Apple exposing Mac OS X Lion to security experts for review

In the article "Miller predicted Lion would incorporate full ASLR (Address Space Layout Randomization), a security technique that puts important data in unpredictable locations, making it harder to target known weaknesses."

That's a really interesting idea. I wonder if it means a "rolling" type of storage, periodically moving the data to different locations, sort of like a garage door opener that constantly changes the code?

ryck

You might take a look at this Wikipedia article on ASLR.According to the article OS X introduced at least a partial implementation of ASLR in OS X 10.5.

Even if it's just at a different place every reboot, that'd be sufficient.

Inside Mac OS X 10.7 Lion: File Vault full disk encryption and cloud key storage

I shudder to think, how many panic stricken requests for information on breaking the disk encryption key or password this is going to generate. Not to mention the screams of anguish when they are told there is no recovery from the lost password other than erase and install.

Will it really be much worse than it is now?

Losing your entire volume is not all that much worse than losing your home folder, is it?

And still the 'cognoscenti' insist that Mac OS X is better than OS 9?! For shame!
I ain't got none of those problems. And I like it. +
Aah, the cave is so deep and dark and warm ....

I have OS X and don't have the problems either. Those problems occur only if you use FileVault. If you don't use it, the issue is moot.

Some day we're going to have to duke it out on the Hudson or, preferably, on Lake George, my preferred stamping grounds.

And afterwards a nice single malt at the Airport Inn (if indeed it still exists).

I don't use FileVault either, so no problems here, either.

Lake George sounds great, but only during "flats" season.

Depends on how you use your computer, I reckon. I actually keep very little in my home folder; I store most of my data on the top level of the hard drive.

One big difference I can see for folks who use their home folders as they ought is applications. If you lose access to your home folder, you lose your data; if you lose access to the entire disk, you lose your data and your apps. (Well, assuming you don't have backups. But everyone keeps good backups, right? Right?)

I generally don't recommend FileVault for most folks. It's really only useful for people who have data with significant economic, legal, industrial, or military value, or folks with legally regulated data like health records. (I also don't keep my banking password in my Keychain, so take that for what it's worth.) The only time I've ever used FileVault is when I went on vacation overseas, because I didn't want customs pawing through my iPhoto library when I came back, which they sometimes do.

I wouldn't have guessed that of Tacit! Bad Tacit! That went out with OS 9!

Heh. Old habits die hard.

To me, I don't see a lot of compelling reason to use my home folder as opposed to any place else. I'm the only person who uses this computer, and I ted to stick stuff wherever it's convenient, which is usually the top level of the internal hard drive. (I have several external USB hard drives for this machine as well.)

My iPhoto library is in my home folder, because that's where iPhoto stashes it by default, so using FileVault on my home folder was sufficient for going through customs. But everything else? *shrug*

> Depends on how you use your computer, I reckon. I actually keep very little in my home folder; I store most of my data on the top level of the hard drive.

Of course... When I posed the question I was thinking of my own setup, in which everything important (except my iPhoto stash), including my 3rd party apps, is on a separate partition.