So, the most most secure commercial operating system in widespread use, Apple OS X 10.7 Lion, will be even more secure with release of the latest version.
Apple offers a Software Update control panel within the Mac App Store for automatic download and installation of Apple system software updates.
Apple provides a clear indication when installing software from third party sources on the Internet. Apple requires an administrator password when installing software unless the software is signed and installed from the Mac App Store although the Mac App Store requires the Apple iTunes username and password to purchase software.
Java Runtime (OpenJDK Project for Java on Mac OS X updates available from Oracle) and Adobe Flash (updates available from Adobe) are no longer bundled applications beginning with Mac OS X 10.7 Lion. The removal of Adobe Flash and Java Runtime remove a large number of potential exploits.
Apple maintains a non-published list of possibly fraudulent websites which may optionally be used for warning users when visiting such websites. Apple Safari provides an option to block all website cookies, allow cookies only from visited websites or allow all cookies. Beginning with OS X 10.8 Mountain Lion, Safari provides an option to deny website from accessing location services, prompting once each day or prompting once only. Apple Safari provides a "Do Not Track" option for compliant websites. Further privacy and security features and functions are provided via third party Safari extensions.
Apple Keychain allows users to save passwords and textual data encrypted in protected keychains. Apple Safari allows users to save usernames and passwords to visited websites.
For applications that a user may download from an unknown source Apple OS X 10.7 Lion offers file quarantine with malware detection to prevent code execution and determine if the file is a known threat.
In order to avoid the potential for users accidentally downloading and installing malicious software Apple introduced the Mac App Store in Mac OS X 10.7 Lion to provide a curated application (cursory review) purchasing experience with signed code. Apple extends the Mac App Store in OS X 10.8 Mountain Lion by introducing Gatekeeper which is an option to prevent installation of apps not from the Mac App Store and non-signed code.
In the unlikely event that an application is able to execute malicious code, Apple provides Address Space Layout Randomization (ASLR) including heap, stack, and dynamic linker which randomly arranges the positions of key data areas by obscuring memory addresses. Address Space Layout Randomization is valuable because attempting to inject code into an incorrect memory address will cause errors in the malicious code.
Apple OS X 10.7 Lion provides disk encryption for the entire disk (rather than only users' home folders) at the block level using XTS-AES 128 encryption. Encryption of external USB and FireWire drives is supported. Apple enables the administrator to designate a number of user accounts authorized to decrypt the system disk. A recovery key as well as Instant Wipe which removes the encryption key from your Mac instantaneously, making the data completely inaccessible are provided. Once the encryption key is erased, the Mac performs an entire wipe of the data from the disk.
If all else fails, Apple provides a Recovery Partition which was introduced in Mac OS X 10.7 Lion to allow users to easily restore their computer. Apple Time Machine provides an intuitive user interface for backup so users can restore corrupted data from a storage device. Apple Time Capsule integrates with Time Machine very well although third party solutions are also supported.
Apple provides a Secure Guest Account (an account that the system erases and resets at logout) for allowance of temporary use by authorized persons.
Apple OS X 10.8 Mountain Lion introduces Application level Privacy settings including Location Services to avoid unauthorized disclosure of personal information to legitimate applications which may not require invasive disclosure of personal information.
Apple provides extremely robust Parental Controls, allowing parents to; limit usage per day, limit which hours used per day, limit websites, limit applications and more.
Edited by MacBook Pro - 6/26/12 at 3:59am