Re: OS X security holes so numerous Apple can't keep up...


"Alan Baker" <alangbaker@xxxxxxxxx> wrote in message
news:alangbaker-E10895.23555020042006@xxxxxxxxxxxxxxxxx
In article <eJ_1g.50710$_S7.20264@xxxxxxxxxxxxxxxxxxxxxxxxxx>,
"John Slade" <hhitman86@xxxxxxxxxxx> wrote:

"Alan Baker" <alangbaker@xxxxxxxxx> wrote in message
news:alangbaker-335000.20015320042006@xxxxxxxxxxxxxxxxx
In article <xuX1g.29833$BL7.23262@xxxxxxxxxxxxxxxxxxxxxx>,
Stew <antwun@xxxxxxxxx> wrote:

http://www.security-protocols.com/modules.php?name=News&file=article&sid=32
33

Scary! Did chimps code OS X?

Let's take them one by one:

"Apple OS X 10.4.5 .tiff "LZWDecodeVector ()" Heap Overflow"

His own links says:

"Solution:
This issue was silently fixed by Apple in update 10.4.6.
http://docs.info.apple.com/article.html?artnum=303411";

<URL:http://www.security-protocols.com/sp-x24-advisory.php>

IOW, fixed; a non-issue.

Actually you are incorrect. It is an issue to those who don't upgrade
to
get the fix. Why that happened to Windows 2000 users a while back.
However
the Mackooks didn't blame the people who didn't upgrade, they heaped the
entire blame on Windows itself.

When the original article states:

'From what I have been told, they "will be fixed in the next security
release".'

...it kind of destroys the author's credibility to present something
that's already been fixed, don't you think?

No. I mean just look at the Windows situation. There was an exploit or
virus in Windows 2000. Microsoft issued a patch that fixed the problem.
However many businesses didn't want to upgrade because it involved reboting
for the fix to take effect. Sometimes the upgrade makes Windows incompatible
with the current versions of the specialized software they run. So, when the
exploit is taken advantage of of the virus is spread, their computers fell.
This is not a platform specific issue. In Unix and Linux OSes, upgrades are
not performed because a reboot is needed. The files that need to be upgraded
are in memory and being used so the computer has to be rebooted. Sometimes
the same kinds problems that effected Windows computers also effect Unix, OS
X(Darwin Unix) and Linux.

It's pretty stupid to not report an exploit because a fix exists.
That's just plain crazy. I'm curious as to why Apple didn't make the exploit
more widely known and give instructions to users on how to protect
themselves. Apple would probably use the excuse that they didn't want to
tell the hackers about the exploit so they couldn't take advantage. That
would be pretty dumb for them to do. Apple probably kept it quiet because
now that Apple makes Intel based compuers, their main selling point is
becoming the malware issue. It wouldn't help to press that point and then
issue a statement saying there is a mile wide security hole in OS X. Wake
up.



When are you guys going to give up on this malware hype that really
doesn't do much to a system? I mean if we listened to the nuts in here
like
Jimmy Lee and Polaski, we would stupidly think that Windows XP is just
plain
unusable. That is very far from the case.

I'm not hyping anything. I'm debunking.

Debunking what? The exploit exists and posses a clear and present danger
to Mac users who haven't upgraded.

John


.

Relevant Pages

  • Re: In the Shallow End
    ... You have the Gnu compiler that can do it. ... No one wanted NT because they had better o/ses for these archs, like OpenVMS or Tru-64 UNIX and better tools. ... you'd have known why it is easier to do in UNIX compared to Windows NT and its later revisions. ... That's mistaken; Apple has added ...
    (comp.sys.mac.advocacy)
  • Re: Apple Notebook
    ... die gerne mit Unix Befehlen arbeiten und sich freuen, ... mich stören weder UNIX-Befehle (neben Mac OS X benutze ich selbst z.B. u.A. auch HP-UX, UNIX ist für mich also kein Fremder) noch Leute, die mit ihrem Mac zufrieden sind. ... Mich stört auch nicht, dass Windows mit Ausnahme von Windows Server 2003 R2 keine UNIX-Befehle kann, genauer gesagt geht mir das ziemlich am Allerwertesten vorbei, einfach weil der Bedarf nicht vorhanden ist. ... Und das nicht nur deswegen, weil Apple schlichtweg keinen professionellen Support anbietet, sondern weil die Masse der wichtigen Anwendungen eben nicht unter Mac OS X läuft, sondern unter Windows oder allenfalls noch Linux. ...
    (de.comp.sys.notebooks)
  • Re: OS X security holes so numerous Apple cant keep up...
    ... This issue was silently fixed by Apple in update 10.4.6. ... It is an issue to those who don't upgrade to ... Why that happened to Windows 2000 users a while back. ... System files on Solaris can be upgraded while the o/s is running, ...
    (comp.sys.mac.advocacy)
  • Re: OS X security holes so numerous Apple cant keep up...
    ... This issue was silently fixed by Apple in update 10.4.6. ... Why that happened to Windows 2000 users a while back. ... the Mackooks didn't blame the people who didn't upgrade, ... for the fix to take effect. ...
    (comp.sys.mac.advocacy)
  • Re: Cult Of Mac Members List
    ... As a user fo Apple computers myself, ... Actually I find most Mac users in here to be informed. ... found in OS X than Windows XP. ... So are Linux and Unix users. ...
    (comp.sys.mac.advocacy)