Rant: Welcome to Apple's sandbox

Will sandbox mandates help CSOs make apps play nice?

Whether you love Apple or hate it, you may be in line to benefit as a crackdown on Mac OS X apps extends the company's iPhone and iPad application metaphor to desktop applications as well. Even if you don't use Macs within your business environment, your company's security profile may eventually benefit as Microsoft slowly positions itself to follow Apple's recent announcement that, from March 1, it will require all app developers to sandbox their applications in order for them to be distributed using the company's Mac App Store.

It's a big change: while Mac OS X has been bundling its apps in manageable, mostly self-contained packages for yonks, the mandate that they now withdraw their tendrils and live in isolation from the rest of the operating system will require significant changes to many apps that have become accustomed to happily extending themselves throughout the desktop environment.

It's the digital equivalent of telling your messy cousin Bazza that, if he wants to keep living in your house, he has to pick up his dirty towels and stop leaving greasy Chiko roll wrappers all over the lounge-room sofa. And it seems to be a Godsend for security, breaches of which have often involved sneaky malware playing off of operating-system security compromises to wend their way into the danger zone.

While they'll present user interfaces and application logic the same way, apps interacting with the rest of the operating system will apparently have to be managed through tightly controlled Mac OS X APIs. Without the correct credentials, the apps will simply be unable to get where they want to go. It's a process that extends Apple's notorious reputation for micromanagement — but should, presumably, go some way towards improving security.

If your business is based on Windows, don't sneer: Apple's Mac App Store, which in turn is based on Apple's successful iTunes App Store, is now being emulated by Microsoft and will become a primary distribution method once Windows 8 hits the traps.

Not too long from now, this sort of software distribution will be the de rigeur standard. Will you be thanking Microsoft and, indirectly, Apple? Perhaps. It's certainly a logical way to bring order to what has — especially in the world of Windows — previously been a disastrous mishmash that has made security something of an interminable Hail-Mary pass.

Conflicting and poorly-written applications have wantonly plundered the Windows registry for years, installing configuration settings and files that have been corrupted, destroyed and pwned by purpose-built malware with impunity. Apple's security model has been arguably more tied-down, although even it has recently proved to be susceptible to the odd security issue or two and was this week exposed when a security researcher found a way to sneak malware onto iPhones and iPads through the iTunes App Store.

Given the broader range of functionality available in Mac OS X, there will be many more potential attack vectors that will be dutifully probed, tested, and exploited by security researchers. But these will be readily identified and fixed, and may be eliminated altogether as all apps become subject to the same tight controls that already regulate interactions between desktop operating systems and operating systems running within virtual machines.

For security professionals, the move towards sandboxed apps may eventually prove to be the best thing to happen to corporate security since the invention of antivirus scanners. Realising those benefits, however, will require strong takeup by ISVs, who tend to be quite cagey about kowtowing to the mandates of any particular supplier. Instead, they often prefer to load their own interfaces, drivers and whatnot to make your desktops behave just the way they want them to; experience shows that this is often exactly the opposite to how you'd prefer to have the desktops operating.

There's no need for businesses to wait until Windows 8 to get the benefits of sandboxing, of course: Symantec, Microsoft and other vendors already offer application virtualisation solutions that use a Mac-like approach by bundling Windows applications into self-contained virtual packages that can be loaded and removed from desktops more easily than with conventional uninstallers. That makes for easier management and, in theory at least, better security since apps can be quickly slapped down if they try to put their greasy fingers where they shouldn't be.

Time will tell whether Microsoft can force ISVs of enterprise applications to get in line, or whether they simply bypass app stores for as long as possible. The easier distribution and monetisation offered by the Mac App Store may be enough to convince authors of casual applications to get in line, but monolithic Windows applications may require significant investments in time and money to change apps to play nicer.

For those ISVs, fealty to sandbox designs may only come when Microsoft and Apple change gears and make their app stores the only authorised way to install apps at all.When this happens, desktop operating systems will have become bigger, gruntier versions of the iPhone and iPad app model: discrete, self-contained apps that abstract application logic away from data files so they can be readily updated in situ and isolated from their neighbours. You may not like the comparisons – especially if you're an Android fan – but the benefits may be indisputable.What do you think? Will app sandboxes plug application security holes? Or will hackers always find a way?

Tags AppleApple sandboxMac OS Xsandbox

Comments

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Sophos Mobile Control

Data protection, policy compliance and device control for mobile devices

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.