How Sandboxing may not be the answer for Mac OS X…

Will Shipley discuss how Sandboxing may not be the security bandaid that Apple is promoting it to be…

The Mac needs to be as secure as the iPhone. The good news is Apple already has the tools. The bad news is they are forcing developers to use the wrong ones.

There are three primary ways Apple increases security of applications running on the Mac and the iPhone: Sandboxing, Code Auditing, and Certification. While all these are incrementally valuable, none is perfect on its own.

The problem Mac developers are facing is that the two that Apple is enforcing on the Mac App Store (Sandboxing and Code Auditing) are implemented currently to be actively bad for developers and not particularly good for users. And the method that would provide the most benefit for developers and users (Certification) isnâ€™t enforced broadly enough to be useful.

Real Security in Mac OS X Requires Apple-Signed Certificates.

The Matrix Data Bank

Messages from a far away land in the constellation of Kasterborous

How Sandboxing may not be the answer for Mac OS X…

Related