If you are an advanced user looking for additional information about the Leopard I would suggest that you check out the Security Configuration guide for Mac OS X 10.5 (Leoapard.) You can log onto the Apple website and download Mac OS X Security Configuration it’s in PDF form.
When I finished printing out my copy, I had the chance to skim through the book. First off, it’s obvious that this was written for the advanced user. In order to take advantage of the Leopard Security Guide you need to be an experienced Mac user who is familiar with the MAC OS X user interface, and has experience using the Terminal application’s command-line interface.
If you flip to the About This Guide Page it states…
“Some instructions in this guide are complex, and deviation could cause serious adverse effects on the computer and its security,” Apple said in the guide’s introduction. “These instructions should only be used by experienced Mac OS X users, and should be followed by thorough testing.
The Leopard Security Configuration is chock full of useful information and covers numerous topics. I’ve listed a few below.
- Introduction to Mac OS X Security Architecture
- Securing the system administrator account
- Using open directory
- How to encrypt data
- How to use Secure Erase
- How to avoid secure fast user switching
- How to protect your data while using Apple applications
I’ve listed a handful of the topics that are discussed. The guide has 13 chapters total and is 240 pages. I’ll be reading my copy over the next few days.
Leopard has received a massive amount of security updates along with the handy feature that marks downloaded applications to protect it against Trojan horses. If you remember last week Apple released a Leopard security update that included a large amount of stability, compatibility, and security improvements and enhancements.
Although iCal received 8 fixes the 3 iCal bugs that were discovered by Rodrigo Carvalho who works for the Core Security Consulting Services Team at Core Security Technologies were not fixed. It has been reported that Apple repeatedly asked them to not release its findings. However Core Security Chief Technology Officer Ivan Arce said at the time the company felt that it could not wait for Apple to address this issue.
Apple has been receiving a lot of attention recently (Its Mac sales were up by 50% in April) companies like Core have been paying a lot of attention to it.
Mike Davis analyst for Ovum said this in it Straight Talk Bulletin…
“The fact that OS X is now on the radar of both the security vendors and the bad guys indicates that the OS has become a ‘worthy’ target.”
If you are like myself and haven’t upgraded all your Macs to Leopard (I will eventually) you can download OS X 10.4 the Tiger Security Guide or if you are using OS X 10.3 you can download the Panther security guide.