Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Releases Security Update 2003-03-24

Posted by pudge on from the lolly-lolly-lolly-get-your-security-related-update-here dept.

skeeter17 writes "Apple updates security again. According the description: 'Security Update 2002-03-24 addresses a Samba vulnerability which could allow unauthorized remote access to the host system. .... OpenSSL is also updated to address an issue in which RSA private keys can be compromised when communicating over LANs, Internet2/Abilene, and interprocess communication on local machine. ... It is recommended that all users install this Security Update.' Well! There you have it folks!" It is available via Software Update.

8 of 58 comments (clear)

  1. Dance! by blackmonday · · Score: 4, Funny

    ALERT: There is still known vulnerabilities with the Cha Cha Cha, the Cabbage Patch, and especially the Boogaloo. You've been warned.

  2. Macs rock. ;) by Justen · · Score: 4, Interesting

    I think it is quite admirable that Apple is so dedicated to these security updates. Certainly there is one other operating system software company in the world that isn't as vigilant. *cough*

    I know at work, whenever an exploitation was discovered on the PC, the IT department would wait and wait. After several weeks, when problems started happening, they would issue an advisory, telling the people workarounds and what not to do and such until an update happened.

    They never did that for the marketing/communications Macs. The reasons are threefold:

    a.) there are fewer exploits in Mac OS X's old age (read: UNIX/FreeBSD/Darwin),

    b.) when there are holes, they are patched, almost always very, very promptly.

    c.) they were afraid of the Macs, anyway.

    I think the latter is the least substantial, but, nonetheless, still relevant.

    Anyway. I wanted to make a note of this. I don't see how there's much else that we can regularlly pony up in Software Update discussions...

    justen

  3. Re:Why don't you just get a REAL operating system. by Pathwalker · · Score: 5, Funny

    Microsoft file sharing is the most secure in the world. In fact, you don't even need to use a firewall with Windows.

    That's right - all you need to do is leave your box hooked up to the network with no firewall, and in less than 5 minutes, one of a large number of dedicated volunteers will scan your system for any security flaws. If any are found, this tireless worker will log into your box, and install any necessary patches for you.

    Don't worry if the disk thrashes from time to time, or if there is a lot of network activity, these are just symptoms of the high level of careful service you are receiving from your unknown friend.

    To ensure the best service, be sure to tip him, by putting your credit card number, zip code, expiration date, SSN, and a suggested tip amount in a file called c:\tip.txt. A little gesture like this can go a long way!

  4. Not even Apple's updates by daveschroeder · · Score: 4, Insightful

    And let's not forget that these security updates are due to exploits and holes in the software of the OSS community at large (sendmail, samba, openssl, openssh), not due to Apple's own bungling or inattention to security.

    1. Re:Not even Apple's updates by nycroft · · Score: 4, Insightful

      Absolutely! I forgot, sorry.

      Let's face it: If you compare Apple's software AND hardware innovation to any other company, they stand up extremely well. Apple is a company that is doing both at the same time. Any other company would have folded by now (they were getting pretty close in the late '90s), but they seem to be able to keep setting trends and making money to boot. I'd like to see MS try and pull that off. They seem to be going backwards compared to Apple.

      --
      Mr. Bond, they have a saying in Chicago: Once is happenstance. Twice is coincidence. The third time is enemy action.
  5. Yes, I agree...MS is trash by djupedal · · Score: 4, Insightful

    This patch is for SAMBA...which is a Windows file sharing protocal. Go figure.

    I know the parent is a troll. Last one I feed today, I promise.

  6. Re:They're doin' better than Microsoft by Alcimedes · · Score: 4, Funny

    well, sounds to me like Apple is slacking off then. i mean, WinXP has already released DOZENS of megs of security patches. come on Apple, get off your can. only two updates.

    slackers!!!! ;)

  7. Re:Macs rock. ;) by WatertonMan · · Score: 4, Informative
    You can still recompile most of the Apple utilities that have these patches. Indeed if you are using Apache on a production machine using OSX you are probably better off compiling the code so that you *know* exactly what is going on. For most machines that is less significant.

    Put an other way, you're right, but your confusing Apple's software with the code. Most of the services on OSX are open source and to say that "they are slower to release fixes than open source" rather misses the forest for the trees. (Or vice versa) What Apple does is provide a quick, easy update for regular users who don't want to deal with the complexities of compiling their open source programs. As such Apple reacts very timely and does a lot of checking.

    So to differentiate Apple's security and open source's security is a false dichotomy.