Apple's Mountain Lion to offer automatic security updates

Installed pretty quickly for me, I kind of like the new look when receiving updates...

 

 

 

The multicolored moire is very trippy, but is this a professional looking photo?

 

With all due respect, hire a goddamned photographer, AI.

As soon as you pay your Apple Insider membership fees.

Edited by elroth - 6/25/12 at 4:31pm

Where is the thumbs down button........

 

Bwahahaha.  Touché :)

Every so often I think about trying to take a screenshot of something outside my user account because I've always wondered where those files go. Probably on Users/root/Desktop…

1) Interesting that this comes on the heels of the new wording about Mac security.

2) I wish the Software Updater would list the size of the update before I click Update. I wasn't expecting 1.16GB which tells me there are many large changes being made to the system.

Agreed. Hopefully they'll return the filesize to a pre-click viewable item.

The description mentions it also made changes to the system as a whole, but I only know of it doing a delta update to Mail (had to "update my inbox" again).

 

Did you do the update via the App store?

 

If you do, it lists the update, a short description, file size, etc...

 

Most of that 1.16GB is probably just a list of all the known viruses coming on the MAC OS X system.

 

So I've been reliably told...

 

<snigger>

Mine just listed the description and name until I hit Update and then it shows me the file size and progress in a bar to the right side.

😷

Apple insider membership fees are paid upfront everytime we visit this site & view all the pretty ad content. Like the iAd for Chase Bank… er… now a TNT advert… oh, wait, back to Chase again…

 

 

Naw.  Just hit PrntScrn.  The screenshot will be on the clipboard.

 

 

Connie, I'm not sure what world you live in or in what world you think we live, but…

 

I'd hate to be the bearer of bad tidings, but you just went and posted something silly.

 

Sarcasm: It's not for everybody.

 

Time to switch to a different username again to avoid embarrassment?

So, the most most secure commercial operating system in widespread use, Apple OS X 10.7 Lion, will be even more secure with release of the latest version.

Apple offers a Software Update control panel within the Mac App Store for automatic download and installation of Apple system software updates.

Apple provides a clear indication when installing software from third party sources on the Internet. Apple requires an administrator password when installing software unless the software is signed and installed from the Mac App Store although the Mac App Store requires the Apple iTunes username and password to purchase software.

Java Runtime (OpenJDK Project for Java on Mac OS X updates available from Oracle) and Adobe Flash (updates available from Adobe) are no longer bundled applications beginning with Mac OS X 10.7 Lion. The removal of Adobe Flash and Java Runtime remove a large number of potential exploits.

Application Sandboxing (Safari, for example, has now been divided into two processes that separate the browser's user interface and other functions from the part that parses JavaScript, images, and other web content) prevents applications from executing code in other applications.

Apple maintains a non-published list of possibly fraudulent websites which may optionally be used for warning users when visiting such websites. Apple Safari provides an option to block all website cookies, allow cookies only from visited websites or allow all cookies. Beginning with OS X 10.8 Mountain Lion, Safari provides an option to deny website from accessing location services, prompting once each day or prompting once only. Apple Safari provides a "Do Not Track" option for compliant websites. Further privacy and security features and functions are provided via third party Safari extensions.

Apple Keychain allows users to save passwords and textual data encrypted in protected keychains. Apple Safari allows users to save usernames and passwords to visited websites.

For applications that a user may download from an unknown source Apple OS X 10.7 Lion offers file quarantine with malware detection to prevent code execution and determine if the file is a known threat.

In order to avoid the potential for users accidentally downloading and installing malicious software Apple introduced the Mac App Store in Mac OS X 10.7 Lion to provide a curated application (cursory review) purchasing experience with signed code. Apple extends the Mac App Store in OS X 10.8 Mountain Lion by introducing Gatekeeper which is an option to prevent installation of apps not from the Mac App Store and non-signed code.

In the unlikely event that an application is able to execute malicious code, Apple provides Address Space Layout Randomization (ASLR) including heap, stack, and dynamic linker which randomly arranges the positions of key data areas by obscuring memory addresses. Address Space Layout Randomization is valuable because attempting to inject code into an incorrect memory address will cause errors in the malicious code.

Apple OS X 10.7 Lion provides disk encryption for the entire disk (rather than only users' home folders) at the block level using XTS-AES 128 encryption. Encryption of external USB and FireWire drives is supported. Apple enables the administrator to designate a number of user accounts authorized to decrypt the system disk. A recovery key as well as Instant Wipe which removes the encryption key from your Mac instantaneously, making the data completely inaccessible are provided. Once the encryption key is erased, the Mac performs an entire wipe of the data from the disk.

If all else fails, Apple provides a Recovery Partition which was introduced in Mac OS X 10.7 Lion to allow users to easily restore their computer. Apple Time Machine provides an intuitive user interface for backup so users can restore corrupted data from a storage device. Apple Time Capsule integrates with Time Machine very well although third party solutions are also supported.

Apple provides a Secure Guest Account (an account that the system erases and resets at logout) for allowance of temporary use by authorized persons.

Apple OS X 10.8 Mountain Lion introduces Application level Privacy settings including Location Services to avoid unauthorized disclosure of personal information to legitimate applications which may not require invasive disclosure of personal information.

Apple provides extremely robust Parental Controls, allowing parents to; limit usage per day, limit which hours used per day, limit websites, limit applications and more.
Edited by MacBook Pro - 6/26/12 at 3:59am

Good step in the right direction, now of they could only speed up the release time of the security updates that'd be something! What is it, 4-6 weeks on average after a security hole has been reported in the news before Apple tends to plug it?

Yet, Apple OS X 10.7 Lion is still the most most secure commercial operating system in widespread use.

The comment that noted the download size is right on. Many users are on Cell networks or satellite with limited monthly bandwidth. Users need to know the size before doing the install process. Many users have turned off the download in background feature since it will make them go over limit without knowing until to late.

My employer's policies require that we only install software from an internal source.  I have an Apple Update server running which meets our requirments.

 

So will Apples new update architecture support the existing Software Update Server infrastructure, or did our friends in Cupertino blow us up?

Really?!?

 

So that 600,000 strong Mac botnet was nothing to worry about.

 

There is much ridicule of MS and Windows users here, but as a percentage of computers the Flashback attack spread farther and wider than any Windows virus/worm/trojan in history.

 

Mac users have been complacent for too long. Apple has been complacent for too long.

 

 

All operating system patches are a double edged sword. In an effort to get updates out quickly mistakes will be made. Even when updates are done slowly and deliberately they can contain serious bugs and break 3rd party software. Firefox 13.0 is just the most recent high profile example of automatic updates pushing buggy software to millions of users, but I remember official updates from Microsoft and Apple that rendered machines virtually unusable.

 

So do you ignore the update and risk whatever the update addresses or do you install the update and find it prevents you from doing your job?

The choice isn't always clear.

When you make up numbers, anything is 'worrisome'.

And I'm sure they're sorry for allowing Java to even be installed in OS X.

Only 11.2% of users affected by the Flashback trojan were using Mac OS X 10.7 Lion with 28% of those users having not applied at least one update. In other words, we are talking about approximately 67,200 users of which 18, 816 had not applied at least one update. Therefore, the number of impacted users with updated systems (important since this story is regarding automatic security updates) on Mac OS X 10.7 Lion was 48,384 or approximately 0.0008% of all Mac users.

Furthermore, the comparison of a single instance of malicious software impacting users versus a plethora of malicious software impacting users is ridiculous.

As far as infected hosts as a percentage of possible hosts (which is a dubious claim at best) there has been malware which has been more prevalent and certainly many more damaging:

Melissa Virus
ILOVEYOU worm which, incidentally, caused $10 billion in damages
Code Red and Code Red II
Nimda virus
SQL Slammer (aka Sapphire) which, incidentally, caused $1 billion in damages
Michelangelo virus
Sasser virus
Sobig
MyDoom


Further notable, Java Runtime (OpenJDK Project for Java on Mac OS X updates available from Oracle) and Adobe Flash (updates available from Adobe) are no longer bundled applications beginning with Mac OS X 10.7 Lion. The removal of Adobe Flash and Java Runtime remove a large number of potential exploits.
Edited by MacBook Pro - 6/26/12 at 2:10pm

Note to self: Exploit automatic security update vulnerability in Mac OS Mountain Lion. Create security update to take information. End

 

 

The one where capturing screenshots "Just Works" is where I am.

 

No embarrassment whatsoever.    I was just pointing out that accomplishing the task is simple with the right tools.

 

Oh don't worry, we suspected that.

 

You'd have to be aware of what you did before feeling embarrassment and this obviously isn't the case here.

 

Please try and stay aware from any dangerous machinery for the rest of your life.

Sorry, Zazzles. If you are forced to open an application to access a screenshot, you're doing it wrong.

So when can we UNDO updates!? Can Mountain Lion do this? Something many have been asking for since, well, 10.0. Something that would rank higher on corporate requirements to start rolling OS X out for business users than almost any other feature Apple has made since 10.0 except the other security and system stability improvements. "oh just reinstall" doesn't fly in the business world. updates should be as easy to roll back as one click. Like on Windows. :/

Not in the slightest. 😠

OS X updates aren't typically destructive towards existing 3rd party software. Or am I missing something?

 

Overall, I'm pleased at this value adding feature. Beats the hell out of any Windows A/V software. Then again, they have a much larger whale to fry.