Linked by Thom Holwerda on Fri 23rd Jan 2015 23:00 UTC
Mac OS X

Don't look now, but Google's Project Zero vulnerability research program may have dropped more zero-day vulnerabilities - this time on Apple's OS X platform.

In the past two days, Project Zero has disclosed OS X vulnerabilities here, here, and here. At first glance, none of them appear to be highly critical, since all three appear to require the attacker to already have some access to a targeted machine. What's more, the first vulnerability, the one involving the "networkd 'effective_audit_token' XPC," may already have been mitigated in OS X Yosemite, but if so the Google advisory doesn't make this explicit and Apple doesn't publicly discuss security matters with reporters.

You'd think a writer at Ars Technica was aware of what a zero-day is. These are 90-days, meaning Google is giving - int his case - Apple two to three times as long as industry sort-of standard (which is 30-45 days). Of course, Google dropping zero-days on Apple will draw a lot more clicks, but that doesn't make it any less bullshit. Then again, it isn't like this is the first time this particular author sensationalises to the point of ridiculousness.

The other points from before, of course, still stand. In addition, it'd be great if other companies started combing through Google's stuff too.

Order by: Score:
Comment by hobgoblin
by hobgoblin on Sat 24th Jan 2015 09:44 UTC
hobgoblin
Member since:
2005-07-06

Sadly just about the only section not going for sensationalism at Ars these days is science. The rest is click bait titles, Apple fawning (massively cross posted across the other sections), and net neutrality rants.

Apparently over on Reddit /r/netsec has banned the posting of Ars Technica articles.

Makes one really miss the days of Hannibal deep diving CPU architecture.

Reply Score: 3

Comment by XtoF
by XtoF on Sat 24th Jan 2015 17:54 UTC
XtoF
Member since:
2015-01-24

I'm a daily Arstechnica reader for almost fifteen years. Unfortunately, the quality of their articles is lower lately.
More, some of them are quite poor!

Reply Score: 1

RE: Comment by XtoF
by Alfman on Sun 25th Jan 2015 08:15 UTC in reply to "Comment by XtoF"
Alfman Member since:
2011-01-28

Haha, it's just another instance of shoddy journalism in the US. We are nearing the complete extinction real independent investigative reporting. Modern news sources consist of poorly researched blog-quality material and talking heads thoughtlessly spewing commentary from a concentrated echo chamber.

Conan Obrien puts this to light using an eye-opening piece which is simultaneously extremely funny as well as tragic.

https://www.youtube.com/watch?v=TM8L7bdwVaA

And Another:

https://www.youtube.com/watch?v=GME5nq_oSR4


Independent news departments have hit rough economic times and are in the unenviable position of firing staff, outsourcing, consolidating, or otherwise closing shop. Consolidation has dramatically changed the landscape.

http://www.businessinsider.com/these-6-corporations-control-90-of-t...

Ultimately this is a side effect of shifting large sums of advertising dollars away from traditional media outlets to new advertising companies like google, who don't invest anything in journalism.

Edited 2015-01-25 08:21 UTC

Reply Score: 4

RE[2]: Comment by XtoF
by torp on Sun 25th Jan 2015 09:33 UTC in reply to "RE: Comment by XtoF"
torp Member since:
2010-08-10

Hmm. Speaking of the deterioration of journalism... do your youtube links have transcripts somewhere? Life's too short to watch a talking head when I can go through the same amount of information as text in 1/5 of the time...

Reply Score: 0

RE[3]: Comment by XtoF
by Alfman on Sun 25th Jan 2015 10:04 UTC in reply to "RE[2]: Comment by XtoF"
Alfman Member since:
2011-01-28

torp,

Hmm. Speaking of the deterioration of journalism... do your youtube links have transcripts somewhere? Life's too short to watch a talking head when I can go through the same amount of information as text in 1/5 of the time...


Seriously? Had you just skimmed through the clip rather than complaining to me about deteriorating journalism, you would have gotten the idea. And frankly the video makes a far stronger point than words on a page. I even prefixed the links with the fact that they were Conan Obrien, so if he's not worth your time then you could have just skipped it and saved more time. You're welcome.

Edited 2015-01-25 10:17 UTC

Reply Score: 3

RE[4]: Comment by XtoF
by torp on Sun 25th Jan 2015 10:39 UTC in reply to "RE[3]: Comment by XtoF"
torp Member since:
2010-08-10

We'll have to agree to disagree I'm afraid.
Also, this Conan O'Brien might be a celebrity on the news sites you read, but not on the ones I read.

Reply Score: 1

RE: Comment by XtoF
by torp on Sun 25th Jan 2015 09:31 UTC in reply to "Comment by XtoF"
torp Member since:
2010-08-10

I'm a daily Arstechnica reader for almost fifteen years. Unfortunately, the quality of their articles is lower lately.
More, some of them are quite poor!

I *was* a daily Arstechnica reader. These days I'm biweekly, and I mostly look at the headlines and move along ;)

Reply Score: 1