Chapter

Security Quick-Start

Authors:
Charles Edge
Charles Edge
Charles Edge
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Daniel O’Donnell
Daniel O’Donnell
Daniel O’Donnell
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Download citation
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

Ready to start securing your Mac? Let’s get right into it. Keep in mind that this chapter is meant to be a quick-and-dirty start to securing your Mac, for the “I don’t have time to dive into the nitty-gritty, I need to get my Mac secured right away” readers. This chapter will give you just the basics to get your Mac secure quickly, and although it will leave you with a fairly secure system, it’s not as comprehensive as the subsequent chapters, where we’ll fine-tune your Mac’s settings. For a more thorough understanding of OS X security and the tools you can use to secure your Mac, we urge you to continue reading beyond the basics. Beginning in Chapter 2, you’ll be introduced to all the other intricacies surrounding securing the Mac OS, diving deeper into the larger concepts of what is covered here in this quick-start.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

State of the Sandbox: Investigating macOS Application Security
Conference Paper
  • Nov 2019
Sandboxing is a way to deliberately restrict applications accessing resources that they do not need to function properly. Sandboxing is intended to limit the effect of potential exploits and to mitigate overreach to personal data. Since June 1, 2012, sandboxing is a mandatory requirement for apps distributed through the Mac App Store (MAS). In addition, Apple has made it easier for developers to specify sandbox entitlements - capabilities that allow the app to access certain resources. However, sandboxing is still optional for macOS apps distributed outside Apple's official app store. This paper provides two contributions. First, the sandbox mechanism of macOS is analyzed and a critical sandbox-bypass is identified. Second, the general adoption of the sandbox mechanism, as well as app-specific sandbox configurations are evaluated. For that purpose all 8366 free apps of the MAS, making 25 % of all apps available on the MAS, as well as 4672 apps retrieved from MacUpdate (MU), a third-party app store, were analyzed dynamically. The dataset is over eight times larger than the second biggest study of macOS apps. It is shown that more than 94 % of apps on the MAS are sandboxed. However, more than 89 % of apps distributed through MU do not make use of sandboxing, putting users' data at risk.
View
ResearchGate has not been able to resolve any references for this publication.