Apple Seeking Rigorous Mac OS X Lion Security Review
Apple is yielding the floor to various security experts for the sole purpose of looking into the company's Mac OS X 10.7 Lion. This marks the first known occasion in which Apple has paraded its new software to anyone outside of its immediate community of developers. It has been confirmed that Apple is, indeed, inviting no shortage of esteemed security researchers to thoroughly scrutinize the security strengths - and weaknesses - in Mac OS X 10.7 Lion.
"I wanted to let you know that I've requested that you be invited to the prerelease seed of Mac OS X Lion, and you should receive an invitation soon," the letter from Apple read. It isn't known how many security researchers received the note in question. "As you have reported Mac OS X security issues in the past," the letter continues, "I thought that you might be interested in taking a look at this. It contains several improvements in the area of security countermeasures."
In response to the letter, software security guru Dino Dai Zovi tweeted: "Will Lion be the 'Vista' of Mac OS X? In the sense that they start taking security seriously, not the sense that nobody wants to use it."
Security analyst Charlie Miller, who has previously helped expose security weaknesses to Apple, received the letter. Miller says he anticipates Lion employing Address Space Layout Randomization (ASLR),a security mechanism that helps thwart software modification/hacking by randomizing the location of important data. Snow Leopard's current use of ASLR is minimal and restricted to libraries. Apple's iOS 4.3 is widely anticipated to deploy ASLR - a development that will make jailbreaking a wee bit more cumbersome.
, Apple Insider