Filed under: Analysis / Opinion, OS, Security, Leopard
Secure Your Mac: What's new in Leopard security?
Mac users everywhere are salivating over the approaching release of Leopard (this humble blogger counts himself amongst that number). We all know about the flashy new additions to the OS that Leopard will bring, but what about security?
Apple has a whole section detailing the new security features in Leopard on their huge list of 300+ features to be found in the new OS. The highlights from the security list are:
- Tagging downloaded Apps: This feature seems to be what Microsoft was trying to do with Vista. The first time you launch a downloaded app Leopard will ask you if you really want to run this app and display from whence this app came (so if you see it was downloaded for a wacky URL you can cancel launching it).
- Application specific firewall: You can set the firewall to allow or refuse connections per app.
- Library Randomization: Places system libraries in randomly assigned memory addresses.
Interesting there are a few other security enhancements scattered about some other areas of Leopard:
- Custom access privileges for shared folders: Leopard lets you share folders, which you can do now, but also makes it easy to assign differing levels of access per shared folder. You can also use your contacts in Address Book to control access.
- Airport Menu: The Airport Menu now tells you if the WiFi networks you're connecting to is secured. The more you know, kids, the more you know.
- Activity Logging: This feature is both a little creepy, and secure! The best kind, if you ask me. Part of the new set of Parental Controls, though I assume you can use this to track folks other than kids, Activity Logging will log what websites a user visits, who chats with them, what apps are used, and saves a transcript of any chats.
- Guest Log-In Accounts: Right at this moment you can create a guest account with limited permissions, so any of your friends can use your Mac without having unfettered access to your documents. Leopard has a built in feature that allows you to create Guest Accounts which purge their contents when your guest logs out. The Desktop won't be cluttered with files, Mail won't have someone else's setting waiting, and people won't come to think of the Guest Account as 'their account.'
Did I miss anything? Sound off in the comments.
Get a WordPress.com Blog
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
Jaemon said 4:44PM on 10-17-2007
Signed applications. vnice feature to ensure that the app Pages is actually the one that is part of the iWork package that Apple sels ;)
Reply
mds said 4:49PM on 10-17-2007
Any FileVault-related improvements?
Reply
Jt Hollister said 4:46PM on 10-17-2007
Sweet! Wonder what kind of stuff's going on behind the scenes that makes it so difficult to make a virus for Mac. I'm not a coder though, so I probably wouldn't understand it if I was told.
Anyway, sweet, the world's most secure OS is even more secure. Thanks for sharing, especially the ones that weren't listed in security in "the 300"
Reply
K said 5:04PM on 10-17-2007
@ 3- 256k AES encryption for creating disk images with encryption :)
Reply
Aaron said 5:15PM on 10-17-2007
Please tell me I'll be able to turn off the tagging thing for downloaded apps. I know what I'm doing, I don't need warning messages babysitting me.
Reply
Justin said 5:22PM on 10-17-2007
Don't forget app sandboxing. :)
Reply
magu said 5:52PM on 10-17-2007
SMB packet signing, anyone?
Finally my days of using ADmitMac are over (hopefully).
Reply
Orbberius said 5:45PM on 10-17-2007
Looks like Cupertino's been using their photocopiers.
Reply
ipodrulz said 5:45PM on 10-17-2007
So now we have to go through like 3 confirmations before we launch an app?.. and then everytime an app needs access we'll be alerted?.. isn't that kinda annoying.. and Vista like?..
Reply
Blair said 5:50PM on 10-17-2007
How about something they removed:
The ability to lock your screen from the menubar. Lame.
Reply
Jeffrey Erlich said 6:53PM on 12-11-2007
Just set one of the mouse corners to start the screen-saver (and of course, turn on the option to lock the screen-saver).
It really isn't hard.
Luigi193 said 6:15PM on 10-17-2007
Your firewall can block outgoing communications???
No need for little snitch!!! The new interface sucks.
Reply
Jumbo Bob said 11:05PM on 10-17-2007
I'm excited they support WPA at the login prompt. We have 168 macbooks that can't be logged into by students because macbooks don't connect to the wireless network until AFTER login. Internet Connect says it can export your 802.1x configuration to the login, but it doesn't. We've had to use our older Windows Laptops because they've supported this for years.
Reply
Chris said 8:43PM on 10-17-2007
Wow, they finally made the jump and added padlocks in the Airport menu. This has seemed obvious/been annoying for how long?
Reply
Gscotti said 8:02AM on 10-18-2007
Anyone knows more details about accessing remote shares through the Internet? Will it work on both endpoints behind NAT?
Reply
Kevin Ginger said 11:29AM on 10-18-2007
will 'Custom access privileges for shared folders' make sharing an iPhoto Library amongst different User accounts easier?
Reply