Mac OS Security Cameron Schnur

About This Presentation

Title:

Mac OS Security Cameron Schnur

Description:

No firewall or network security ... A user could also simply use a boot disk to gain access to unencrypted files on the hard drive ... – PowerPoint PPT presentation

Number of Views:63

Avg rating:3.0/5.0

Slides: 22

Provided by: csSte

Category:

more less

Transcript and Presenter's Notes

Title: Mac OS Security Cameron Schnur

1
Mac OS SecurityCameron Schnur
2
Overview

Lisa OS
System 7
OS9
OSX

3
Lisa OS Security

No firewall or network security
Individual files could be given simple
password-protection users would have to enter
the password in order to gain access to the files

4
Serialization in Lisa OS

Program disks had a kind of protection in Lisa
OS serialization
When you installed a program from a disk, Lisa OS
would write the serial number of your Lisa
machine to that disk
Once a serial number had been written to a disk,
that disk could not be used on other Lisa
machines.

5
System 7 PowerTalk Keychain

Powertalk allowed you to send emails and messages
to other Powertalk/System 7 users.
It introduced the keychain, which would store
all of a user's PowerTalk passwords in an
encrypted file on the hard drive.
The Keychain concept would evolve and be used in
later versions of Mac OS

6
System 7 - File-Sharing

System 7 included a file-sharing server, allowing
users to share files over the AppleTalk network
First Mac OS to feature personal file sharing
This introduced security issues...

7
System 7 Securing file-sharing

Users could simply turn off the file-sharing
ability to limit access
System 7 also included a Users and Groups
control, which allowed users to selectively give
file access to different network users and groups.

8
System 7 File Permissions...

Users could set four types of permissions for a
folder
See folders
See files
Modify files
Modify folders

9
Mac OS 9 - Keychain

Mac OS 9 had a version of the Keychain software
that was independent from PowerTalk, and could
store passwords for other applications as well.
By this time, password managers were no longer
unique, and there were many pieces of third-party
software that used thembut Keychain was unique
in that it was the first to be a part of the
Operating System.

10
Mac OS Issues with third-party security programs

When prompted for a password, a user could just
quit the security application with command
option escape
A user could also hold the shift key on startup
to disable programs like the security program
from ever opening
A user could also simply use a boot disk to gain
access to unencrypted files on the hard drive

11
OS 9 Multiple Users

OS 9 introduced the ability to have multiple
users accounts on Mac OS.
Although turned off by default, this feature
would allow users to protect access to their
computer by adding a password to their user
account, and solved the problems related to using
third-party security solutions.

12
OS 9 Apple File Security

Mac OS 9 shipped with a program called Apple File
Security, which could be used to encrypt single
files
Used a 56-bit encryption key
Couldn't encrypt entire drives, directories, or
system files.

13
Apple File Security Keychain

By default, the passwords for files encrypted
with Apple File Security would be added to a
user's Keychain.
This would give users a cheap way to have large
portions of their files encrypted, but accessible
with one password.

14
OS X - Keychain

OS X also included a version of the Keychain
prgoram
Now, in addition to passwords, the Keychain could
store private keys, certificates, and notes
This allows Keychain to function not only as a
file manager, but also as encrypted filespace
accessible by a single password

15
OS X - Data Encryption

In versions 10.3 and up, the FileVault
application encrypts a user's home directory
using 128-bit AES encryption
Can't specify which parts of drive to encrypt
only the entire home directory
Filevault turned off by default

16
OS X Encryption Continued

In version 10.3, an application called Disk
Utility was added
Disk Utility allowed users to create encrypted
disk images using 128-bit ASE
Unlike Windows or UNIX, you can't encrypt your
entire drive

17
OS X - Firewall

First version of OS X had no firewall
Beginning with version 10.2, OS X used a version
of the open-source IPFW firewall used by many
UNIX systems
OS X's Firewall is turned off by default

18
Off by default??

Although Mac OS X has more security features than
any previous Mac OS, most of them are still
turned off by default
The average user has no idea that he or she needs
to turn on file encryption or a firewall

19
Conclusion

Lisa OS Simple Password-Protection
System 7 Introduced Keychain and protected
file-sharing
OS 9 Added file encryption via Apple File
Security
OS X Added Firewall and improved encryption

20
Sources

http//members.safe-t.net/jwalker/programming/lisa
Legacy/
http//db.tidbits.com/article/05625
http//www.microsoft.com/technet/prodtechnol/windo
ws2000serv/reskit/intwork/incf_mac_rclh.mspx?mfrt
rue
http//en.wikipedia.org/wiki/Disk_Utility
http//en.wikipedia.org/wiki/Comparison_of_operati
ng_systems
http//en.wikipedia.org/wiki/Apple_Keychain
http//docs.info.apple.com/article.html?artnum135
84collap
http//en.wikipedia.org/wiki/Apple_Open_Collaborat
ion_Environment
http//homepage.mac.com/agerson/examples/keychain/
http//docs.info.apple.com/article.html?artnum604
87collcp
http//kb.iu.edu/data/airy.html
http//kb.iu.edu/data/adqd.html
http//kb.iu.edu/data/aiqv.html
http//www.user-groups.net/showker/encryption.html
http//www.jmu.edu/computing/mac/osxfirewall.shtml
http//en.wikipedia.org/wiki/Ipfirewall
http//docs.info.apple.com/article.html?pathMac/1
0.4/en/mh1042.html
http//www.macintouch.com/m90_security.html
http//en.wikipedia.org/wiki/FileVault