OS X Exploits and Defense (Paperback)

by David Harley (Author, Editor)
Key Phrases: login window, dual protection, security tools, Malicious Macs, Vulnerable Executable, Microsoft Office (more...)

Editorial Reviews

Book Description
Long believed to be a sanctuary of computer security, the Macintosh OS X operating system is increasingly under fire, making it as vulnerable to attack as Windows or Linux operating systems.

Product Description
Threats to Macintosh's OS X operating system are increasing in sophistication and number. Whether it is the exploitation of an increasing number of holes, use of rootkits for post compromise concealment or distributed denial of service, knowing how the system is vulnerable and how to defend it is critical to computer security. This book brings all this information together, providing a solid basis to help you succeed in protecting your organization from risk.

* Cuts through the hype with a serious discussion of the security
vulnerabilities of the Mac OS X operating system
* Reveals techniques by which OS X can be "owned"
* Details procedures to defeat these techniques
* Offers a sober look at emerging threats and trends

See all Editorial Reviews

Product Details

• Paperback: 400 pages
• Publisher: Syngress (April 25, 2008)
• Language: English
• ISBN-10: 159749254X
• ISBN-13: 978-1597492546
• Product Dimensions: 9.1 x 7.5 x 1 inches
• Shipping Weight: 1 pounds (View shipping rates and policies)
• Average Customer Review: 1.7 out of 5 stars See all reviews (3 customer reviews)
• Amazon.com Sales Rank: #1,348,054 in Books (See Bestsellers in Books)

Customer Reviews

Most Helpful Customer Reviews

5 of 5 people found the following review helpful:

2.0 out of 5 stars Disorganized and lacking depth, June 21, 2008

By	James F. Cerra (Pittsburgh, PA, USA) - See all my reviews (REAL NAME)

OS X Exploits and Defense suffers from a number of problems. The organization is totally random. Each author's chapters are unrelated to the others, and there's no real progression. The description of the book seems to be more advanced, targeted at people who write exploits and do system level hardening, but the actual content is mostly beginner-oriented. The writing is poor and in need of some good editing and proofreading.

Here's a description of the first 5 chapters.
Chapter 1:
Macintosh OS X Boot Process and Forensic Software.
2 pages of introduction. 2 pages of describing the boot process, which mainly consists of "There is this thing called EFI and xnu, and here are some keys that you can press during boot to do stuff". It mentions that you can boot off a CD to reset the password, but doesn't mention setting a firmware password. 10 pages describing third party forensic software, which didn't really seem to have any relation to booting, so why are they in the same chapter?

Chapter 2: Past and current threats
A few pages on how some people think OS 9 was invincible, but it really isn't. A few pages on how buffer overflows are exploitable on OS 9, and demonstrating an overflow (but not an exploit) in Eudora for OS 9. First, who cares about OS 9? Second, of course buffer overflows are exploitable on OS 9. Why would anyone devote any time to this?

The chapter moves on to OS X, which is a lot more interesting. It describes some old vulnerabilities. Then there are sections on Unicode exploits, exploiting PowerPC binaries on Intel, and exploiting Wine-based Windows applications. All are interesting and relatively novel, although they are light on explanation and heavy on uncommented gdb output. There is some discussion of tricks that malware can use to hide itself, and some discussion of exploit techniques. Aside from the OS 9 content, this whole chapter was good.

Chapter 3: Malicious Macs: Malware and the Mac
It describes different types of malware, and specific instances of malware that have been targeted at old versions of Mac OS, as well as Mac OS X. It devotes a lot of time to arguing that malware can affect Mac OS X, and has. Which is true, but to any security-minded reader that should already be obvious, so I don't know what the point is. We all know idiot Mac users who think they're invincible, but they don't read books like this.

Chapter 4: Malware detection and the Mac
There's some discussion of whether or not anti-malware software is needed on the Mac, a brief discussion of malware detection techniques, and an overview of some available anti-malware software. All of this is fine, but it's at a low technical level suitable for an end user trying to decide what anti-virus program to buy. It doesn't fit with the book's marketed demographic.

Chapter 5: Mac OS X for Pen Testers
This chapter covers:
Running Terminal, running perl, installing and using CPAN, X11, compiling open source programs, an overview of open source security programs. There's a 6 page section on how to build Wireshark. The intended audience for this is again at a very rudimentary skill level.

This book's main problem is that it lacks focus, which might have something to do with the fact that it has 5 authors. It's all over the place in terms of the topics, and the intended audience. I think there are some people who might like any given chapter, but few who would want to read the whole thing. And there is very little content in the book that is novel, that you couldn't find just by Googling. I have higher hopes for "The Mac Hacker's Handbook" by Charles Miller and Dino Dai Zovi, which hasn't been released yet, so we'll see.

3 of 3 people found the following review helpful:

1.0 out of 5 stars not recommended, August 8, 2008

By	D. Stamerjohann "headmin.com" (germany) - See all my reviews (REAL NAME)

I ordered this one too fast, few days later first reviews were available and like them I can't recommend this book. too fragmented information without structure, looses the focus of other books covering same topics, its more a bunch of stories and scenarios around apple macs in history

2.0 out of 5 stars not ready for publishing, April 28, 2009

By	Allan McCoy - See all my reviews

Some good info, but not well edited and more than a little dated in places.