On Friday, October 26, Apple released the latest version of their operating system, entitled Leopard.

Leopard, OSX 10.5, contains a whopping 300 new features and updates to keep Mac users happy at least until Apple comes up with yet another great upgrade to their OS. Before you get too excited and think about how cool an upgrade can be with that many new features, just look at the list and you’ll see that most of them are not really groundbreaking. Still, there are several noteworthy changes and new “killer apps” that make this update well worth your money. To me, the most important are the significant improvements to security.

If you’ve been paying any attention at all to the news about Leopard, you’ll know about Time Machine. Time Machine is a groundbreaking new backup/restore system that is sure to take the hassle out of backing up your system. IT and Security experts have been extolling the necessity for backing up your PCs since the beginning of time (pun intended), and until now, the backup/restore process has been rather cumbersome. Apple has revolutionized the way we do backup one look at the Time Machine presentation on the guided tour video available on their website will make a believer out of everyone. Take the time to watch the video by visiting,
Time Machine

I’d like to devote the rest of this article however, to the little-known security features that Apple has snuck in to Leopard with modest fanfare. Perhaps the most important security update in Leopard is one you will never notice. Who will notice though, is the bad guys, the hackers, the virus writers and other evil-doers. This new “feature”, Library Randomization, was written into the code of the operating system to prevent buffer overflows. I will spare you the details of what a buffer overflow is, save for explaining that it is the main cause of what makes viruses and most computer exploits possible. By making it more difficult for hackers to take advantage of weaknesses in the code, Apple has taken large steps in strengthening its reputation as a more stable environment than Windows. Security researchers and experts are already hailing this new feature as a serious obstacle for new classes of attacks (which, even before Leopard, have been rather unsuccessful).

Another similar “under the hood” security feature is Sandboxing, which is a technique of restricting specific applications so they are unable to perform certain kinds of actions—like limiting which files they can touch, the other applications with which they can communicate, or what they can do on the network. Some applications will always be at a higher risk than others for compromise, and sandboxing helps prevent those applications from being used to take over other parts of your system. Certain attacks that were previously successful against the Mac OS in the past (at least as proofs of concept) are now ineffective.

Combine these features with notable improvements such as a more robust firewall, an enhanced Keychain, wireless encryption status right from the menu bar, a guest account that purges itself entirely after the guest user logs out (genius!), stronger VPN functionality and better parental controls, and we’ve got one helluva great OS update.

What Apple has done from a security standpoint is create an operating system where security enhancements are built in, and more or less transparent to the user. Which is the exact opposite of what Microsoft has done with Vista, where the security features are completely in-your-face, and intrusive to the user. One more step ahead for Apple: Leopard is a winner. Microsoft now has even more work to do to catch up.