How about some proof reading. First you say it doesn't have ASLR, then quote Miller saying it "has the exact same ASLR as in Leopard". Snow Leopard has ASLR, it's just not the best implementation of ASLR.One key point is that Snow Leopard still doesn't have ASLR, or address space layout randomization, which randomly arranges the position of key data making it harder for hackers to target for exploits.
Miller said to TechWorld that Apple didn't change the ASLR from 10.5 to 10.6: "Apple didn't change anything. It's the exact same ASLR as in Leopard, which means it's not very good."
[citation][nom]JonathanDeane[/nom]I wonder why people think ASLR is unimportant? To me it seems like just one more layer of security.... I like extra layers when it comes to security and if it does not impose any significant performance loss then why not? To argue against extra security is crazy on any platform.[/citation]It is good as an extra layer, and Mac OS X has it, just not a really good implementation of ASLR. No one I've seen is arguing against ASLR, only pointing out that ASLR isn't really a security feature. It's an obfuscation feature intended to make it more difficult to successfully develop certain types of exploits if/when you do find a security hole.
[citation][nom]otacon72[/nom]It's not that difficult to understand if you really think about it. What does every computer system that has anything important on it run? Some version of Windows. You don't see the CIA's servers running Mac OS. Just using that as a broad example. Do you see your local bank running Mac OS? Police department? and so on and so on. The reason why Mac OS is so "secure" is because it doesn't run on any computer system people want to see/steal data from. If the Pentagon switched to Mac OS...how lon do you think it would take before "hackers" had penetrated it? I use "" because there are very few true hackers left out there.[/citation]Actually, the CIA, NSA, NASA, Pentagon/DoD, and many other branches of government do use Macs. Macs are not the only platform they use, nor even the dominant one, but they do use them, even in some environments that require high security. You might want to do some research before posting baseless rants.