Linked by Thom Holwerda on Fri 21st Apr 2006 22:08 UTC
Mac OS X Secunia said there are potential vulnerabilities in the Mac OS X operating system, first noticed by Tom Ferris. The firm described the holes as 'highly critical', meaning that systems could be compromised if crooks dive in. Secunia said the potential holes are in version 10.4.6, but other versions might be affected too.
Order by: Score:
v *sigh*
by Tom K on Fri 21st Apr 2006 22:23 UTC
RE: *sigh*
by Chicken Blood on Fri 21st Apr 2006 22:28 UTC in reply to "*sigh*"
Chicken Blood Member since:
2005-12-21

Because OS X is gaining popularity more of this kind of thing will start popping up.

Also, the sky is blue.

Reply Score: 5

RE[2]: *sigh*
by kamper on Sat 22nd Apr 2006 00:01 UTC in reply to "RE: *sigh*"
kamper Member since:
2005-08-20

Also, the sky is blue.

I concur. The sky is most definitely blue over here.

Reply Score: 1

RE[2]: *sigh*
by protagonist on Sat 22nd Apr 2006 00:54 UTC in reply to "RE: *sigh*"
protagonist Member since:
2005-07-06

"Also, the sky is blue."

You, obviously, do not live on the Oregon coast. :-)

Reply Score: 3

RE[3]: *sigh*
by Duffman on Sat 22nd Apr 2006 07:17 UTC in reply to "RE: *sigh*"
Duffman Member since:
2005-11-23

"Because OS X is gaining popularity more of this kind of thing will start popping up. "

Just as Linux.

Reply Score: 1

RE[4]: *sigh*
by Kroc on Sat 22nd Apr 2006 07:25 UTC in reply to "RE[3]: *sigh*"
Kroc Member since:
2005-11-10

OSX has sales figures. Linux has hope and dreams.

Reply Score: 1

RE[5]: *sigh*
by RenatoRam on Sat 22nd Apr 2006 13:29 UTC in reply to "RE[4]: *sigh*"
RenatoRam Member since:
2005-11-14

...and documented installs of tens of thousands of desktops.

Whereas I personally know only exactly 1 (one) person owning a Mac.

Reply Score: 1

RE[6]: *sigh*
by Duffman on Sat 22nd Apr 2006 14:13 UTC in reply to "RE[5]: *sigh*"
Duffman Member since:
2005-11-23

"...and documented installs of tens of thousands of desktops.

Whereas I personally know only exactly 1 (one) person owning a Mac."

Because for sure, you personally know tens of thousands persons owning a Linux Desktop ...

Anyway, there is at least one million of Macs sold each quarter (http://www.apple.com/pr/library/2006/jan/18results.html).

So far away your tens of thousands persons you "personally know" owning a linux desktop.

Reply Score: 2

RE[7]: *sigh*
by dylansmrjones on Sat 22nd Apr 2006 14:25 UTC in reply to "RE[6]: *sigh*"
dylansmrjones Member since:
2005-10-02

Tens of thousands linux users is what we have in Denmark alone. Not that it counts much compared with the millions of windows users, though.

Reply Score: 1

RE[7]: *sigh*
by tertiary_adjunct on Sun 23rd Apr 2006 16:47 UTC in reply to "RE[6]: *sigh*"
tertiary_adjunct Member since:
2006-01-15

"Because for sure, you personally know tens of thousands persons owning a Linux Desktop ...

Anyway, there is at least one million of Macs sold each quarter (http://www.apple.com/pr/library/2006/jan/18results.html).

So far away your tens of thousands persons you "personally know" owning a linux desktop."


While I generally agree with you, the numbers can be a little deceiving.

Yes, Apple may sell at least a million macs every quarter, but how many of those macs continue to run OS X and not have their OS replaced with Linux or some other operating system?

Reply Score: 1

RE[6]: *sigh*
by Innova on Mon 24th Apr 2006 13:55 UTC in reply to "RE[5]: *sigh*"
Innova Member since:
2005-09-30

documented installs of *Nix versus people who you know that may run OS X......?

I personally know 3 people who have windows installed (my mom & dad, my sister and my neighbour), and over 20 which have a macintosh. Does this mean OS X has ~90 % market share? By your logic it would.....

Reply Score: 1

RE[2]: *sigh*
by MediaSex on Sun 23rd Apr 2006 02:06 UTC in reply to "RE: *sigh*"
MediaSex Member since:
2006-02-08

"Because OS X is gaining popularity more of this kind of thing will start popping up. "

How is it possible for someone to post something so idiotic???

Forget the stupidity of what you are suggesting, OS X ISN'T getting more popular outside of a few sub-percentage points.

And do you realize that you a claiming that code written over the past decade in OS X is going to MAGICALLY start to developing security problems due to more people using OS X???

Shame on you for littering the Net with stupidity. And shame on you for parroting the Microsoft Security Nightmare Damage Control Meme.

Why Windows is riddled to its very foundation with security problems is utterly manifest compared to OS X, Linux, and other operating systems. And it has absolutely nothing to do with 'popularity'.

There is a sad and desperate need in the Windows world for OS X to be seen as just riddled to the core with exploits as Windows. I guess after a decade of being the joke of the computing world over security Windows users have developed a bitter desire to lash out with a schoolyard type "You Are Too!!!" respone to computer security.

Reply Score: 1

RE: *sigh*
by raver31 on Sat 22nd Apr 2006 09:08 UTC in reply to "*sigh*"
raver31 Member since:
2005-07-06

Emm, in reality, the sky is BLACK. You only see light being refracted through particles in the atmosphere.
Blue light bends more than other colours in the spectrum, so therefore you perceive that the sky is blue.

BTW, there is an interesting twist to this. When the two Mars rovers sent back their first pictures from MArs surface, NASA falsely coloured the sky reddish/pink, from its natural blue, as they believed the general population thought the sky should be red.

In reality, all planetary objects with a dense enough atmosphere will have "blue" skies

Emm..... when in reality, they will all be black

Reply Score: 3

RE[2]: *sigh*
by Tom K on Sat 22nd Apr 2006 15:50 UTC in reply to "RE: *sigh*"
Tom K Member since:
2005-07-06

No, in reality, the sky is blue, and you even explained why.

sky |sk?| noun (pl. skies) (often the sky) the region of the atmosphere and outer space seen from the earth

Reply Score: 1

RE[3]: *sigh*
by silicon on Sat 22nd Apr 2006 20:06 UTC in reply to "RE[2]: *sigh*"
silicon Member since:
2005-07-30

Color my friend is only a sensation in the human brain. The sky or the region of atmosphere and outer space seen from the Earth is mostly black, only light refracted due to the non-uniform optical density (due to different layers of air) appears blue (which covers the entire sky).

Reply Score: 0

RE[4]: *sigh*
by Chicken Blood on Sat 22nd Apr 2006 21:47 UTC in reply to "RE[3]: *sigh*"
Chicken Blood Member since:
2005-12-21

Color my friend is only a sensation in the human brain. The sky or the region of atmosphere and outer space seen from the Earth is mostly black, only light refracted due to the non-uniform optical density (due to different layers of air) appears blue (which covers the entire sky).

Wow, such insight. I was wondering, do you have any information on how to "talk to girls"?

Thought not :-)

Reply Score: 1

RE[4]: *sigh*
by Tom K on Sat 22nd Apr 2006 23:37 UTC in reply to "RE[3]: *sigh*"
Tom K Member since:
2005-07-06

If colour is only a sensation in the human brain, and we all have brains, I'd say it's safe to state that something is a certain colour.

Now you're getting pedantic solely for the purpose of disagreeing.

Reply Score: 0

System calls...
by hhcv on Fri 21st Apr 2006 22:41 UTC
hhcv
Member since:
2005-11-12

I am not sure whether it was here or on slashdot where there was a link to an article showing the various system calls needed to render one html page with an image. Basically, linux required a lot less (compared to XP), and so left fewer possible 'holes' in the system.

Now, we all consider OS X a UNIX.. I'd just love to see a similiar diagram for OS X, maybe it is less complicated, more complicated, or similiar to other *NIXs... Maybe such a diagram can give us an idea at the scale of the potential issue (I know this would not consider important things such as the general architecture of the OS, and add-on applications?)

Or, am I missing the point? Because OS X is POSIX compliant (is it?) do the system calls remain the same?

Also, TFA does not suggest what the hole could be, if it is in iLife, etc, the question must be asked... where do we draw the line between the Operating System and the Packaged Operating System?

Reply Score: 2

RE: System calls...
by sappyvcv on Fri 21st Apr 2006 22:47 UTC in reply to "System calls..."
sappyvcv Member since:
2005-07-06

Actually, it was to serve a web page, using Apache v. IIS.

Reply Score: 5

RE: System calls...
by kaiwai on Sun 23rd Apr 2006 02:44 UTC in reply to "System calls..."
kaiwai Member since:
2005-07-06

I am not sure whether it was here or on slashdot where there was a link to an article showing the various system calls needed to render one html page with an image. Basically, linux required a lot less (compared to XP), and so left fewer possible 'holes' in the system.

It was here and on Slashdot IIRC.

You're referring to the number of system calls required to serve up a webpage on the internet; it was a comparison between Apache/Linux (replace Linux with any *NIX as the results will be around the same) and Windows 2003/IIS 6.

The statement made was the fact that when there are more complex moves, there are more likelihood of things going wrong; hence the corner stone of engineering that should always be aheard to; KISS; Keep It Small, Stupid!

Microsoft seems to have this fetish that they should make things more complicated than they need to be, so that they can most about how 'complex Window is!" and how "difficult it is to get things working!" - its the typical martyr syndrome, the 'look at me! I suffer! I have to deal with such complex problems!" <-- Which they created *snicker*

Reply Score: 1

Mac kernel
by Lengsel on Fri 21st Apr 2006 22:42 UTC
Lengsel
Member since:
2006-04-19

Has there been anything serious said, and not based on rumors, about Apple dropping the Mach 3 kernel? Since Mac OS X is based on FreeBSD, maybe they should go entirely Free/OpenBSD based, even right down to the kernel. OpenBSD OS with FreeBSD hardware and functionality could really do something for their OS if the guts of the system are a best-of-breed BSD combo kernel OS, would you guys disagree?

Reply Score: 2

RE: Mac kernel
by zemplar on Sat 22nd Apr 2006 03:27 UTC in reply to "Mac kernel"
zemplar Member since:
2006-02-10

Free and Open BSDs are both good, but I'd suggest using [Open]Solaris for a replacement kernel if ever Apple would, for some unknown reason, decide to switch.

Reply Score: 1

RE[2]: Mac kernel
by JohnOne on Sat 22nd Apr 2006 19:12 UTC in reply to "RE: Mac kernel"
JohnOne Member since:
2006-03-25

No, the best choise is NetBSD. It has already all (or almost all) the Mach's systems calls Apple needs to "switch" without strong mods to the kernel.

Reply Score: 1

v I'm pissed
by JustAnotherMacUser on Fri 21st Apr 2006 23:12 UTC
RE: I'm pissed
by jamesrdorn on Fri 21st Apr 2006 23:28 UTC in reply to "I'm pissed"
jamesrdorn Member since:
2005-07-27

Dude, it's time for you to move back to DOS.

As the post right below yours reads, there is ONLY 1 unpached exploit & it happends to be the one on this artical.

Maybe you should invest your money in Microsoft... I hear they started focusing on security a few years ago... Trusted Computing anyone?

Reply Score: 5

RE: I'm pissed
by rm6990 on Fri 21st Apr 2006 23:52 UTC in reply to "I'm pissed"
rm6990 Member since:
2005-07-04

Just get it right by Leopard or else.

I'm sure Apple is quaking in their booties, and spending an extra billion on quadruple checking the code in their OS for fear of losing you as a customer, as we all know you are the only thing between profitability and bankruptcy for Apple.

Grow up, and get real. All code bases as complex as OS X (or Linux, Windows, BSD, etc) are going to have vulnerabilities. Get over it.

Oh, and by the way, you aren't important enough for any company, let alone Apple, to give two little shits about you. Quit being so high on yourself, and quit wasting my bandwidth with your stupid comments.

Reply Score: 1

RE: I'm pissed
by vimh on Fri 21st Apr 2006 23:52 UTC in reply to "I'm pissed"
vimh Member since:
2006-02-04

Just get it right by Leopard or else.

I'm not a big mac fan and have never owned a mac but don't you think you're kind a jumping the gun here?

Suppose "exploits" such as these continue on the Mac. What will you do? Move to Windows? Not gonna get safer there. Move to a Linux or another BSD system? Might be worth looking into but their are exploits there as well.

Maybe you should just stick the the command line and use only text based browsers and mail clients. But even then, somebody just might get you.

Reply Score: 5

RE[2]: I'm pissed
by JustAnotherMacUser on Sat 22nd Apr 2006 01:12 UTC in reply to "RE: I'm pissed"
JustAnotherMacUser Member since:
2006-01-08

I wasn't trying to troll, I have been a Mac user ever since they came out. I currently have over $14 thousand in Apple toys bought over the last few years for myself and friends/family. I'm sure the webmaster of this site can confirm my browser and monitor size (30")

It really peevees me that I worked hard to convince people Mac's were better, only to now get this "I thought Mac's were secure" crapola tossed in my face. I could explain away a few exploits, but now it's a deluge. I'm mad I got egg on my face and conned by Apple.

Now to those who say all operating systems have exploits, your right. But it's the amount and frequency that matter.

For instance OS 9 had very few after Apple took corrective action when they first stared appearing. But Mac OS X is supposed to be way more secure, and it's not. It's racking up exploits much like Windows is.

I give you these links as evidence

http://www.ciac.org/ciac/bulletinsByType/vndr_apple_bulletins.html

http://www.ciac.org/ciac/bulletinsByType/vndr_ms_bulletins.html

I just want a worry free computing enviroment, not to be glued to the internet trying to stay one step ahead of the bad guys.

That's why I bought a Mac and have stuck with the company all these years, if they can't deleiver then I might as well save money and buy a PC.

Reply Score: 2

RE[3]: I'm pissed
by Fuji257 on Sat 22nd Apr 2006 01:30 UTC in reply to "RE[2]: I'm pissed"
Fuji257 Member since:
2006-01-24

Dude. Chill. Turn on your "Software Update" in your Preference Panel. If security holes exists; the nice men at Apple will fix them.

OS 9 was "secure" 'cause it had no command line and internally worked bassackwards from any other OS on the planet; and would likely take PPC asm guru to come up with a decent exploit.

When you here of MASS infected OS X systems being taken down; then
b!tch at Apple. Since there are NO ( that's 0, Z-E-R-O) cases of any users being infected or exploited, I'd say Apple's track record is still in tact.

They are FAR from perfect and have been a little slow in the past on a security hole or two; but with a track record like they have I suppose it would not be hard to do.

Reply Score: 2

RE[3]: I'm pissed
by Brad on Sat 22nd Apr 2006 01:47 UTC in reply to "RE[2]: I'm pissed"
Brad Member since:
2005-07-06

I don't know what to tell you. Only fanboys ever stated that OSX was perfect or immune to this. Everyone knows such things will happen, and everyone knows that as an OS grows, and its userbase grows the pressures on it grow. It also becomes something more heavily looked at for problems, and those who might use those flaws will be more tempted to act on them. To think anything else is foolish and just a form of denial.

I don't know how OS9 could be considered solid. It was one of the worst OS ever made. Just about anyone, mac users included would take win95/98 or linux over it. It didn't need a vulnerability to go down. It was afraid of itself.

That all said. OSX is still the most worry free platform out there. And so far nothing has happened to any level to be truly worried. All these have show is people should once and for all get it out of there heads that Macs are some how immune to this kind of thing. Also it will come down to the users in the end. For apple to make something that will be immune to such things, they would have to create something very user un-freindly. No one wants that, so there will always be a level of risk. Windows world isn't much different. Many/Most people use it with little issue. Many people use windows with no extra security measures and never have a single issue, they simply don't use foolish things.

You could cage off the woods to protect people from bears. But then you have ruined the view of the woods and stops you from enjoying it. You could also just let people be aware of the dangers of bears, and at the same time they get to enjoy nature freely with no cage. But if you have people who insist they should be able to walk anywheres in the woods and poke bears with sticks and have no issues, well there is very little you can do for those people.

Reply Score: 5

RE[4]: I'm pissed
by xioztzu on Sat 22nd Apr 2006 03:20 UTC in reply to "RE[3]: I'm pissed"
xioztzu Member since:
2006-01-01

"...very little you can do for those people."

Except poor honey on them and release the bears. ;)

Reply Score: 2

RE[3]: I'm pissed
by ApproachingZero on Sat 22nd Apr 2006 02:50 UTC in reply to "RE[2]: I'm pissed"
ApproachingZero Member since:
2005-11-10

Just because a vulnerability exists doesn't mean anyone is ever going to be affected by it. A vulnerability is not the same thing as a worm or a virus. Just relax. Sounds like you need to lay off the caffeine this weekend.

Reply Score: 1

RE[2]: I'm pissed
by xioztzu on Fri 21st Apr 2006 23:54 UTC in reply to "I'm pissed"
xioztzu Member since:
2006-01-01

Troll... I bet this guy doesn't even own a Mac.

Reply Score: 2

RE[3]: I'm pissed
by ronaldst on Fri 21st Apr 2006 23:57 UTC in reply to "RE[2]: I'm pissed"
ronaldst Member since:
2005-06-29

But he succeded at trolling. lol

Reply Score: 2

Let's get the real picture...
by MikeekiM on Fri 21st Apr 2006 23:25 UTC
MikeekiM
Member since:
2005-11-16

Mac OS X
Currently, 1 out of 69 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Linux Kernel 2.6.x
Currently, 14 out of 79 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Windows XP Pro
Currently, 27 out of 131 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Reply Score: 5

JustAnotherMacUser Member since:
2006-01-08

The Secunia "Mac OS X" exploit list doesn't count the ones found recently by Tom Ferris.

The "1 out of 69" was like that since the 10.4.6 update.

Reply Score: 2

RE: Let's get the real picture...
by Finalzone on Sat 22nd Apr 2006 09:20 UTC in reply to "Let's get the real picture..."
Finalzone Member since:
2005-07-06

Flaws in that comparison. For example, Red Hat kernel is heavily patched than the vanilla version therefore the number of advisories differ from distros to distros.

Another flaw is to compare the kernel vs the whole operating system which is pratically misleading. Here is an example of fair comparison with different operating systems:

Mac OS X
Currently, 1 out of 69 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Fedora Core 5 (1 month after release)
Currently, 0 out of 7 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Red Hat Enterprise 4
Currently, 0 out of 166 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Fedora Core 4
Currently, 0 out of 111 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Fedora Core 3
Currently, 0 out of 206 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Ubuntu 5.04
Currently, 0 out of 135 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Windows XP Pro
Currently, 27 out of 131 Secunia advisories, are marked as "Unpatched" in the Secunia database.

These reports are taken on april 22nd, 2006 straight from Secunia website. You will be the judge.

Reply Score: 5

RE: Let's get the real picture...
by somebody on Sat 22nd Apr 2006 18:22 UTC in reply to "Let's get the real picture..."
somebody Member since:
2005-07-07

Wow, now if you would proceed and check locality and how critical those advisories are.

Tho more critical, the more worried you get. If they are also remote you should be panicking.

Reply Score: 1

MikeekiM Member since:
2005-11-16

Wow, now if you would proceed and check locality and how critical those advisories are.

You mean like this one?

Linux Kernel Multiple Vulnerabilities
Partial Fix. Secunia Advisory 28 of 33 in 2005
Release Date:
2005-02-16 Secunia Advisory ID:
SA14295 Solution Status:
Partial Fix
Criticality:
Impact:
Unknown
Hijacking
Security Bypass
Exposure of sensitive information
Privilege escalation
DoS
Where:
From remote
Short Description:
Some vulnerabilities have been reported in the Linux kernel. These can be exploited by malicious, local users to gain knowledge of potentially sensitive information, cause a DoS (Denial of Service), or gain escalated privileges, or by malicious people to cause a DoS or bypass certain security restrictions. [Read More]

Reply Score: 1

It looks a bit nasty
by dr_gonzo on Fri 21st Apr 2006 23:47 UTC
dr_gonzo
Member since:
2005-07-06

Here's the link to the actual page which describes the multiple flaws: http://secunia.com/advisories/19686/

As far as the zip flaw goes, it exists in the BOMArchiveHelper application so if you're not sure about opening a certain zip file, you can safely open it in the command line.

All the other vulnerabilities are pretty unavoidable though. I suppose to be extra safe, you could use Firefox for web browsing to avoid the HTML exploit.

People shouldn't get so worked up about this though. It is virtually impossible to create 100% secure code. What matters is Apple's reaction time in fixing known vulnerabilities.

If I understand correctly, LLVM could prevent a lot of security attacks by creating a sandbox for applications in the way that the Java VM does.

Reply Score: 3

RE: It looks a bit nasty
by pxa270 on Sat 22nd Apr 2006 08:32 UTC in reply to "It looks a bit nasty"
pxa270 Member since:
2006-01-08

People shouldn't get so worked up about this though. It is virtually impossible to create 100% secure code. What matters is Apple's reaction time in fixing known vulnerabilities.

According to the discoverers of the vulnerabities, Apple was notified of
http://www.security-protocols.com/sp-x25-advisory.php
and
http://www.security-protocols.com/sp-x26-advisory.php
in January and February. The remaining four advisories do not list the notificaton dates.

Edited 2006-04-22 08:40

Reply Score: 4

umm...
by samad on Fri 21st Apr 2006 23:54 UTC
samad
Member since:
2006-03-31

The bulk of the calls are made to other userland frameworks/libraries, not the kernel. Changing the kernel to FreeBSD will probably not fix any of these problems. Unfortunately these userland libraries are deeply embedded into the system (like ReadBMP(), _cg_TIFFSetField()) as they rely on QuickTime's ability to read different image formats.

Reply Score: 2

This and THAT...
by Bobmeister on Sat 22nd Apr 2006 00:07 UTC
Bobmeister
Member since:
2005-07-06

Hi everyone...I looked at this with interest and agree with many of the comments above. I run Linux and Windows at home mostly...my brother is a MAC guy. I think that the comment that ALL complex code will have vulnerabilities is correct. If you try hard enough, holes will be found and exploitable.

So...I'm kind of getting to the point in my life where I don't care about the "wars" about which OS is better than that one or whatever...it's just in what you want it to do for you...some do things better than others, including security DEPENDING ON THE CONTEXT of the situation. I personally think that given intelligent computing by the user (something that is lacking a lot, addmittedly) that even Windows can be run in a pretty sucure manor. Linux even more so with SELinux or AppArmor in place. The MAC is a pretty well designed system too.

These kinds of things are good in that they increase the awareness that no matter WHAT kind of machine or setting you are in, you can be vulnerable. I would think that this is only the tip of the iceberg in the long run...that there will be many more weaknesses found in Windows, Linux and MAC. We need to learn to be intelligent (not paranoid) and protect our systems in whatever ways are the best for those environments.

I'm not sure if the "I'm Pissed" guy was trolling or not, but his viewpoint was extreme...

Reply Score: 3

Looks pretty good
by jjmckay on Sat 22nd Apr 2006 00:17 UTC
jjmckay
Member since:
2005-11-11

At least the MAC's look pretty while being compromised.

Reply Score: 3

RE: Looks pretty good
by kaiwai on Sun 23rd Apr 2006 02:51 UTC in reply to "Looks pretty good"
kaiwai Member since:
2005-07-06

How can a Media Access Control (MAC) look pretty?

Please, basic understand of English 101; the use of all capitals occurs when it is an acronymn; take SUN for example, which stands for Standford UNiversity (where Scott obtained his Economics degree from).

Mac is short for Macintosh; now, one could get anal and demand a fullstop to be put at the end of Mac to signify abrievity, but lets not get too anal.

Reply Score: 2

RE[2]: Looks pretty good
by monkeyhead on Mon 24th Apr 2006 00:48 UTC in reply to "RE: Looks pretty good"
monkeyhead Member since:
2005-07-11

Good hell... I could hear your anus clentching from here. Do you get upset that UNIX and Unix don't follow your little acronymn rule?

Reply Score: 1

RE[2]: Looks pretty good
by Innova on Mon 24th Apr 2006 14:06 UTC in reply to "RE: Looks pretty good"
Innova Member since:
2005-09-30

Seriously,

I knew he was refering to MACintosh's, I would assume that most people reading his post knew he was referring to MACintosh's.

It is the small man, with no argument left that starts correcting others english.

Go outside and see the SUN. You are obviously suffering from SAD (seasonal affective disorder) after a long winter.

Or, do you correct the grammar in love letters that women send you.......an obviously good method to continue not getting (insert quip here).

Reply Score: 1

Pure unadulterated genius
by Fuji257 on Sat 22nd Apr 2006 01:37 UTC
Fuji257
Member since:
2006-01-24

From the article:

"Until the holes are filled in, don't visit untrusted web sites, or open ZIP archives or images which come flying your way and that look a tad dodgy."

Gee golly, that sounds like an easy exploit to me. Uh, so AFTER the "vulnerabilities" are fixed, I can go back to using my credit card on untrusted websites and unzipping "dodgy looking" files they "fly my way" all willy nilly?

Edited 2006-04-22 01:38

Reply Score: 4

RE: Pure unadulterated genius
by ronaldst on Sat 22nd Apr 2006 01:39 UTC in reply to "Pure unadulterated genius"
ronaldst Member since:
2005-06-29

It was sarcasm.

Reply Score: 1

let their actions speak
by postmodern on Sat 22nd Apr 2006 03:10 UTC
postmodern
Member since:
2006-01-27

Let Apple's actions set the record straight, then we can point back at the victories/failures of their security process and derive conclusions.

Also coffee is a fluid solution.

Reply Score: 1

factors
by postmodern on Sat 22nd Apr 2006 03:14 UTC
postmodern
Member since:
2006-01-27

The amount of and response time to vulnerabilities affects the overall security of an OS. Design of the OS and programming practices may affect the amount of vulnerabilities introduced and the ease to which they are fixed.

Reply Score: 1

Re: Security Holes
by aGNUstic on Sat 22nd Apr 2006 03:14 UTC
aGNUstic
Member since:
2005-07-28

Holey Code, Batman!

Seriously. Grow up. All code is crap since it is invented by primates with keyboards. Some just have better bananas and trees.

Reply Score: 1

RE: Re: Security Holes
by dylansmrjones on Sat 22nd Apr 2006 14:29 UTC in reply to "Re: Security Holes"
dylansmrjones Member since:
2005-10-02

What!?!?

Some have trees!?!?

I want that too ;)

Reply Score: 1

Careful
by JMcCarthy on Sat 22nd Apr 2006 04:16 UTC
JMcCarthy
Member since:
2005-08-12

The recent security vulnerabilities are a marketing ploy, they're trying to show us their still human. Humans make mistakes.

Edited 2006-04-22 04:18

Reply Score: 1

It is just me..
by Jody on Sat 22nd Apr 2006 04:47 UTC
Jody
Member since:
2005-06-30

Or does anyone else think calling something "Critical" or "Highly Critical" without stating if it is locally or remotely exploitable overly vague?

Is it local or remote?
Does it require a less privileged account on the system?
If remote does it impact a "default" install?
Does exploiting require user action (browser etc.)?

There is a light year of difference between local account escalation and a remote vuln in a default running service. I hate how everything is simply lumped into "Critical".

I should not have to click through 6 links and read the entire fluffed report to get this information.

We have standards for everything else, how hard would it be to break it down into "Critical (status 1)" or "Critical (status 5)" depending on actual potential for exploit?

Edited 2006-04-22 04:51

Reply Score: 3

RE: It is just me..
by dr_gonzo on Sat 22nd Apr 2006 12:48 UTC in reply to "It is just me.. "
dr_gonzo Member since:
2005-07-06

I presume they're remote exploits since they involve Safari browsing a dodgy web page.

Did you read the information on the exploits? It was pretty clear.

Reply Score: 1

Heh
by Nelson on Sat 22nd Apr 2006 07:52 UTC
Nelson
Member since:
2005-11-29

What's even funnier is that they are trying to give an excuse for the exploits found. Maybe now that Mac has joined the rest of the OSes we will finally see the fanboys wisen up.

Reply Score: 0

Think Difference
by Matt24 on Sat 22nd Apr 2006 08:01 UTC
Matt24
Member since:
2005-07-23

What I do notice:

With OS X it is a sport to find holes in the os in the first place and with Windows it is a sport to exploit holes. It says a lot about users and their (lack of-) respect for the (lack of-) quality of their os.

Edited 2006-04-22 08:08

Reply Score: 1

RE[5]: *sigh*
by Soulbender on Sat 22nd Apr 2006 08:39 UTC
Soulbender
Member since:
2005-08-18

"OSX has sales figures."
Doesnt have much market share though.

Reply Score: 0

131 advisories?
by Dias on Sat 22nd Apr 2006 10:29 UTC
Dias
Member since:
2006-02-20

Considering that Win has a 95% of market, 131 flaw is very small number.

Reply Score: 1

RE: 131 advisories?
by suryad on Sat 22nd Apr 2006 15:22 UTC in reply to "131 advisories?"
suryad Member since:
2005-07-09

I will have to agree with this one. Everyone knows XP was and sorta is quite security hole-ridden. But the fact is a lot of them are getting fixed. I am not sure but if it is with everyone, but just like an experienced Mac user can make their system quite secure, so can an experienced XP user. I have used both Mac and XP and they are both great in their own right. Mac has the advantage of being based on Unix and all its proven track record whereas XP is written by a company who just wants to make more money and thats their bottomline. Its all about using the tools. OSes are tools for everyone if they stop to think about it. You can make your tools better and Linux provides that quite awsomely with all the package management, reconfigurations, kernel compilations and the fact that the darn code is available for anyone to mess with! That is great!

I have been using XP because I am so used to it, and yes I hate it that it has all these wholes but boy has it improved than when it first came out. And so has Mac. There is no one who will say that the first release of OS X was not without its problems. Same thing with XP. I am just trying to not blindly defend XP but to ptovide a balanced argument I guess. OS X is great but a bit slow for the stuff I need to do, and XP is simple but not in the class OS X is. But there are great 3rd party tools like nLite and so on that allow you total control over XP and that is great IMO. That is the next best thing to be given all the code. Microsoft is trying to patch things as well as they can and I have to say they have done a satisfactory job except for the unpatched vulnerabilities...its as if the whole world knows about these vulnerabilities other than Microsoft!

Basically my advice for those who are so paranoid about their security is to go and use the age olf implements of abacus, paper and pencil. The Roman and Greek civilazations were far more splendid in a way than ours and they did it without computers! Bottomline is there will be vulnerabilities, there will be flaws, there will be companies writing bad code on purpose to eke out more money from support. Software is a man-made construct and as such as it is, its imperfect. Deal with it. There is no one tool for the job.

Reply Score: 1

RE[2]: 131 advisories?
by kaiwai on Sun 23rd Apr 2006 05:52 UTC in reply to "RE: 131 advisories?"
kaiwai Member since:
2005-07-06

Mac has the advantage of being based on Unix and all its proven track record whereas XP is written by a company who just wants to make more money and thats their bottomline.

Apple is concerned about making money; thats why they chose not to re-invent the wheel, use a proven concept, and build a great operating system off that; if the technology is out there in source form (Mach/BSD), then why the hell not use that, and lower the costs of development?

Microsoft on the other hand already had a UNIX licence; hell, they sold a UNIX of their own for several years - Xenix, which was based off the AT&T line of UNIX.

Microsoft chose, even with this great basis for a good operating system, to go out and re-invent the wheel, and create their own operating system - NT; the net result is that they isolated themselves from the rest of the technology world; whilst the UNIX companies were learning from security mistakes, improving scalibility, Microsoft was being the proverbial nigel no mate, off with its own marbles, refusing to work with any one.

Here we are now today with the world split into two camps; on one side you have the UNIX world, consisting of the commercial UNIX's and opensource implementations (BSD/Linux), and on the other side we have the Windows world; a half baked, compatibility riddled, security prone API (win32), running ontop of a NIH (Not Invented Here! - http://en.wikipedia.org/wiki/Not_Invented_Here ) kernel which was developed as nothing more than a multimillion dollar 'screw you' to the UNIX world.

Fast foward to today, and with all the millions Microsoft have chucked at the problem, Windows NT still hasn't distablised the UNIX establishment; they may have forced the UNIX world to lower their prices for hardware and software, but at the same time, companies are still willing to spend a premium for the superior solution.

Reply Score: 1

RE[3]: 131 advisories?
by MikeekiM on Sun 23rd Apr 2006 12:54 UTC in reply to "RE[2]: 131 advisories?"
MikeekiM Member since:
2005-11-16

So, tell them to bring back Xenix.

Reply Score: 1

RE: 131 advisories?
by Soulbender on Sat 22nd Apr 2006 11:44 UTC
Soulbender
Member since:
2005-08-18

"Considering that Win has a 95% of market, 131 flaw is very small number."

These two numbers dont really relate to eachother.

Reply Score: 2