How Encrypted Binaries Work In Mac OS X 365
An anonymous reader writes "By now we know that OS X uses encrypted binaries for some critical apps like Dock, Finder and LoginWindow. Amit Singh explains the implementation of this protection scheme which makes use of the AES crypto algorithm and a special memory pager in Mach. The so called Do Not Steal Mac OS X (DSMOS) kernel extension helps along the way by decrypting things for the special pager when apps get executed. A funny thing is that if you print the pointer at address 0xFFFF1600 in your own app you get as output Apple's karma poem for crackers! According to the article there are 8 protected binaries in OSX including Rosetta and Spotlight meta data demon. Interestingly Apple's window server is NOT one of those."
It sure was simpler back in the day! (Score:5, Interesting)
http://www.folklore.org/StoryView.py?project=Maci
History repeating!
why bother? (Score:4, Interesting)
Re:Signed binaries = good, encrypted binaries = ba (Score:3, Interesting)
I think a patent was just filed for this kind of technology.
DRM binaries eliminate competition (Score:3, Interesting)
and would I guess that they are planning to, but letting Apple pull it first, as Apple can get away with it.
Microsoft: "Apple used DRM music first, so locking everyone into our music player with DRM/Encrypted-Music is no worse".
Microsoft: "Apple used DRM binaries first, so locking everyone into our OS and Applications with DRM/Encrypted-Binaries is no worse".
Re:Mac Zealot Moderator Alert (Score:3, Interesting)
Re:Signed binaries = good, encrypted binaries = ba (Score:3, Interesting)
Re:Love mac - hate some of the choices (Score:4, Interesting)
"Critical real estate on the menu bar"? Exactly how big is your Spotlight icon? Mine is less than half the size of my little fingernail on my 12" iBook, as big across as the menu bar is thick. I hardly call that "critical" but if that's your opinion, then so be it.
Re:Love mac - hate some of the choices (Score:2, Interesting)
"Critical real estate on the menu bar"? Exactly how big is your Spotlight icon? Mine is less than half the size of my little fingernail on my 12" iBook, as big across as the menu bar is thick. I hardly call that "critical" but if that's your opinion, then so be it.
Maybe he's talking about placement. Corners are considered critical because the user can flick the mouse to them without having to get angle or distance right. Although, you can also set your mac to use these "critical" corners for expose, like I do. Then you always end up accidentally activating things when you try to click on corner icons. Doh!
Re:Love mac - hate some of the choices (Score:3, Interesting)
The grandparent poster is aware of this, and would apparently like to populate it with something that they would utilize more than spotlight. Frankly, I agree, as I tend to key command to spotlight anyhow, then always bring up the window because I want to see the file path, not open the file.
Now, so that you understand why it is infinitely large:
Close your eyes. Move your mouse to the top and right. Give it enough movement to reach it and click. Open your eyes. You will have the spotlight menu open. (Unless you are not in Tiger, then you will have whatever is in the top-right corner)
Repeat this exercise, choosing different starting positions and different lengths of movement. Notice that you always end up on top of the Spotlight menu. (Unless you under-hit it, which is irrelevant because you don't have a penalty if you over shoot it.)
This is the reason the Mac menu bars are at the top- You only have to aim on the x axis, not the y. It is also why contextual menus are handy (you don't have to aim to get to where your cursor is _right now_).
Re:Signed binaries = good, encrypted binaries = ba (Score:3, Interesting)
Ethical way to dump Apple's hardware requirements? (Score:3, Interesting)
How about buying a Thinkpad and a Mac mini Core Duo, destroying the mini, and running that licensed copy of OS X on the Thinkpad?
Probably still illegal, but should be on firm ethical ground. Apple got their money, and I'm not running the OS on two machines.
Apparently the pages are actually encrypted (Score:3, Interesting)
So, I'm not sure what this actually accomplishes - I mean, it prevents you from easily disassembling binary, but how does it prevent you from running on non-Apple hardware?
Maybe the key is physically burned on some chip in the hardware?
Is this really a "feature"? (Score:3, Interesting)
I think Linux does the same thing, although I haven't checked. Somehow, this just feels wrong to me. If it's not a valid binary, and doesn't start with #!, why not just fail? Why keep trying?
Re:Signed binaries = good, encrypted binaries = ba (Score:3, Interesting)
It's worth pointing out that reverse engineering and disassembling/decompiling are not the same thing. The latter might be useful for helping with the former, but the law doesn't say that anybody is required to make sure reverse engineering will be easy. It just says that that you're allowed to do it for various reasons. Nor do I think anyone has an ethical responsibility to make reverse engineering easy. In fact, if you're looking to reverse engineer something it's probably in your best interests to not disassemble any Apple binaries, since you'll want to be staying on the safe side of copyright law. This is why the Wine folks down't want anybody who has seen the source code to Windows getting involved in their project. Similarly, both AMD and Intel would probably think twice before hiring somebody who has worked on the other company's chip designs.