10.6.3 is Imminent…Maybe the Malware’s Not Far Behind?

It looks like we’re getting close to the official release of 10.6.3, the latest update to Mac OS X Snow Leopard — and, from what we’re hearing on the developer grapevine, it might prove to be the most extensive Snow Leopard (s aapl) update yet.

TUAW reported on Friday that the latest build of 10.6.3 (known as 10D572, for those of you paying obsessively-close attention) was seeded to developers only two days after a previous build. Typically, ever-shortening intervals between build seeds indicates imminent release to the public. TUAW describes the latest build as focusing on “Graphics Drivers, Quicktime, Images & Photos, Mail, and Security Certificates.”

Oh, what’s that? Want more details? OK, here’s the full rundown of features and fixes we can expect in 10.6.3;

  • Compatibility issues with OpenGL-based applications
  • Performance improvements for 64-bit Logic
  • Changes to QuickTime X that increase reliability and improve compatibility and security
  • Printing reliability and compatibility with third-party printers
  • Issues resolved that prevented files from copying to Windows shares
  • Issues resolved with recurring events in iCal when connected to an Exchange server
  • Issues resolved that prevented files with the “#” or “&” symbols in their names from opening in Rosetta
  • Issues addressed that caused background message colors to display incorrectly in Mail when scrolling
  • Issue resolved that caused machines using BTMM and the Bonjour Sleep Proxy to wake unexpectedly

OK, as far as lists go, this one’s not not very exciting, I know. But, what if you fired-up Software Update and were offered the latest pre-release version of 10.6.3? Would that excite you?

Update Snafu

According to TUAW’s Michael Grothaus, this is exactly what happened to one Mac owner last week. They don’t name him, probably to save him the email-avalanche from other Mac owners — not to mention the inevitable Cease & Desist order from Apple (you just know Apple would bully the poor chap into silence, right?) but they do offer up this tantalizing screengrab of the autoupdate snafu:

Image courtesy of TUAW

Grothaus writes that the update “…weighs in at a whopping 1.19GB” and, at that size, I’m happy to wait until Apple has finished tweaking (and trimming) the code!


But the thing I’m most interested in is whether 10.6.3 addresses the alleged boat-load of security exploits identified by hacker extraordinaire and security expert Charlie Miller. At this week’s CanSecWest security conference, Miller will discuss how he discovered them (all 20 of them) via a process known as ‘fuzzing’. His presentation is subtitled “An analysis of fuzzing 4 products with 5 lines of Python” and, according to security website, those 4 products are all made by Apple;

In cracking competitions, it is regularly the Apple systems which are cracked first by attackers. Miller has argued for some time that Mac OS X is among the comparatively insecure operating systems. Apple users are currently “safer, but less secure.

“Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town.”

Miller said that the 20 exploits are all contained in closed-source Apple products, but pointed out that exploits could be found throughout Mac OS X due to bugs in many popular applications from different vendors;

OS X has a large attack surface consisting of open source components (i.e. webkit, libz, etc), closed source 3rd party components (Flash), and closed source Apple components (Preview, mdnsresponder, etc). Bugs in any of these types of components can lead to remote compromise.

Sooner, Not Later

It seems not a keynote goes by without Steve Jobs showing us one of his shareholder-and-media-friendly line charts illustrating Macintosh sales. You know the ones, always trending up-and-to-the-right. Apple is clearly proud the Mac is selling better than ever (in a conference call in late 2009, Apple announced that, for 19 out of the previous 20 quarters, the Mac grew faster than the rest of the market!)

Statements from Apple regarding sales are always kinda tricky; they’re usually vague enough to allow pretty much any positive interpretation but, for the most part, we can at least agree that the Mac has been enjoying fantastic growth. The old days of ‘security by obscurity’ are drawing to a close. Sooner, not later, Mac-specific malware will come. (You know, the real malware of Windows-exploit proportions!)

Miller says that “… in their minds, [Mac owners] don’t have a security problem until it affects their bottom line, which hasn’t been the case, yet.” And that ‘yet’ is the real issue here. Mac OS X 10.6.3 probably addresses some vulnerabilities — we can expect at least that much — but I wonder how obsessively Apple focuses on the security of its venerable OS, and, whatever its actual efforts, is it enough? Can Apple do what Microsoft (s msft) still struggles to produce; a user-friendly, user-proof OS that isn’t riddled with vulnerabilities?

Every update to Mac OS X reminds me that the days of security-indifference amongst Mac owners are well and truly numbered.

Tell me I’m worried for no good reason, or scream at me and call me a moron for not already using security software, in the comments below.