You probably saw by now that Apple unleashed Mountain Lion earlier today. If you are lucky to make it past the overloaded App store, you may already be installing it. But some of you may not be as daring, and there are some reasons to be cautious like with any major update like this. OS X includes some interesting new security features:
One important feature, Gatekeeper, implements iOS like restrictions to install software. This feature may be turned off by an administrator, but you should consider leaving it on by default. It will prevent users from installing unauthorized software. Just like in iOS, the software has to be signed by a valid Apple developer certificate. Further, you can limit software to be installed from the app store only. In OS X Lion, the command line utility spctl can be used to test this feature. Mountain Lion added a GUI configuration tool to the standard OS X settings dialog. Also see our prior diary about this tool .
The Roaring Apps website maintains a pretty good list of Mountain Lion compatible applications . Most security tools I use appear to be compatible (Sophos Anti Virus, Kaspersky Anti Virus, Little Snitch, 1Password...). But note that RoaringApps.com is crowd sourced. To make sure, you should check the software publisher's website.
OS X 10.8 also includes a password safe feature, and improved privacy controls. For details, see Apple's list of security features .
Make sure to first update ALL software on your system. Various vendors released Mountain Lion specific updates as late as today.-)
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.