Re: OS X security holes so numerous Apple can't keep up...


"GreyCloud" <mist@xxxxxxxxxxx> wrote in message
news:LMudncZ-cZMnGtTZRVn-pQ@xxxxxxxxxxxxxx
John Slade wrote:

"Alan Baker" <alangbaker@xxxxxxxxx> wrote in message
news:alangbaker-E10895.23555020042006@xxxxxxxxxxxxxxxxx

In article <eJ_1g.50710$_S7.20264@xxxxxxxxxxxxxxxxxxxxxxxxxx>,
"John Slade" <hhitman86@xxxxxxxxxxx> wrote:


"Alan Baker" <alangbaker@xxxxxxxxx> wrote in message
news:alangbaker-335000.20015320042006@xxxxxxxxxxxxxxxxx

In article <xuX1g.29833$BL7.23262@xxxxxxxxxxxxxxxxxxxxxx>,
Stew <antwun@xxxxxxxxx> wrote:


http://www.security-protocols.com/modules.php?name=News&file=article&sid=32
33

Scary! Did chimps code OS X?

Let's take them one by one:

"Apple OS X 10.4.5 .tiff "LZWDecodeVector ()" Heap Overflow"

His own links says:

"Solution:
This issue was silently fixed by Apple in update 10.4.6.
http://docs.info.apple.com/article.html?artnum=303411";

<URL:http://www.security-protocols.com/sp-x24-advisory.php>

IOW, fixed; a non-issue.

Actually you are incorrect. It is an issue to those who don't
upgrade to
get the fix. Why that happened to Windows 2000 users a while back.
However
the Mackooks didn't blame the people who didn't upgrade, they heaped the
entire blame on Windows itself.

When the original article states:

'From what I have been told, they "will be fixed in the next security
release".'

...it kind of destroys the author's credibility to present something
that's already been fixed, don't you think?


No. I mean just look at the Windows situation. There was an exploit
or virus in Windows 2000. Microsoft issued a patch that fixed the
problem. However many businesses didn't want to upgrade because it
involved reboting for the fix to take effect. Sometimes the upgrade makes
Windows incompatible with the current versions of the specialized
software they run. So, when the exploit is taken advantage of of the
virus is spread, their computers fell. This is not a platform specific
issue. In Unix and Linux OSes, upgrades are not performed because a
reboot is needed.

That isn't necessarily true. On Solaris, you can do a live upgrade
without a reboot in most instances. Depends on what gets upgraded.


I'm talking about system files that are being used. It might require a
logout or a reboot. Tell me this, do updates for OS X require reboot from
time to time?



It's pretty stupid to not report an exploit because a fix exists.

Except for a hacker. They love those types of exploits.

And Apple. They seem to want to keep it quiet enough.



That's just plain crazy. I'm curious as to why Apple didn't make the
exploit more widely known and give instructions to users on how to
protect themselves.

Don't forget about that company that did expose an exploit and M$ sort of
got pissed off about it.

Microsoft can be just as bad. That's pretty kiddish to say, " Well
Microsoft did it so Apple doing it isn't bad." No it's wrong no matter who
does it. I have quite a few pet peves about Microsoft's business practices
and Windows XP. I tend to find the bad points in any OS.


Apple would probably use the excuse that they didn't want to tell the
hackers about the exploit so they couldn't take advantage. That would be
pretty dumb for them to do. Apple probably kept it quiet because now that
Apple makes Intel based compuers, their main selling point is becoming
the malware issue. It wouldn't help to press that point and then issue a
statement saying there is a mile wide security hole in OS X. Wake up.


When are you guys going to give up on this malware hype that really
doesn't do much to a system? I mean if we listened to the nuts in here
like
Jimmy Lee and Polaski, we would stupidly think that Windows XP is just
plain
unusable. That is very far from the case.

I'm not hyping anything. I'm debunking.


Debunking what? The exploit exists and posses a clear and present
danger to Mac users who haven't upgraded.


Along with the windows camp as well, only it is worse there.

Here we go again. Trying to turn this into a Windows is worse issue.
Actually when you talking about worse, you must mean because of volume and
not technology.

John


.

Relevant Pages

  • Re: OS X security holes so numerous Apple cant keep up...
    ... This issue was silently fixed by Apple in update 10.4.6. ... It is an issue to those who don't upgrade to ... Why that happened to Windows 2000 users a while back. ... System files on Solaris can be upgraded while the o/s is running, ...
    (comp.sys.mac.advocacy)
  • Re: OS X security holes so numerous Apple cant keep up...
    ... This issue was silently fixed by Apple in update 10.4.6. ... Why that happened to Windows 2000 users a while back. ... the Mackooks didn't blame the people who didn't upgrade, ... for the fix to take effect. ...
    (comp.sys.mac.advocacy)
  • Re: OS X security holes so numerous Apple cant keep up...
    ... This issue was silently fixed by Apple in update 10.4.6. ... It is an issue to those who don't upgrade ... Why that happened to Windows 2000 users a while back. ... the same kinds problems that effected Windows computers also effect Unix, ...
    (comp.sys.mac.advocacy)
  • Re: OS X security holes so numerous Apple cant keep up...
    ... This issue was silently fixed by Apple in update 10.4.6. ... Why that happened to Windows 2000 users a while back. ... the Mackooks didn't blame the people who didn't upgrade, ... for the fix to take effect. ...
    (comp.sys.mac.advocacy)
  • Re: OS X security holes so numerous Apple cant keep up...
    ... This issue was silently fixed by Apple in update 10.4.6. ... It is an issue to those who don't upgrade ... Why that happened to Windows 2000 users a while back. ... for the fix to take effect. ...
    (comp.sys.mac.advocacy)