The following is a summary of the security features that may be planned for
the next release of the Macintosh OS, 8.7, code named Sonata. It is from
http://www.macosrumors.com which is "offered to the public under the Open
Content License." An earlier report said that Sonnata use "Fast Eliptic
Encryption."
"Multi-user configurability and security. Like other multi-user operating
systems such as NT, UNIX, BeOS, and OS X, Sonata will allow a virtually
unlimited number of users to log in at startup (or after another user has
logged out, returning the machine to the Login screen). Each user can have
totally different files, appearances, applications,and access priveleges
when they log in. The owner/administrator of the computer will of course
have total control (and in single-user environments, logging in can be
done automatically, with no need for a Login screen at all), but guests and
non-owner users can have their level of access and control over the
computer very finely tuned by the owner/administrator. Every file on the
computer -- in particular: control panels, the System, and indvidual
applications -- can be made read-only or invisible.
The security features controlling all of this will be very similar to
those used in OS X and are to be considered extremely secure. No external
testing has been applied yet, but Apple sources suggested that the intent
is to makethese competitive with Military-level secure OS's like OpenBSD.
One very interesting note on technology demonstrated under Sonata at
WWDC: users will be able to log into their computers by voiceprint
indentification. This technology is considered very reliable, is not easily
faked by recordings and such, and can be backed up with a normal text
password if the user is sick, loses their voice, etc.
Built-in encryption features. Web security certificates, data keys to
allow secure connections to Web sites like e-commerce stores and private
intranets, are stored in the System in an encrypted file for each user.
This way,someone can't sit down at your computer and use your secure
certificates to connect to a secure site they don't have access to on their
own.
Additionally, Sonata will ship with a file encryption utility that
employs a passphrase to lock/unlock secure file archives that can contain
anything from a single file to entire drive(s) full of data. The data is
compressed and encrypted with the passphrase provided. We haven't been able
to confirm the bit length of this compression software, but one source
suggested it is competitive with the strength of the industry-leading
encryption software PGP (Pretty Good Privacy). In fact, the strength of
Sonata's encryption features is so good, there's a chance that the U.S.
Government might not let Apple export it! :-) "
