Apple Announces Mac OS X Lion (10.7), Invites Security Researchers, and My First Impressions

On Thursday 24th February (Happy Birthday Steve), Apple released long-awaited updates to their Macbook Pro family, as well as a Developer Preview of Mac OS X 10.7, codenamed “Lion”. Now while new hardware is cool, I tend to be far more excited by Apple’s OS releases. I’ve been lucky enough to play with Lion, and while there are a few bugs (I’ve submitted bug reports), the new features and interface tweaks are already looking pretty good.

The interface is now a lot snappier, with a bit less time spent on ‘fading’ animations. I also get the impression that there have been improvements to the networking framework, as network activity seemed a bit faster than on my 10.6 box. Lion also now runs everything, including the kernel, in 64-bit mode by default. This would explain some of the speed improvements.

Hit the jump for key features, and security details.

Key Features

• Improved memory management and Resume: One of my favourite features. In Lion you no longer need to quit applications to regain memory resources. The OS will automatically ‘kill’ inactive processes in the background, and bring them back into memory as soon as the application becomes active again. The Resume functionality uses a similar principle so that when you restart your computer, all your applications will be just as they were before the reboot
• AutoSave and Auto-versioning: Applications which adopt these features will benefit from having files saved to disk automatically, giving users peace of mind that the document they have in front of them is always the latest version. The system will also keep track of changes within documents, allowing you to easily go back to a previous instance of a document
• AirDrop: Tired of connecting as a guest to someone’s computer on the network, just so you can put a file in their dropbox? AirDrop simplifies this by allowing you to simply drag files onto a local computer on the network. If the receiving user accepts, the files will be transferred directly into their Downloads folder.
• FileVault: Lion’s disk encryption has received a significant improvement, moving to the more secure XTS-AES 128 encryption, and allegedly performing disk-level encryption as opposed to using encrypted disk images. I’m hoping to test this out soon.
• An iOS-style application Launchpad. For those of us who have used Macs since pre-2000, this will be reminiscent of the original Launcher in Mac OS 8 and 9
• Ability to full-screen any compatible application
• Mission Control: a reworked Exposé that allows you to view your dashboard and any running applications
• Improved Mail.app, Safari 5, Address Book and iCal
• Many other improvements that aim to get rid of some deprecated UI elements

Security

Although all the security-specific details of Lion are yet to be discovered, it appears Apple is starting to take more of an interest in security as its OS becomes more popular. In a first for Apple, they’re actively soliciting security researchers for help in testing the operating system for security-specific bugs and vulnerabilities. Dino Dai Zovi and Charlie Miller are amongst the researchers invited to test Apple’s next-gen operating system.

Apple has invited me to look at the Lion developer preview. I won't be able to comment on it until its release, but hooray for free access!

— Dino A. Dai Zovi (@dinodaizovi) February 24, 2011

Many of us in the security industry use Macs as our primary systems thanks to the versatility, usability and robustness of OSX as an operating system. I’m hoping that security researchers will take this opportunity to jump into Lion with all guns blazing, and try to help Apple make Lion the most secure version of OSX to date.

Apart from an improved FileVault, the remaining details are unclear. I’m hoping Apple has fixed some security flaws such as those with ASLR. More to come.