, remove printers stuff, remove firefox plugins, remove aperture plugins, remove Flash, remove Javascript code in SAfari (what? you expect your internet navigator to be bug free of code injection?)
you can cripple your computer if you want and stop to do things with it
a saner way would be to prevent easy download of binary/executable files.
Reply
ars_workerbee said 10:52AM on 3-26-2007
that firewall thing is NOT NEW.
I've been posting this everywhere I've seen this reported, including the comments on his post. its identical to the firewall prefs on tiger server.
see: http://tinypic.com/fullsize.php?pic=46y3kw2
Reply
Peter Payne said 11:10AM on 3-26-2007
No Saft? I am not amused. Unless they're going to put 75% or more of the functionality of Saft into the browser, I may have some thinking to do. I've not heard of problems stemming from this, why don't they avoid fixing what doesn't need to be fixed?
P.S. Why, oh why, does your blog software refuse to let my browser remember the password? Remember Me does not ever work for me in Safari.
Reply
anon said 9:18PM on 3-26-2007
Stop pissing yourselves!
The "end of Input Managers" simply means that the option is OFF by defult but can be turned on if you so choose. You will be met with a single warning about the hazards of having it on, but that is it
Obviously, though less savy in computing (IE: those who don't understand about basic cmputer security) probably aren't using Input Managers anyway.
Honestly, with the Input manager being the most vulenerable point of malware access on the Mac is itany wonder Apple would FINALLY do this? And is it really that much of a hazard to have to enable it? BTW, good quality Input Managers like Saft will probably check to see if this option is on and enable for you during installation (assuming you provide your Admin ID and password).
Reply
Sam said 10:26PM on 3-26-2007
Those that decry the loss of Saft for ad blocking really bug me. I mean, you get the world at your fingertips-- millions of pages of content-- for free, all in exchange for letting a few ads appear to the side of your content. But that's too much to pay? Then don't visit those sites! You freeloaders need to get some perspective.
Reply