Apple's Mountain Lion to offer automatic security updates
It was revealed on Monday that Apple's upcoming OS X Mountain Lion will feature an automatic security check feature that will ensure users have the most up-to-date software protection amid a growing number of Mac-targeted malware.
An update to the Mountain Lion Developer Preview shows a new automated system that runs a daily check with Apple's servers to make sure OS X 10.8 users have the most current security patches and protections against known malware and viruses.
Called "OS X Security Update Test 1.0," the automated feature will run either daily or whenever a Mac restarts and has the ability to download and install updates in the background, making the task of manually performing checks less of a necessity.
The new feature also creates a "more secure connection" to Apple's servers possibly hinting to new encryption technology or more stringent default settings. Also included are the usual stability and general updates for the operating system set for launch in July.
Apple is making security a priority in the next iteration of OS X to counter new threats that continue to crop up as Macs gain a larger user base. In April the highly-publicized Flashback trojan used a Java exploit to spread onto an estimated 600,000 Macs around the world prompting Apple to release both a Java disabler for Safari and a standalone malware uninstaller.
Mountain Lion Developer Preview 4 Security Update loading screen.
In a related action, Apple notedly toned down the language of its OS X webpage, changing the statement that the Mac "doesn't get PC viruses" to "It's built to be safe."
Coming exactly one week after OS X Mountain Lion Developer Preview 4 was released, the new Security Update is available through the Mac App Store and comes in at 1.15 GB.
An update to the Mountain Lion Developer Preview shows a new automated system that runs a daily check with Apple's servers to make sure OS X 10.8 users have the most current security patches and protections against known malware and viruses.
Called "OS X Security Update Test 1.0," the automated feature will run either daily or whenever a Mac restarts and has the ability to download and install updates in the background, making the task of manually performing checks less of a necessity.
The new feature also creates a "more secure connection" to Apple's servers possibly hinting to new encryption technology or more stringent default settings. Also included are the usual stability and general updates for the operating system set for launch in July.
Apple is making security a priority in the next iteration of OS X to counter new threats that continue to crop up as Macs gain a larger user base. In April the highly-publicized Flashback trojan used a Java exploit to spread onto an estimated 600,000 Macs around the world prompting Apple to release both a Java disabler for Safari and a standalone malware uninstaller.
Mountain Lion Developer Preview 4 Security Update loading screen.
In a related action, Apple notedly toned down the language of its OS X webpage, changing the statement that the Mac "doesn't get PC viruses" to "It's built to be safe."
Coming exactly one week after OS X Mountain Lion Developer Preview 4 was released, the new Security Update is available through the Mac App Store and comes in at 1.15 GB.
Comments
The multicolored moire is very trippy, but is this a professional looking photo?
With all due respect, hire a goddamned photographer, AI.
Quote:
Originally Posted by JerrySwitched26
The multicolored moire is very trippy, but is this a professional looking photo?
With all due respect, hire a goddamned photographer, AI.
As soon as you pay your Apple Insider membership fees.
Where is the thumbs down button........
Quote:
Originally Posted by elroth
As soon as you pay your Apple Insider membership fees.
Bwahahaha. Touché
2) I wish the Software Updater would list the size of the update before I click Update. I wasn't expecting 1.16GB which tells me there are many large changes being made to the system.
Agreed. Hopefully they'll return the filesize to a pre-click viewable item.
The description mentions it also made changes to the system as a whole, but I only know of it doing a delta update to Mail (had to "update my inbox" again).
Quote:
Originally Posted by SolipsismX
1) Interesting that this comes on the heels of the new wording about Mac security.
2) I wish the Software Updater would list the size of the update before I click Update. I wasn't expecting 1.16GB which tells me there are many large changes being made to the system.
Did you do the update via the App store?
If you do, it lists the update, a short description, file size, etc...
Most of that 1.16GB is probably just a list of all the known viruses coming on the MAC OS X system.
So I've been reliably told...
<snigger>
????
Quote:
Originally Posted by GTR
Naw. Just hit PrntScrn. The screenshot will be on the clipboard.
Connie, I'm not sure what world you live in or in what world you think we live, but…
Quote:
Originally Posted by JerrySwitched26
Naw. Just hit PrntScrn. The screenshot will be on the clipboard.
I'd hate to be the bearer of bad tidings, but you just went and posted something silly.
Sarcasm: It's not for everybody.
Time to switch to a different username again to avoid embarrassment?
Apple offers a Software Update control panel within the Mac App Store for automatic download and installation of Apple system software updates.
Apple provides a clear indication when installing software from third party sources on the Internet. Apple requires an administrator password when installing software unless the software is signed and installed from the Mac App Store although the Mac App Store requires the Apple iTunes username and password to purchase software.
Java Runtime (OpenJDK Project for Java on Mac OS X updates available from Oracle) and Adobe Flash (updates available from Adobe) are no longer bundled applications beginning with Mac OS X 10.7 Lion. The removal of Adobe Flash and Java Runtime remove a large number of potential exploits.
Application Sandboxing (Safari, for example, has now been divided into two processes that separate the browser's user interface and other functions from the part that parses JavaScript, images, and other web content) prevents applications from executing code in other applications.
Apple maintains a non-published list of possibly fraudulent websites which may optionally be used for warning users when visiting such websites. Apple Safari provides an option to block all website cookies, allow cookies only from visited websites or allow all cookies. Beginning with OS X 10.8 Mountain Lion, Safari provides an option to deny website from accessing location services, prompting once each day or prompting once only. Apple Safari provides a "Do Not Track" option for compliant websites. Further privacy and security features and functions are provided via third party Safari extensions.
Apple Keychain allows users to save passwords and textual data encrypted in protected keychains. Apple Safari allows users to save usernames and passwords to visited websites.
For applications that a user may download from an unknown source Apple OS X 10.7 Lion offers file quarantine with malware detection to prevent code execution and determine if the file is a known threat.
In order to avoid the potential for users accidentally downloading and installing malicious software Apple introduced the Mac App Store in Mac OS X 10.7 Lion to provide a curated application (cursory review) purchasing experience with signed code. Apple extends the Mac App Store in OS X 10.8 Mountain Lion by introducing Gatekeeper which is an option to prevent installation of apps not from the Mac App Store and non-signed code.
In the unlikely event that an application is able to execute malicious code, Apple provides Address Space Layout Randomization (ASLR) including heap, stack, and dynamic linker which randomly arranges the positions of key data areas by obscuring memory addresses. Address Space Layout Randomization is valuable because attempting to inject code into an incorrect memory address will cause errors in the malicious code.
Apple OS X 10.7 Lion provides disk encryption for the entire disk (rather than only users' home folders) at the block level using XTS-AES 128 encryption. Encryption of external USB and FireWire drives is supported. Apple enables the administrator to designate a number of user accounts authorized to decrypt the system disk. A recovery key as well as Instant Wipe which removes the encryption key from your Mac instantaneously, making the data completely inaccessible are provided. Once the encryption key is erased, the Mac performs an entire wipe of the data from the disk.
If all else fails, Apple provides a Recovery Partition which was introduced in Mac OS X 10.7 Lion to allow users to easily restore their computer. Apple Time Machine provides an intuitive user interface for backup so users can restore corrupted data from a storage device. Apple Time Capsule integrates with Time Machine very well although third party solutions are also supported.
Apple provides a Secure Guest Account (an account that the system erases and resets at logout) for allowance of temporary use by authorized persons.
Apple OS X 10.8 Mountain Lion introduces Application level Privacy settings including Location Services to avoid unauthorized disclosure of personal information to legitimate applications which may not require invasive disclosure of personal information.
Apple provides extremely robust Parental Controls, allowing parents to; limit usage per day, limit which hours used per day, limit websites, limit applications and more.
Yet, Apple OS X 10.7 Lion is still the most most secure commercial operating system in widespread use.
The comment that noted the download size is right on. Many users are on Cell networks or satellite with limited monthly bandwidth. Users need to know the size before doing the install process. Many users have turned off the download in background feature since it will make them go over limit without knowing until to late.
My employer's policies require that we only install software from an internal source. I have an Apple Update server running which meets our requirments.
So will Apples new update architecture support the existing Software Update Server infrastructure, or did our friends in Cupertino blow us up?