Re: OS X security holes so numerous Apple can't keep up...

In article <4kb2g.50832$_S7.21639@xxxxxxxxxxxxxxxxxxxxxxxxxx>,
"John Slade" <hhitman86@xxxxxxxxxxx> wrote:

"Alan Baker" <alangbaker@xxxxxxxxx> wrote in message
news:alangbaker-E10895.23555020042006@xxxxxxxxxxxxxxxxx
In article <eJ_1g.50710$_S7.20264@xxxxxxxxxxxxxxxxxxxxxxxxxx>,
"John Slade" <hhitman86@xxxxxxxxxxx> wrote:

"Alan Baker" <alangbaker@xxxxxxxxx> wrote in message
news:alangbaker-335000.20015320042006@xxxxxxxxxxxxxxxxx
In article <xuX1g.29833$BL7.23262@xxxxxxxxxxxxxxxxxxxxxx>,
Stew <antwun@xxxxxxxxx> wrote:

http://www.security-protocols.com/modules.php?name=News&file=article&sid
=32
33

Scary! Did chimps code OS X?

Let's take them one by one:

"Apple OS X 10.4.5 .tiff "LZWDecodeVector ()" Heap Overflow"

His own links says:

"Solution:
This issue was silently fixed by Apple in update 10.4.6.
http://docs.info.apple.com/article.html?artnum=303411";

<URL:http://www.security-protocols.com/sp-x24-advisory.php>

IOW, fixed; a non-issue.

Actually you are incorrect. It is an issue to those who don't upgrade
to
get the fix. Why that happened to Windows 2000 users a while back.
However
the Mackooks didn't blame the people who didn't upgrade, they heaped the
entire blame on Windows itself.

When the original article states:

'From what I have been told, they "will be fixed in the next security
release".'

...it kind of destroys the author's credibility to present something
that's already been fixed, don't you think?

No. I mean just look at the Windows situation. There was an exploit or
virus in Windows 2000. Microsoft issued a patch that fixed the problem.
However many businesses didn't want to upgrade because it involved reboting
for the fix to take effect. Sometimes the upgrade makes Windows incompatible
with the current versions of the specialized software they run. So, when the
exploit is taken advantage of of the virus is spread, their computers fell.
This is not a platform specific issue. In Unix and Linux OSes, upgrades are
not performed because a reboot is needed. The files that need to be upgraded
are in memory and being used so the computer has to be rebooted. Sometimes
the same kinds problems that effected Windows computers also effect Unix, OS
X(Darwin Unix) and Linux.

It's pretty stupid to not report an exploit because a fix exists.

It's even stupider to report that there isn't a fix available yet...


....WHEN THERE IS A FIX!

That's just plain crazy. I'm curious as to why Apple didn't make the exploit
more widely known and give instructions to users on how to protect
themselves. Apple would probably use the excuse that they didn't want to
tell the hackers about the exploit so they couldn't take advantage. That
would be pretty dumb for them to do. Apple probably kept it quiet because
now that Apple makes Intel based compuers, their main selling point is
becoming the malware issue. It wouldn't help to press that point and then
issue a statement saying there is a mile wide security hole in OS X. Wake
up.



When are you guys going to give up on this malware hype that really
doesn't do much to a system? I mean if we listened to the nuts in here
like
Jimmy Lee and Polaski, we would stupidly think that Windows XP is just
plain
unusable. That is very far from the case.

I'm not hyping anything. I'm debunking.

Debunking what? The exploit exists and posses a clear and present danger
to Mac users who haven't upgraded.

I'm debunking the author's claims. He claims a bunch of stuff, I show
that he's getting at least some of it wrong. It suggests strongly that
he doesn't actually know what's going on.

And you don't know that it presents any danger at all. He says it "may",
but then he also says it hasn't been fixed yet...

....WHEN IT HAS!

--
Alan Baker
Vancouver, British Columbia
"If you raise the ceiling 4 feet, move the fireplace from that wall
to that wall, you'll still only get the full stereophonic effect
if you sit in the bottom of that cupboard."
.

Relevant Pages

  • Re: OS X security holes so numerous Apple cant keep up...
    ... This issue was silently fixed by Apple in update 10.4.6. ... Why that happened to Windows 2000 users a while back. ... the Mackooks didn't blame the people who didn't upgrade, ... for the fix to take effect. ...
    (comp.sys.mac.advocacy)
  • Re: OS X security holes so numerous Apple cant keep up...
    ... This issue was silently fixed by Apple in update 10.4.6. ... It is an issue to those who don't upgrade to ... Why that happened to Windows 2000 users a while back. ... System files on Solaris can be upgraded while the o/s is running, ...
    (comp.sys.mac.advocacy)
  • Re: RTHDCPL.EXE - Illegal System DLL Relocation
    ... I'm strongly believe that comes from Windows upgrade issue, ... It's ridiculous to have to fix a problem that was created by microsoft. ... a service called quickstart.exe brings up the Illegal System DLL ...
    (microsoft.public.windows.mediacenter)
  • Re: OS X security holes so numerous Apple cant keep up...
    ... This issue was silently fixed by Apple in update 10.4.6. ... Why that happened to Windows 2000 users a while back. ... the Mackooks didn't blame the people who didn't upgrade, ... for the fix to take effect. ...
    (comp.sys.mac.advocacy)
  • Re: OS X security holes so numerous Apple cant keep up...
    ... This issue was silently fixed by Apple in update 10.4.6. ... It is an issue to those who don't upgrade ... Why that happened to Windows 2000 users a while back. ... the same kinds problems that effected Windows computers also effect Unix, ...
    (comp.sys.mac.advocacy)