How Apple protects Mac OS X from having to run on non-Apple hardware

“With the advent of Intel-based Macintosh computers, Apple was faced with a new requirement: to make it non-trivial to run Mac OS X on non-Apple hardware. The ‘solution’ to this ‘problem’ is multifaceted. One important aspect of the solution involves the use of encrypted executables for a few key applications like the Finder and the Dock. Apple calls such executable apple-protected binaries,” Amit Singh writes for Mac OS X Internals.

“Note that besides hindering software piracy, there are other scenarios in which encrypted binaries could be desirable. For example, one could turn the requirement around and say that a given syst m mus not run any binaries unless they are from a certain source (or set of sources). This could be used to create an admission-control mechanism for executables, which in turn could be used in defending against malware. In a draconian managed environment, it might be desired to limit program execution on managed systems to a predefined set of programs—nothing else will execute. In general, a set of one or more binaries could be arbitrarily mapped (in terms of runnability) to a set of one or more machines, possibly taking users, groups, and other attributes into account,” Singh writes.

Singh takes a look at how apple-protected binaries work in Mac OS X in his full article here.

18 Comments

  1. Great, now they just gave the dolts in Redmond a brilliant idea of how to eliminate malware, that is, don’t allow any execution other than pre-defined apps (e.g., those that are native to the OS, and those that are installed by trusted apps by the user).

    Sheesh!

  2. Nick,

    Yes, one of the few gems that MDN puts out! (There’s no shortage of “trivial” news articles, reports and what nots from third parties!). Amit Singh is a great technical writer – I go to his site http://www.kernelthread.com/ to do some stimulating readings! (although I am not a programmer, I still enjoy the understandable parts).

    Kenneth

  3. I didn’t read the article, but it’s pretty trivial to get OSX running on non-Apple hardware… my friend did it with minimal trouble, although he still hasn’t gotten video and network drivers working properly.

  4. why on earth would you want to run Mac os x on non mac hardware? what you think your precious dell or sony is so much better then the mac? I think anyone who tries to run mac on non mac systems is crazy.

  5. The binary protection will also make impossible in Leopard for an external executable to run without being *blessed* by the user. That is, utterly impossible for anything to install and run without user intervention as of today but a step further still.

    Virus and worms? Defeated for good.

  6. Pretty much the opposite. The computer is so much yours that it is impossible for it to become a zombie PC run by somebody else in a remote country.
    The computer is so much yours that it has to ask you whether it can run an executable it just received or got recently installed in any possible way.
    The computer is so much yours that you may have a multi-user environment and as admin of it decide who runs what, when and where.

    The computer is so much yours that no Windoze users will ever understand or be able to recover from the shock. They are still amazed at the novel that in Vista they can put the computer to sleep!! and be still amazed at how much Microsoft innovates.

    ehhh, uhhh, pffffttt, could not resist… pffFFTTT HAHHUAHHHUHHUHUHAUHUHUHHUHUHAHAHHAHAAHAHAHAHHAHA

  7. It is so easy to get OS X running on non-Apple hardware. I know a friend of a friend who has a friend who did it with no trouble at all, although he still hasn’t gotten video and network drivers working properly, nor the sound. There is nothing to see on the screen but black and the keyboard does not get any input. Also the external ports do not seem to be working: plug anything into and it will not be recognized but the computer does not seem to take harm from that.

    Apart from those minimal issues the friend of a friend of my friend has a blog and he says there how he made OS X running on his Acer. He doesn’t describe how to reproduce the process in that he says that Apple has been bully with him and warned that layers would take action if he were to reveal how he made OS X running on an off-the-shelf PC.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.