Re: OS X security holes so numerous Apple can't keep up...
- From: GreyCloud <mist@xxxxxxxxxxx>
- Date: Wed, 26 Apr 2006 12:43:45 -0600
John Slade wrote:
"GreyCloud" <mist@xxxxxxxxxxx> wrote in message news:LMudncZ-cZMnGtTZRVn-pQ@xxxxxxxxxxxxxx
John Slade wrote:
"Alan Baker" <alangbaker@xxxxxxxxx> wrote in message news:alangbaker-E10895.23555020042006@xxxxxxxxxxxxxxxxx
In article <eJ_1g.50710$_S7.20264@xxxxxxxxxxxxxxxxxxxxxxxxxx>,
"John Slade" <hhitman86@xxxxxxxxxxx> wrote:
"Alan Baker" <alangbaker@xxxxxxxxx> wrote in message
news:alangbaker-335000.20015320042006@xxxxxxxxxxxxxxxxx
In article <xuX1g.29833$BL7.23262@xxxxxxxxxxxxxxxxxxxxxx>,
Stew <antwun@xxxxxxxxx> wrote:
http://www.security-protocols.com/modules.php?name=News&file=article&sid=32
33
Scary! Did chimps code OS X?
Let's take them one by one:
"Apple OS X 10.4.5 .tiff "LZWDecodeVector ()" Heap Overflow"
His own links says:
"Solution:
This issue was silently fixed by Apple in update 10.4.6.
http://docs.info.apple.com/article.html?artnum=303411";
<URL:http://www.security-protocols.com/sp-x24-advisory.php>
IOW, fixed; a non-issue.
Actually you are incorrect. It is an issue to those who don't upgrade to
get the fix. Why that happened to Windows 2000 users a while back. However
the Mackooks didn't blame the people who didn't upgrade, they heaped the
entire blame on Windows itself.
When the original article states:
'From what I have been told, they "will be fixed in the next security
release".'
...it kind of destroys the author's credibility to present something
that's already been fixed, don't you think?
No. I mean just look at the Windows situation. There was an exploit or virus in Windows 2000. Microsoft issued a patch that fixed the problem. However many businesses didn't want to upgrade because it involved reboting for the fix to take effect. Sometimes the upgrade makes Windows incompatible with the current versions of the specialized software they run. So, when the exploit is taken advantage of of the virus is spread, their computers fell. This is not a platform specific issue. In Unix and Linux OSes, upgrades are not performed because a reboot is needed.
That isn't necessarily true. On Solaris, you can do a live upgrade without a reboot in most instances. Depends on what gets upgraded.
I'm talking about system files that are being used. It might require a logout or a reboot. Tell me this, do updates for OS X require reboot from time to time?
Yes it does, but not all updates require a reboot.
System files on Solaris can be upgraded while the o/s is running, BTW.
That's what Sun is trying to do by not interferring with users on a large system during an o/s update.
It's pretty stupid to not report an exploit because a fix exists.
Except for a hacker. They love those types of exploits.
And Apple. They seem to want to keep it quiet enough.
So does M$. They even chastised a company for going public on some of their problems. That's corporations for ya.
That's just plain crazy. I'm curious as to why Apple didn't make the exploit more widely known and give instructions to users on how to protect themselves.
Don't forget about that company that did expose an exploit and M$ sort of got pissed off about it.
Microsoft can be just as bad. That's pretty kiddish to say, " Well Microsoft did it so Apple doing it isn't bad." No it's wrong no matter who does it.
Of course. I'm not apologizing for ANY companies behaviour.
I have quite a few pet peves about Microsoft's business practices and Windows XP. I tend to find the bad points in any OS.
There are always bad points to any o/s. It is just that most os/es have fewer bad points than others.
Apple would probably use the excuse that they didn't want to tell the hackers about the exploit so they couldn't take advantage. That would be pretty dumb for them to do. Apple probably kept it quiet because now that Apple makes Intel based compuers, their main selling point is becoming the malware issue. It wouldn't help to press that point and then issue a statement saying there is a mile wide security hole in OS X. Wake up.
When are you guys going to give up on this malware hype that really
doesn't do much to a system? I mean if we listened to the nuts in here like
Jimmy Lee and Polaski, we would stupidly think that Windows XP is just plain
unusable. That is very far from the case.
I'm not hyping anything. I'm debunking.
Debunking what? The exploit exists and posses a clear and present danger to Mac users who haven't upgraded.
Along with the windows camp as well, only it is worse there.
Here we go again. Trying to turn this into a Windows is worse issue.
So far, M$ track record isn't anything to brag about if not one to complain about.
Actually when you talking about worse, you must mean because of volume and not technology.
No, real problems that they have no real incentive to fix.
When you are the monopoly why fix it?
--
Where are we going?
And why am I in this handbasket?
.
- References:
- OS X security holes so numerous Apple can't keep up...
- From: Stew
- Re: OS X security holes so numerous Apple can't keep up...
- From: Alan Baker
- Re: OS X security holes so numerous Apple can't keep up...
- From: John Slade
- Re: OS X security holes so numerous Apple can't keep up...
- From: Alan Baker
- Re: OS X security holes so numerous Apple can't keep up...
- From: John Slade
- Re: OS X security holes so numerous Apple can't keep up...
- From: GreyCloud
- Re: OS X security holes so numerous Apple can't keep up...
- From: John Slade
- OS X security holes so numerous Apple can't keep up...
- Prev by Date: Re: OS X security holes so numerous Apple can't keep up...
- Next by Date: Re: OS X security holes so numerous Apple can't keep up...
- Previous by thread: Re: OS X security holes so numerous Apple can't keep up...
- Next by thread: Re: OS X security holes so numerous Apple can't keep up...
- Index(es):
Relevant Pages
|
