Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Apple OS X 10.8 (Mountain Lion) released - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Apple OS X 10.8 (Mountain Lion) released

You probably saw by now that Apple unleashed Mountain Lion earlier today. If you are lucky to make it past the overloaded App store, you may already be installing it. But some of you may not be as daring, and there are some reasons to be cautious like with any major update like this. OS X includes some interesting new security features:

One important feature, Gatekeeper, implements iOS like restrictions to install software. This feature may be turned off by an administrator, but you should consider leaving it on by default. It will prevent users from installing unauthorized software. Just like in iOS, the software has to be signed by a valid Apple developer certificate. Further, you can limit software to be installed from the app store only. In OS X Lion, the command line utility "spctl" can be used to test this feature. Mountain Lion added a GUI configuration tool to the standard OS X settings dialog. Also see our prior diary about this tool [1].

The "Roaring Apps" website maintains a pretty good list of Mountain Lion compatible applications [2]. Most security tools I use appear to be compatible (Sophos Anti Virus, Kaspersky Anti Virus, Little Snitch, 1Password...). But note that RoaringApps.com is crowd sourced. To make sure, you should check the software publisher's website.

OS X 10.8 also includes a password safe feature, and improved privacy controls. For details, see Apple's list of security features [3].

Make sure to first update ALL software on your system. Various vendors released Mountain Lion specific updates as late as today. 

Of course, backups are always a good idea, but I assume you got that covered ;-)

[1] http://isc.sans.edu/diary.html?storyid=12631
[2] http://roaringapps.com/
[3] http://www.apple.com/osx/what-is/security.html

 

 

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

I will be teaching next: Defending Web Applications Security Essentials - SANS Security West 2019

Johannes

3509 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!