Linked by Thom Holwerda on Tue 19th May 2009 22:20 UTC
Mac OS X Six months ago, a certain security flaw in Java was fixed by Sun. This flaw was present in OpenJDK, GIJ, icedtea and Sun's JRE, but it got fixed in those. There's one important shipping Java implementation that still has not been fixed to remove this security flaw: Apple's Java.
Thread beginning with comment 364472
To read all comments associated with this story, please click here.
Huge molehill or small mountain?
by bousozoku on Wed 20th May 2009 01:24 UTC
bousozoku
Member since:
2006-01-23

I'm shaking my head again. Is anything but hardware of interest to Apple now?

I understand the need to make money to keep the company going, but how long will all but the most fanatical accept the company's complete disregard for reality and security?

I like most of what the company does, but this is no way to encourage new purchases. Sure Mac OS X is reasonably secure by default, but Apple, what have you done for me lately?

Reply Score: 2

jabbotts Member since:
2007-09-06

I'm sure they'll fix it after the first Apple machine falls in next year's Pwn2Own. ;)

Seriously though, they probably stuffed the patches in with the next OS release as they've done with proper sandboxing around safari and those other niceties that make breaking osX easy.

(It's a bit of irony to learn that Windows actually has better security mechanisms in place than osX. The security researcher's disagree with the marketing.)

Reply Parent Score: 2

bousozoku Member since:
2006-01-23

I'm sure they'll fix it after the first Apple machine falls in next year's Pwn2Own. ;)

Seriously though, they probably stuffed the patches in with the next OS release as they've done with proper sandboxing around safari and those other niceties that make breaking osX easy.

(It's a bit of irony to learn that Windows actually has better security mechanisms in place than osX. The security researcher's disagree with the marketing.)


I don't like to wait for them. Since Avie Tevanian left the company, they've become far too reckless in their software, as if they're doing it purposely to sell new hardware.

All the security bits in Windows would mean something if Microsoft removed ActiveX, but it's still a security leak by design and no matter how many UAC dialogues appear, you can't change people. You can lead a horse to water, but you can't make him think, as I say.

Reply Parent Score: 2

Lennie Member since:
2007-09-22

What is bad, is Apple base their software partly on Open Source and when Open Source project X fixes something, Apple doesn't ship the fixes to the users.

Reply Parent Score: 1