Apple’s implementation of a semi-new set of technologies collectively known as Gatekeeper in the upcoming Mountain Lion release of Mac OS X is set to give users better control of the security of the machines, specifically which apps are allowed to run. The Gatekeeper system will enable users to decide which apps they trust and then prevent pretty much anything else from running.
Apple has been criticized roundly by security researchers, users and others for a perceived lack of commitment to security, especially on the Mac platform. The company was slow to fully implement ASLR and DEP in OS X and in general remains quiet on security issues related to its products. However, it recently gave a preview of its Gatekeeper security technology to some industry folks, and the details that emerged look promising for Mac users.
The way that Gatekeeper works is fairly simple. It’s essentially a whitelist system, but with some modifications. The user can choose the locations from which he wants to trust apps, with the options being: Mac App Store only; App Store and identified developers; or anywhere. The idea is that once the user makes the decision about which apps he’s going to trust, the others will be untrusted by default and the user will have to explicitly give them permission to run.
The new system relies on a couple of key elements, specifically Apple’s review of the apps that go through the official Mac App Store, its requirement that all such apps be signed and the upcoming implementation of a developer ID program for Apple developers. The most restrictive setting in Gatekeeper–Mac App Store only–means that, by default, only apps that have been through the Apple review process and been signed by their developers can run on OS X. That’s a major shift in the way that software is treated.
The other feature of apps that come through the official app store is that, starting on March 1, all of them will have to be sandboxed, per Apple’s requirements. That additional layer of defense can prevent a vulnerability in one app from being used by an attacker to break out into the operating system itself or other apps.
“For the first time, we have a tool built into OS X to protect us — at least those of us who want or need it — from ourselves. Gatekeeper dramatically reduces the likelihood of Mac users, particularly those who don’t have the sophistication or knowledge necessary to make informed decisions, installing malicious applications,” Securosis analyst Rich Mogull, who previewed the Gatekeeper technology, wrote in an analysis on TidBITS last week.
Another important component of the Gatekeeper concept is the idea of developer IDs that are linked to certificates. Every app in the Mac App Store must be code-signed by its developer and so if a malicious app somehow sneaks through, Apple easily can trace it back to the developer.
As of yet, Macs haven’t been a serious target for malware, even though there have been some recent high-profile Trojans and crimeware kits built for the platform. However, that doesn’t mean attackers aren’t trying, and the introduction of Gatekeeper in Mountain Lion, which is in developer preview now, may be the first real acknowledgment of that by Apple.
“In the past, despite being a Mac fan, I’ve been pretty critical of how Apple handles a lot of security. While I still don’t agree with how they handle everything, I’ve noticed a massive change in the past 2 years. With Lion, Apple for the first time invited certain security researchers to evaluate pre-release software (albeit under NDA) without forcing them to pay for a Developer Program subscription. With Mountain Lion they pre-briefed an outside security type for the first time ever. They have hired a bunch of very smart and experienced security experts,” Mogull wrote in a blog post on the Securosis site.
“I believe Apple recognizes they aren’t the kid in the corner hanging out with all the artsy types any more. They know that the bottom line will be affected if users no longer feel safe on their products. So they are taking security much more seriously.
OS X Mountain Lion also includes some other security features to back up Gatekeeper, including the existing antimalware checks.”