Darwin flaws survive in Apple's Mac OS X

A source-code audit of the open-source operating system from which Apple Computer borrowed much of the code for Mac OS X revealed four vulnerabilities of varying severity in Apple's software, a security company said Monday.

The flaws in Darwin affect Mac OS X version 10.3--dubbed Panther--and are caused by memory errors in the kernel, according to an advisory released by ImmunitySec, the security company that found the flaws.

"In terms of criticalness, this kind of bug mostly affects remote systems with multiple users," said David Aitel, founder and security consultant with ImmunitySec, adding that since Mac OS X is most often used on the desktop, the flaws will not be overly important on most people's systems.

The company originally found the flaws in June and published them to a private list of customers but did not notify Apple. It published the flaws on Monday, after presenting them at a seminar.

Apple confirmed that it had not been told of the flaws and said it was analyzing the vulnerabilities but would not elaborate.

ImmunitySec found the flaws by analyzing the publicly available source code of the Darwin operating system, which implements a variant of Unix known as BSD. Darwin forms the core of Apple's modern Mac OS X operating system, and the flaws found by the security company also affected Apple's operating system.

The flaws include a bug in Mac OS X's SearchFS function, several kernel memory overflows and a logic bug in the AT command, which is used to schedule tasks by the operating system.

[Dr Dude]

Waiting for a virus

I'm sure some enterprising young hacker out there would jump
on the chance to write the first virus for Mac OS X (why bother
being one of 70,000 on Windows). Of course there are all of
those other inherent security features to get past that MS
doesn't feel the need to include. May make the task somewhat
more difficult.

Anyone,,,anyone?

Which comes first the virus or the fix

I think it will take about as much time to write an effectivwe virus that takes advantage of these flaws as it will take apple to fix the flaw. Sure some people won't update there OS quickly and there for will be open to attacks but really what is the point. With only 3% market share surely there are more ugly, annoying, frustrating, larger bloatware of an OS to hack a WINDOW through that the Mac OS. Then again maybe that other Windoz based OS has had its share for a week and the virus writers have nothing better to do with there time so they might as well have a crack on Mac OS X. I for one don't care. I love my Mac and how it is set up but if I had to re-install then well that is a little fun too... Maybe I can be the first person to be infected :)

Borrowed?

Reading the article one gets the picture that Apple has borrowed code from an open source operating system called Darwin. This is incorrect. Apple has created Darwin and in practice is the only contributor to the Darwin kernel. This is almost like saying that Microsoft had borrowed code for it's Windows XP from an operating system known as Windows.

The Darwin kernel itself is a mixture of code created by Apple and borrowed code from the FreeBSD and Mach operating systems.

[herkamur]

Borrowed you say?

So, if the code is borrowed (from BSD), do they have to give it back?

Bordering on the criminal

What strikes me is that they have done nothing in the way of
alerting Apple prior to disclosing the flaws...

Why ?

Discovering flaws and disclosing them is knowningly disruptive
and is tantamount to hacking... A Crime.

Let them rot in jail.... Bastards.

Normal behaviour of people interested in the general IT safety of
the public ALWAYS notifies the vendor first.

Public knowledge...

The code, being publicly available and reviewed
is public knowledge. The flaw, being contained
in the code, is thus also public knowledge. The
fact that they point out its existence might be
a nuisance, but not actionable.

Further, both Apple and the public are
forewarned and able to take corrective measures
the second the things are brought to attention.

Anyone looking for the flaws could have found it
and no doubt other people knew about them prior.
Now everyone is aware of the issues and can take
measures to safeguard against exploitation or to
remedy them.

Pointing out a bug, along with a fix, is by no
measure equal to cracking a computer system.
Significant effort would still be required to
develop and exploit.

[ProjectGSX]

This report is obviously false.

Everyone knows that only Windows and Internet Explorer have security bugs. This report can't be true.

Ah, how sarcastic.

We know Apple has security falws. OTherwise they wouldn't release security updates. However, you have to look at the amount of attacks, and holes as a whole, to determine which is safer. 70,000+ viruses/worms/spy and adware for Windows, or the couple of dozen security flaws with OS X?

There's only been one script, in the underground which circulates with a cracked version of a piece of software, that IS indeed Malicious. However, it's a script for the unix terminal, and cannot propogate itself over email or network connections.

I'm about 99% sure that these hackers aren't targeting Windows for the sake of its installed user-base. It's targeting for unethical business practices and trying to show the public how useless that platform really is when it comes to protecting the people who pay for piece of mind.

[brasten]

There's a point that should be made...

This is actually an amazingly great thing. I'm a Mac user -- a recent switcher from Linux/Windows -- and I for one am excited by the fact that an independent group was able to audit the foundations of Apple's operating system for security holes. And when they discovered FOUR (I think it was... hardly a large amount)... they alerted the public.

Yes, the way they made the info public probably wasn't the best, and yes some Mac users are going to be offended that OS X has even one vulnerability... but this is a great example of potential upsides to basing software on open source.

Because Apple released the majority of their OS foundation to the public, someone was able to audit that code and discover a few issues that Apple was previously unaware of. This should be a positive note for OS X, not a negative one.

Darwin flaws survive in Apple's Mac OS X

It is irresponsible and I think it is even criminal on the part of
ImmunitySec not to inform Apple of the security issues in Darwin
before making them public. Particulary when they found them
more than 6 months ago.

[RideMan]

It's all about the headlines.

If the company had notified Apple when they found the
flaw, Apple might well have patched the flaw before the
company was ready to go public. Going public first lets
them say, "Hey look! We found a security flaw in the
'security flawless' OS-X!" and then all the tech writers and
Windows acolytes will give this ImmunitySec outfit several
acres of print space (hey, they got a headline on C|Net...).
If someone claims to find a security hole in OS-X, that's
news. If Apple already has the patch out before the news
breaks, well, that kind of takes the impact out of the
announcement, doesn't it?