Trusted Computing for Mac OS X

Posted in Hardware Security, Operating Systems and Application Security by Dragan Pleskonjic @ Nov 15, 2006

A “trusted computing” module (TPM) was found in Intel-based Apple computers, but the reason for it is unknown. Amit Singh, a member of Google’s technical staff, discusses the existence of the chip in his book, “Mac OS X Internals: A Systems Approach,” in which he also writes that there is no way for Apple’s Mac OS X to directly make use of the TPM; no DRM or similar restrictions are linked to the chip. “The TPM is an opt-in feature,” said Singh. “Apple can’t turn it on–nobody can, other than the user.” The TPM is a single chip that is made up of a random number generator, a small memory chip, and a low-power processor, plus a few other parts. It has no influence on the system due to a lack drivers that are aware of it in either the computer’s OS or its firmware. While it is possible for users to make use of the TPM, Singh’s best guess is that the chip is simply part of the motherboard package from Intel. Ross Anderson, a professor of security engineering at the Computer Laboratory at the University of Cambridge, does not believe that the TPM would be included without reason. Based on “software economics” and “Apple’s traditional business model,” he suggests “future use of the TPM, whether in OS X 10.5, 10.6 or later,” or “use directly by application software vendors, e.g. in Office 2007.” Anderson has been very critical of past trusted computing efforts, linking them to attempted, strict DRM restrictions, such as the prevention of the copying of purchased media files or the playing of a CD on more than one computer.

Sources: ACM TechNews, eWeek.

Read full chapter from Amit Singh’s book here.

Sphere: Related Content

New Wireless Driver Exploits

Posted in Wireless Security by Dragan Pleskonjic @ Nov 15, 2006

In recent post on this blog, I wrote about critical bugs in wireless drivers. Here is what Joshua Wright has to say at wifisec group at securityfocus.com:

This is only the beginning of what will likely be a rash of vulnerabilities in drivers that allows an attacker to remotely compromise systems, regardless of the authentication or encryption mechanism used.

This article is about a Broadcom vulnerability (https://www.wirelessve.org/entries/show/WVE-2006-0071), and the WVE has recorded several others as well.

- -Josh

Interesting development of situation. We certainly should follow on this topic.

Sphere: Related Content

The Mac OS X Threat Landscape

Posted in Operating Systems and Application Security by Dragan Pleskonjic @ Nov 15, 2006

Recently Symantec published its Version 2 of The Mac OS X Threat Landscape: An Overview research report. This is probably the most in-depth analysis of Mac OS X security available publicly. It’s a worthwhile read.

Document can be found in SecurityFocus’ download section (here).

Sphere: Related Content

Security: Internet Explorer 7 vs. Firefox 2.0

Posted in Operating Systems and Application Security by Dragan Pleskonjic @ Nov 15, 2006

Which one is more secure: Internet Explorer 7 vs. Firefox 2.0. In his blog posted on ZDNet and titled “Internet Explorer 7 vs. Firefox 2.0: It’s all about security (actually, lack thereof)“, David Berlind concludes:

This will of course re-open the debate of what’s more secure: commercially developed software or open source? So, there’s no time like the present to get a head start.

You can read article and vote here.

Here are results at moment of writting this post:

- Neither. It’s a stupid debate to be having. Both are programmed by humans and it could be either one depending on which app we’re talking about. (67%)
- Open source (27%)
- Commercially developed (6%)

Total Votes: 825

Sphere: Related Content

Spy Version of Wikipedia

Posted in General, Security by Dragan Pleskonjic @ Nov 15, 2006

Interesting article on Yahoo News:

The U.S. intelligence community on Tuesday unveiled its own secretive version of Wikipedia, saying the popular online encyclopedia format known for its openness is key to the future of American espionage.

The office of U.S. intelligence czar John Negroponte announced Intellipedia, which allows intelligence analysts and other officials to collaboratively add and edit content on the government’s classified Intelink Web much like its more famous namesake on the World Wide Web.

Read full article here.

Sphere: Related Content