Wednesday, July 20, 2011

OS X Lion Security Features

I, like many others, installed OS X Lion today. It took about half an hour to download, and another half hour to install. The only issue I noticed was a permissions problem with BOINC. A BOINC reinstall fixed that.

From a security point of view there are a number of features worth noting:

  • Application sandboxing for apps purchased through the App Store. Sandboxing limits apps interaction with the system. Of course there are a lot of other places besides the App Store to get OS X apps, but it is a start.
  • Lion joins Windows and Linux by completing the implementation of Address Space Layout Randomization (ASLR). ASLR makes it harder for exploit writers by making it difficult to predict where application components will load in memory.
  • Filevault now supports full disk encryption, an instant disk wipe capability and encryption of external devices. Filevault can also be used to encrypt backups.

Those are the big ones, but there are a bunch more security and privacy features in the file sharing, screen sharing, and Safari that are also worth a look.

Posted by at No comments:
Labels: ,

Tuesday, July 19, 2011

Wanna spread your knowledge?

I think it is time to revive this concept! Originally Regina Whitehats was my vehicle to promote security in Regina and surrounding area. That idea met with limited success, but did get small amount of momentum. Since then security in Saskatchewan has grown and we are blessed with some very smart security practitioners. Maybe now is is the time to turn this knowledge outward?

I am willing to open this blog up to other writers. If you are a Saskatchewan based security practitioner and you would like to spread your security knowledge to the world, please contact me. Ideally I would like a dozen bloggers who would like to promote themselves and Saskatchewan's security knowledge to the world.

Posted by at No comments:
Labels: , , , ,

B-Sides SK anyone?

We haven't had a good security conference in the SK in a while...so let's make one! Anybody interested in helping (organizing, speaking, sponsoring, etc.) with a Security B-Sides event in Regina please contact me. I would like to try and roll one up for spring.

For those of you not familiar with the Security B-Sides concept here is their website with an explanation.

Posted by at No comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)