Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Lion Released - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Lion Released

Those of you that are Apple users will no doubt have noticed a few updates to Safari, but more importantly an update to the Snow Leopard O/S.  Lion is out today. A few of us are Apple users and are in the process of installing/updating the product already.

Unlike previous upgrades this one is delivered digitally through the App store on the Mac. A 3.7GB update, so you will likely want to download it when connected to something cheaper than your 3G card.

No real major issues have been identified so far, but then it is early days.  One change is that Rosetta is no longer installed, so some older applications may no longer work.  In other words Lion is not fully backwards compatible with things that you might be running. 

Over the next few days if there is anything of significance to report one of the handlers we'll let you know. As always if you have anything to add feel free to comment or contacts us.

UPDATE:

The install was pretty seamless and straight forward. Little snitch is one of my favourite apps and needed to be updated. The rest of the apps on the machine still seem to be working.  I guess I'll find out tomorrow when it has its first work day.  One thing that was a smidge irritating is the two finger swipe you use to scroll. It now defaults to "natural" which feels completely backwards as the reverse to what you were used to under snow leopard.  A quick trip to system preferences fixed that.  

The Release notes make mention of two main security features Address space Layout Randomisation (ASLR). Something that has been available in a number of operating systems for a while makes it way to the MAC.  By randomising the memory locations where key data is stored it should make it a little bit more difficult to do things like buffer overflows.  The second feature is probably a bit more useful which is application sandboxing. Applications are in a contained environment and are prevented from doing "evil" things.  How effective these two measures are I guess we will see in the weeks to come as more people have a play with the product.  The updates to Safari also mean that web pages and browser based applications are sandboxed.  

-- Mark --

 

Mark

391 Posts
ISC Handler
We are hearing reports of issues with java based network extender software for SSL VPN. In theory the Lion should prompt to install Java as its not included but it doesnt appear to do it in all cases.
Raymond

14 Posts
After upgrade AGAdminService process was spiking CPU to over 100%. The executable is located in /usr/sbin/ and belongs to the Citrix Access Gateway Plug-in. Even after uninstalling the plugin with the official uninstaller, the process would still continue to load at startup. Process would respawn itself when killed. I had to rename the executable and then kill the process. That finally solved the issue. Best of luck to everyone else who jumped in the pool today.
Raymond
1 Posts
Lion Breaks Time Machine NASes - http://www.smallnetbuilder.com/nas/nas-news/31540-lion-breaks-time-machine-nases
I confirm the issue with a LaCie Nas device.
k4l4m4r1s

7 Posts

Sign Up for Free or Log In to start participating in the conversation!