Gast
2007-10-23, 19:08:11
How Leopard Will Improve Your Security: http://db.tidbits.com/article/9251
- Time Machine basiert auf CIA (Confidentiality, Integrity, and Availability)
- Library Randomization (also known generically as Memory Randomization and as Address Space Layout Randomization in Windows Vista)
- Identifying and Defanging Evil Apps
- Application signing
- Sandboxing
weiteres
- The Mac OS X firewall, based on the open source ipfw program, has been improved and now includes the capability to block network access to individual applications. I've heard rumors that Apple's default firewall rules are no longer user accessible, which would be a major step backwards, but letting the firewall control individual applications is a long-desired feature for us security geeks.
- The Keychain has been enhanced to manage multiple user certificates for email encryption and digital signatures better, which will be welcome for those of us with multiple email accounts.
- Encrypted disk images now use 256-bit keys instead of 128-bit keys (much more than twice as strong), and although I don't know anyone who can break a 128-bit key, thanks to the way AES functions, performance should be essentially unaffected.
- Native VPN support has been updated
- Windows SMB packet signing is now available
- more granular access control lists
- guest account
- see the encryption status of wireless networks right from the menu bar
- improved parental controls that include Web filters, activity monitoring, and even a built-in filter for Wikipedia
- DTrace and a new instrumentation interface
- Input Managers?
- Time Machine basiert auf CIA (Confidentiality, Integrity, and Availability)
- Library Randomization (also known generically as Memory Randomization and as Address Space Layout Randomization in Windows Vista)
- Identifying and Defanging Evil Apps
- Application signing
- Sandboxing
weiteres
- The Mac OS X firewall, based on the open source ipfw program, has been improved and now includes the capability to block network access to individual applications. I've heard rumors that Apple's default firewall rules are no longer user accessible, which would be a major step backwards, but letting the firewall control individual applications is a long-desired feature for us security geeks.
- The Keychain has been enhanced to manage multiple user certificates for email encryption and digital signatures better, which will be welcome for those of us with multiple email accounts.
- Encrypted disk images now use 256-bit keys instead of 128-bit keys (much more than twice as strong), and although I don't know anyone who can break a 128-bit key, thanks to the way AES functions, performance should be essentially unaffected.
- Native VPN support has been updated
- Windows SMB packet signing is now available
- more granular access control lists
- guest account
- see the encryption status of wireless networks right from the menu bar
- improved parental controls that include Web filters, activity monitoring, and even a built-in filter for Wikipedia
- DTrace and a new instrumentation interface
- Input Managers?