Pingie: HTTP:: Famous Hacker on Snow Leopard Security

HTTP:: Famous Hacker on Snow Leopard Security
--------
In computing, Address Space Layout Randomization, or ASLR, is a function that randomly assigns data to the memory to make it more difficult for hackers to locate the critical operating system functions. Charlie Miller of Baltimore-based Independent Security Evaluators and hacker-extraordinaire claims to have found disappointment in Apple’s lack of improving ASLR in Snow Leopard. "Apple didn't change anything. It's the exact same ASLR as in Leopard, which means it's not very good. I hoped Snow Leopard would do full ASLR, but it doesn't. I don't understand why they didn't. But Apple missed an opportunity with Snow Leopard. Apple did make various moves to improve Mac OS X 10.6's security including a revamp of QuickTime and additions to Data Execution Prevention (DEP), a security feature built in to Windows Vista." "Having both ASLR and DEP in an operating system makes it much more difficult for attackers to create working code," Miller argued. "If you don't have either, or !
just one of the two [ASLR or DEP], you can still exploit bugs, but with both, it's much, much harder. Snow Leopard's more secure than Leopard, but it's not as secure as Vista or Windows 7," he said. "When Apple has both [in place], that's when I'll stop complaining about Apple's security." Hackers’ low interest in the Mac...
--------
http://news.softpedia.com/news/Famous-Hacker-on-Snow-Leopard-Security-122116.shtml
--------
This e-mail was sent by Experiment23 Inc., located in New York, NY
10163. To not receive further e-mails, please visit
http://help.pingie.com