Famous Hacker on Snow Leopard Security

In computing, Address Space Layout Randomization, or ASLR, is a function that randomly assigns data to the memory to make it more difficult for hackers to locate the critical operating system functions. Charlie Miller of Baltimore-based Independent Security Evaluators and hacker-extraordinaire claims to have found disappointment in Apple’s lack of improving ASLR in Snow Leopard.

"Apple didn't change anything. It's the exact same ASLR as in Leopard, which means it's not very good. I hoped Snow Leopard would do full ASLR, but it doesn't. I don't understand why they didn't. But Apple missed an opportunity with Snow Leopard. Apple did make various moves to improve Mac OS X 10.6's security including a revamp of QuickTime and additions to Data Execution Prevention (DEP), a security feature built in to Windows Vista."

"Having both ASLR and DEP in an operating system makes it much more difficult for attackers to create working code," Miller argued. "If you don't have either, or just one of the two [ASLR or DEP], you can still exploit bugs, but with both, it's much, much harder. Snow Leopard's more secure than Leopard, but it's not as secure as Vista or Windows 7," he said. "When Apple has both [in place], that's when I'll stop complaining about Apple's security."

Hackers’ low interest in the Mac OS X platform is probably the main reason why Apple does not spend resources in beefing up the security of its software, even though it does have a built-in antivirus.

"It's harder to write exploits for Windows than the Mac," Miller added, "but all you see are Windows exploits. That's because if [the hacker] can hit 90% of the machines out there, that's all he's gonna do. It's not worth him nearly doubling his work just to get that last 10%."

"I still think you're pretty safe [on a Mac]," Miller said, according to NeoWin. "I wouldn't recommend antivirus on the Mac." Ironically, Apple does (for enhanced protection).