Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Apple OS X 10.8 (Mountain Lion) released

Published: 2012-07-25
Last Updated: 2012-07-25 14:41:33 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

You probably saw by now that Apple unleashed Mountain Lion earlier today. If you are lucky to make it past the overloaded App store, you may already be installing it. But some of you may not be as daring, and there are some reasons to be cautious like with any major update like this. OS X includes some interesting new security features:

One important feature, Gatekeeper, implements iOS like restrictions to install software. This feature may be turned off by an administrator, but you should consider leaving it on by default. It will prevent users from installing unauthorized software. Just like in iOS, the software has to be signed by a valid Apple developer certificate. Further, you can limit software to be installed from the app store only. In OS X Lion, the command line utility "spctl" can be used to test this feature. Mountain Lion added a GUI configuration tool to the standard OS X settings dialog. Also see our prior diary about this tool [1].

The "Roaring Apps" website maintains a pretty good list of Mountain Lion compatible applications [2]. Most security tools I use appear to be compatible (Sophos Anti Virus, Kaspersky Anti Virus, Little Snitch, 1Password...). But note that RoaringApps.com is crowd sourced. To make sure, you should check the software publisher's website.

OS X 10.8 also includes a password safe feature, and improved privacy controls. For details, see Apple's list of security features [3].

Make sure to first update ALL software on your system. Various vendors released Mountain Lion specific updates as late as today. 

Of course, backups are always a good idea, but I assume you got that covered ;-)

[1] http://isc.sans.edu/diary.html?storyid=12631
[2] http://roaringapps.com/
[3] http://www.apple.com/osx/what-is/security.html

 

 

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

0 comment(s)
Diary Archives