We haven’t been abducted, yet. While working on an interesting research project, we found something about Apple’s Kernel Authorization framework that might be a bit odd. From their documentation:

When writing a vnode scope listener, be aware that not every file system operation will trigger an authorization request. For example, if an actor successfully requests KAUTH_VNODE_SEARCH on a directory, the system may cache that result and grant future requests without invoking your listener for each one.

Albeit we haven’t verified this any further, it’s at very least interesting. Does that mean that a security decision might be cached and applied again under potentially circumstances? Huh. It’s true that a vnode scope listener can be one hell of a performance black-hole, but race conditions due to cached decisions is worse than slowing down file system operations, especially if the module overrides other policies.

Without making a funny analogy between truly solid HIPS solutions and those tough organisms called extremophiles, today’s entry isn’t really technical per-se. Sometimes it’s good to take a look over something else.

The Tardigrades (aka “water bears”) can be classified as arthropods (like insects, arachnids…) because of their segmented body. They are known because of being extremely resistant to a wide range of normally lethal conditions, namely: extreme temperatures, radiation, dehydration and extreme pressures. One of their impressive treats is their ability to lower the metabolism exponentially, and preserving themselves over long time with no water.

This is known as “cryptobiosis”; when the environment becomes hospitable again, the organism reverses back to its normal metabolic state and effectively comes back to life. Imagine an animal that has been standing still for over a decade, after post-apocalyptic events that no other species have been able to overcome, and finds its way back to a devastated world. How does it feel to be the toughest animal on Earth?

Let’s see a few of the conditions that these little animals can resist:

• High (151 C) and really low temperatures (almost absolute zero, and about 270 C for days).
• Radiation: up to 570k rads. One to two thousand rads are lethal to humans.
• Vacuum’s low pressure, as well as damn high pressure (six times that the deepest ocean trench).
• They survive dehydration for a decade!

Research of these life forms could lead to advances in treatment of certain diseases. It’s simply amazing how resistant these little animals are.

Hopefully a HIPS half as tough as a tardigrade could bring some light to the rather depressing world of so-called security software!