Monday, April 20, 2009

Brief of Mac OS


Mac OS is Apple Computer's operating system for Apple Macintosh computers. Mac OS was the first commercially successful operating system which used a graphical user interface. The Macintosh team included Bill Atkinson and Jef Raskin. There are a variety of views on how the Macintosh was developed, and where the underlying ideas originated. While the connection between the Macintosh and the Alto project at Xerox PARC has been established in the historical record, the earlier contributions of Ivan Sutherland's Sketchpad and Doug Engelbart's On-Line System are no less significant. See History of the GUI, and Apple v. Microsoft.

The Mac OS can be divided into two families of operating systems:
An older and now unsupported "classic" Mac OS (the system that shipped with the first Mac in 1984 and its descendants, culminating with Mac OS 9).
The newer Mac OS X (pronunced oh-es-ten). Mac OS X incorporates elements of BSD Unix, OPENSTEP, and Mac OS 9. Its low-level UNIX-based foundation, Darwin, is open source.

Classic Mac OS

The "classic" Mac OS is characterized by its total lack of a command line; it is a 100% graphical operating system. Heralded for its ease of use, it is also criticized for its almost total lack of memory management, cooperative multitasking, and susceptibility to extension conflicts. "Extensions" are program modules that extend the operating system, providing additional functionality (such as a networking) or support for a particular device. Some extensions are prone not to work properly together, or only when loaded in a particular order. Troubleshooting Mac OS extensions can be a time-consuming process. The MacOS also introduced a new type of filesystem, which contained two different "forks" for a file. It was innovative at the time for separating out parameters into the resource fork, and raw data in the "data fork". However, it became quite a challenge to interoperate with other operating systems which did not recognize such a system.

The term "Mac OS" was not officially used until 1996 with the release of Mac OS 7.6 - prior to that the Macintosh operating system software was simply known as "The System", or by its version number, e.g. System 6 or System 7. Another common term was "the Toolbox". Apple deliberately played down the existence of the operating system in the early years of the Mac to help make the machine appear more user-friendly and to distance it from other systems such as MS-DOS, which were portrayed as arcane and technically challenging. With Mac, you turned it on, it just worked.

By the late 1990s, it was clear the useful life of this 1980s-era technology was coming to an end, with other more stable multitasking operating systems being developed.

Mac OS X

Mac OS X remedied this situation, bringing Unix-style memory management and preemptive multitasking. Improved memory management allowed more programs to run at once and virtually eliminated the possibility of one program crashing another. It is also the first Mac OS to include a command line, although it is never seen unless a separate "terminal" program is launched. However, since these new features put higher demands on system resources, Mac OS X is only officially supported on G3 and newer processors. (It runs poorly on many early G3 machines). Mac OS X has a compatibility layer for running older Mac applications, but compatibility is not 100%.

Mac OS Technologies

QuickDraw: the imaging model which first provided mass-market WYSIWYG.

Finder: the interface for browsing the filesystem and launching applications.

MultiFinder: the first version to support simultaneously running multiple apps.

Chooser: tool for accessing network resources (e.g., enabling AppleTalk).

ColorSync: technology for ensuring appropriate color matching.

Mac OS memory management: how the Mac managed RAM and virtual memory before the switch to UNIX.

PowerPC emulation of Motorola 68000: how the Mac handled the architectural transition from

CISC to RISC (see Mac 68K emulator).

Desk Accessories - small "helper" apps that could be run concurrently with any other app, prior to the advent of MultiFinder or System 7.


Wednesday, April 1, 2009

New Virus in April

An extraordinary behind-the-scenes struggle is taking place between computer security groups around the world and the brazen author of a malicious software program called Conficker.

The program grabbed global attention when it began spreading late last year and quickly infected millions of computers with software code that is intended to lash together the infected machines it controls into a powerful computer known as a botnet.

Since then, the program’s author has repeatedly updated its software in a cat-and-mouse game being fought with an informal international alliance of computer security firms and a network governance group known as the Internet Corporation for Assigned Names and Numbers. Members refer to the alliance as the Conficker Cabal.

The existence of the botnet has brought together some of the world’s best computer security experts to prevent potential damage. The spread of the malicious software is on a scale that matches the worst of past viruses and worms, like the I Love You virus. Last month, Microsoft announced a $250,000 reward for information leading to the capture of the Conficker author.

Botnets are used to send the vast majority of e-mail spam messages. Spam in turn is the basis for shady commercial promotions including schemes that frequently involve directing unwary users to Web sites that can plant malicious software, or malware, on computers.

Botnets can also be used to distribute other kinds of malware and generate attacks that can take commercial or government Web sites off-line.

One of the largest botnets tracked last year consisted of 1.5 million infected computers that were being used to automate the breaking of “captchas,” the squiggly letter tests that are used to force applicants for Web services to prove they are human.

The inability of the world’s best computer security technologists to gain the upper hand against anonymous but determined cybercriminals is viewed by a growing number of those involved in the fight as evidence of a fundamental security weakness in the global network.

“I walked up to a three-star general on Wednesday and asked him if he could help me deal with a million-node botnet,” said Rick Wesson, a computer security researcher involved in combating Conficker. “I didn’t get an answer.”

An examination of the program reveals that the zombie computers are programmed to try to contact a control system for instructions on April 1. There has been a range of speculation about the nature of the threat posed by the botnet, from a wake-up call to a devastating attack.

Researchers who have been painstakingly disassembling the Conficker code have not been able to determine where the author, or authors, is located, or whether the program is being maintained by one person or a group of hackers. The growing suspicion is that Conficker will ultimately be a computing-for-hire scheme. Researchers expect it will imitate the hottest fad in the computer industry, called cloud computing, in which companies like Amazon, Microsoft and Sun Microsystems sell computing as a service over the Internet.

Earlier botnets were devised so they could be split up and rented via black market schemes that are common in the Internet underground, according to security researchers.

The Conficker program is built so that after it takes up residence on infected computers, it can be programmed remotely by software to serve as a vast system for distributing spam or other malware.

Several people who have analyzed various versions of the program said Conficker’s authors were obviously monitoring the efforts to restrict the malicious program and had repeatedly demonstrated that their skills were at the leading edge of computer technology.

For example, the Conficker worm already had been through several versions when the alliance of computer security experts seized control of 250 Internet domain names the system was planning to use to forward instructions to millions of infected computers.

Shortly thereafter, in the first week of March, the fourth known version of the program, Conficker C, expanded the number of the sites it could use to 50,000. That step made it virtually impossible to stop the Conficker authors from communicating with their botnet.

“It’s worth noting that these are folks who are taking this seriously and not making many mistakes,” said Jose Nazario, a member of the international security group and a researcher at Arbor Networks, a company in Lexington, Mass., that provides tools for monitoring the performance of networks. “They’re going for broke.”

Several members of the Conficker Cabal said that law enforcement officials had been slow to respond to the group’s efforts, but that a number of law enforcement agencies were now in “listen” mode.

“We’re aware of it,” said Paul Bresson, an F.B.I. spokesman, “and we’re working with security companies to address the problem.”

A report scheduled to be released Thursday by SRI International, a nonprofit research institute in Menlo Park, Calif., says that Conficker C constitutes a major rewrite of the software. Not only does it make it far more difficult to block communication with the program, but it gives the program added powers to disable many commercial antivirus programs as well as Microsoft’s security update features.

“Perhaps the most obvious frightening aspect of Conficker C is its clear potential to do harm,” said Phillip Porras, a research director at SRI International and one of the authors of the report. “Perhaps in the best case, Conficker may be used as a sustained and profitable platform for massive Internet fraud and theft.”

“In the worst case,” Mr. Porras said, “Conficker could be turned into a powerful offensive weapon for performing concerted information warfare attacks that could disrupt not just countries, but the Internet itself.”

The researchers, noting that the Conficker authors were using the most advanced computer security techniques, said the original version of the program contained a recent security feature developed by an M.I.T. computer scientist, Ron Rivest, that had been made public only weeks before. And when a revision was issued by Dr. Rivest’s group to correct a flaw, the Conficker authors revised their program to add the correction.

Although there have been clues that the Conficker authors may be located in Eastern Europe, evidence has not been conclusive. Security researchers, however, said this week that they were impressed by the authors’ productivity.

Source New York Times