After reading Roughly Drafted's recent article on the iPhone SDK's code signing requirements, I began to think about how this might be applied to Mac OS X. Then, I remembered the new Application Firewall in Mac OS X 10.5 (Leopard).
Starting with 10.5, Mac OS X is able to differentiate between signed and unsigned applications and can provide different levels of access to each. This functionality is exposed now in the new application firewall. A related feature is obvious, when Leopard warns you the first time you run a downloaded application.
Here's Where Things Get Interesting
The same system of code signing used by Apple for the iPhone could be applied directly to the Mac too. And the same system of iTunes distribution could be used for the whole application or simply for purchasing and delivering license codes. Optionally, Apple's existing "Software Update" system could be used to delivery the actual application files.
What if Apple decided to take this next step in computer security to maintain it's lead over Microsoft. They could implement a partially optional code signing system for Mac OS X. Signed apps would have full security privileges. Unsigned apps might generate a warning similar to a recently downloaded application until silenced. Or at the user's option, unsigned applications might not be allowed to run, or might be heavily restricted.
This would make it virtually impossible for trojans and most malware to get installed. And if the warning for unsigned apps repeated (say, daily, weekly, or monthly), it might effectively disable some malware simply by repeatedly asking for permission.
Apple can restrict the security privileges of their own software so that even exploits based on buffer overflows or other issues can be limited to specific security rights in a "sandbox". And a third party application's signature could limit it in the same manner.
I think this could be an elegant way to extend security without creating too much additional user inconvenience.
Leopard Application Firewall background at Geek Precis:
Apple Links:
Subscribe to:
Post Comments (Atom)
