I'd like to add something else to this also. Most probably already knew
this, but I'm just putting it into perspective. Mac OS X = Darwin + Aqua.
Darwin has already been strongly supported on x86 platform with very
little security issues. Many use Darwin x86 as their server platform also.
I believe this switch to Intel is rather triggered by the support of x86
systems by Darwin. For awhile now x86 has only been supported as a
reference implementation. I think that it has come along so well that
Apple is now in the position where their x86 support of Darwin is as good
as the PPC support. A full-blown Mac OS X for x86 is something the Darwin
community has been advocating for a long time. I think deep inside they
all new that it would come at the cost of PPC support.

Anyway, I believe the biggest hurdle would be porting Aqua to x86. A
proof-of-concept must have been completed before the proposal, so I also
believe that they'll have it in release-candidate state very easily. OS
users will probably not see any difference between the OS X they knew
before and whatever is released on x86.

I am not happy about the move from PPC to x86 either. I believed PPC RISC
was a remarkable balance of performance and stability. I was especially
excited at the possibility that Apple might use the new Cell PPC. Instead,
they are going to Intel and who knows if they'll ever see the dual-core
Intel.



Leo Przybylski


> I perform security penetration tests on internal corporate networks
> all the time for my clients.  I can't remember the last time I didn't
> fully compromise a company's Windows-based domain control in the
> space of a few hours.  It's not the processor that leads to worms or
> virii, its the OS.  MacOSX is based on BSD Unix and has all BSD's
> security strengths.  These strengths will be maintained with the
> switch to Intel.  When you overflow a MacOSX app buffer and get a
> remote shell, you have very limited privileges to read and write
> data.  When you do this on Windows, you are NT Authority/System and
> can access password hashes and install backdoor programs any where
> you want.  Virus writers know this and bash MS Windows everyday for it.
>
>
> There is also just as much PPC shell code on the Internet as there is
> x86 shell code.  Take a look at the PPC shell code options available
> under Metasploit (http://www.metasploit.com/).  A virus or worm would
> first have to exploit MacOSX to get a local user shell, then escalate
> the privileges to Admin to do anything.  Even then you don't have
> full root privileges, so you can't make changes to the OS core.  So,
> without a vulnerable OS, the shell code isn't as dangerous.
>
> On Jun 7, 2005, at 3:15 AM, Dan LaBell wrote:
>
>>
>> On Jun 6, 2005, at 3:49 PM, Peter Hessler wrote:
>>
>>
>>> On Mon, Jun 06, 2005 at 03:43:17PM -0400, Jeffrey Hergan wrote:
>>>
>>> :Is it fact that Apple is switching to Intel or is it only rumor?
>>> :And wouldn't Intel be able to make a PPC chip?
>>>
>>> Fact. Apple is switching to the Pentium4 (although why they are going
>>> to ia32, rather than to amd64/emt64, doesn't make any sense to me).
>>>
>>> Intel could, but Apple chose to go x86.
>>>
>>
>> I was hoping it would be something other than x86, even if it just
>> differed in microcode,
>> and lose some x86 cruft.  But, they may have a point, once you
>> start running hot, you might as well cook -- I liked the
>> performance per watt of the G3, but I never found myself impressed
>> with G4 and G5... Seems like low power, is more of discrete thing
>> (if not binary), than a continuous spectrum of wattage.
>>
>> Does this also mean that we'll be seeing more cross platform worms
>> and exploits, as
>> the only the OS trap mechanism with differ in any shell code?
>>
>> Will the new machines still boot with openfirmware?, and I'm guess
>> they're keeping the Apple partition map ( or not ? ). Incidentally,
>> does the i386 port read an Apple partition map?
>>
>
>