Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Uncommunicative About Security Holes

Posted by pudge on from the raising-you-one-worm dept.

blackmonday writes "Kieren McCarthy of Techworld argues that Mac OS X is rife with security holes, and that Apple is doing a 'half-hearted' job of patching their operating system security holes, and has a 'strange habit of pretending a big problem is of no significance.' As a Mac user I find this an intriguing article in light of the Sasser Worm and its recent variants." Despite the article's assertions, no evidence of widespread security problems, or lack of effort to solve them, is offered. The only real question is Apple's lack of communication with the public in the nature of the problems.

22 of 573 comments (clear)

  1. This could be pretty serious by Anonymous Coward · · Score: 5, Funny

    What people fail to realize is that there are literally hundreds, if not thousands, of people own Macs and many of them are now connected to the Internet.

    Imagine the havoc an OSX based worm would wreak at an art school or a large interior design firm. This kind of stuff needs to be taken more seriously by Apple.

    1. Re:This could be pretty serious by Kenja · · Score: 2, Funny
      "Imagine the havoc an OSX based worm would wreak at an art school or a large interior design firm."

      It could delete all dem perdy pictures!

      --

      "Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
    2. Re:This could be pretty serious by arfuni · · Score: 5, Funny

      Look buddy, this isn't a laughing matter. Starbucks locations with wireless access points would be torn with the chaos of obnoxious PowerBook owners complaining to cute barristas who would subject the internet to even more Livejournal and blog whining.

    3. Re:This could be pretty serious by philge · · Score: 2, Funny

      what you need to realise is the average density of macs around mac is very low. I work in an organisation with about 20 macs but 97% of the machines we connect to out side are PC's. It is very difficult for us to receive malicious code from a mac or to send it out to other macs. This is because of sampling error and the small percentage of macs in the world. For us to be infected, the virus would have to be cross platform. Which would mean to infect that mac's first you have to infect the PC's. While it is not inconceivable that this could happen it is pretty difficult and places a significant barrier to Mac pathocode. In other words my mac is being protectd by hordes of PC's that die for me every day. I am thankful. The cost of malicious code is doubleing every year and will soon make the windows platform untenable. With a few years pathocode will reach a crisis and be of threat to national security. Urgent action is required by government to combat the platform monculture. If some thing is not doen in the next six months I think we will see catastrophic failures. Patches are not the soluton, diversity is the only solution. Consumers must accept the blame

    4. Re:This could be pretty serious by Aquafort · · Score: 2, Funny
      Have you actually talked to some art students lately? Aside from people that are actually doing computer graphics work, their computer skills (in general) are pitiful. Having a Mac does not help this - in fact, it gives them even less incentive to actually learn how their computer works beyond "double-click the cute little icon to open IE/AIM/Photoshop/etc.".

      Have you actually talked to some computer people lately? Their agriculture and animal husbandry skills are (in general) pitiful. Having modern supermarkets does not help this - in fact, it gives them even less incentive to actually learn how their food is produced beyond "go to the meat counter for some hamburger and stop by the produce section for some lettuce/onions/tomatoes/etc."

  2. Re:A strategy by Anonymous Coward · · Score: 2, Funny
    Not.

    Wayne's World, Wayne's World, party time, excellent!

    p.s. find a new method of sarcasm!

  3. I couldn't pass this up, folks... by revolvement · · Score: 4, Funny

    ...an "Apple", with "holes" in it, which could be exploited by "Worms"...


    Well, I thought it was funny, at least.

  4. Re:Reasons why... by Anonymous Coward · · Score: 5, Funny

    You are correct sir! It's not like Microsoft released the patch for the Welchia worm a month before the worms release or anything!

  5. Well of course by onebuttonmouse · · Score: 2, Funny

    Why should Apple take exploits in OS X seriously? Isn't it true that vulnerabilities are never exploited until a patch is available?

    --
    MacBook Pro. Worst name since the Bicycle
  6. Re:Reasons why... by duffbeer703 · · Score: 5, Funny

    You obviously don't understand the fact that Steve Jobs is a genius. I once witnessed Steve turn a barrel of rocks into gold bricks. The man is amazing.

    OS X holes aren't problems, but opportunities for Mac users who "Think Different." to explore the creative possibilities of their Mac from a new, unique and artful perspective.

    Apple is a corporation that cares about and nurtures the creative class of our society. "Security" is just another word for mindless oppression by the man.

    Microsoft is just and evil corporation in it for the money, and they put holes in their software to sell more stuff!

    --
    Conformity is the jailer of freedom and enemy of growth. -JFK
  7. Re:Wow, this is pointless by killjoe · · Score: 2, Funny

    DO they ship apache with every copy of mac os x?

    --
    evil is as evil does
  8. Re:No, YOU have jumped the shark... by duffbeer703 · · Score: 1, Funny

    You are obviously an Apple-basher. The "white spots" were an undocumented feature that enhanced powerbook usability.

    --
    Conformity is the jailer of freedom and enemy of growth. -JFK
  9. Re:No, YOU have jumped the shark... by blobbo · · Score: 2, Funny

    You obviously care too much. This is your 5th sarcastic post on this topic alone. What on earth happened to you to make you sit on Slashdot, reloading this topic and posting over and over?

  10. Re:Keeping quiet makes perfect sense to me! by aristotle-dude · · Score: 2, Funny

    1. Paranoia is not healthy. 2. We are talking about home user's here, not ./ readers. 3. Exposing vulnerabilities only helps out the script kiddies and virus/trojan writers. They can write and release an exploit long before a patch comes out.

    --
    Jesus was a compassionate social conservative who called individuals to sin no more.
  11. Re:Reasons why... by jcr · · Score: 1, Funny

    Apple does not ignore security issues. They're taken very seriously, and fixed ASAP.

    -jcr

    --
    The only title of honor that a tyrant can grant is "Enemy of the State."
  12. Re:Reasons why... by Anonymous Coward · · Score: 1, Funny

    And it's not like the didn't release a working patch for the RPC for months... and it's not like they don't ship 12 products that enable msql servers by default.

    Nothing like a bit of slammer in the morning to really test out your network team's response time.

  13. Re:Moles here? by Aquafort · · Score: 2, Funny
    And why do similar comments like "security through obscurity" come up here as criticism when little or no real examples are shown via the article? Is this place (and the web) being used for a FUD campaign?

    I suspect it has more to do with some people's masochistic desire to make themselves look idiotic by bandying about terminology they obviously don't understand. Apparently "security through obscurity" now means things like not providing the world with step-by-step instructions for accessing your machine. I guess keeping your passwords secret is also "security through obscurity" now too.

    I'm sure it's waaaay too much to ask all these parroting dumbasses to actually read a book on security. So let's just make fun of them.

  14. Apple conspiracy by Zareste · · Score: 2, Funny

    Yeah, those damn companies. Bad bad bad! You think you can hide these inexistent flaws? These null security holes!? You think you can keep the public from these VULNERABILITIES that... we haven't found yet?! I say no! WRONG!

    YOU will pay for your treacherous hiding of non-existing security holes. Just picture it: Some day, a non-existent hacker will get on his non-existent computer and create the ultimate blank computer virus and you'll see! Oh-hohoho... THEN it'll all come crashing down. You know it'll happen!

    I'm going to go use Windows, which I KNOW has too many security flaws to count, and I KNOW will fail me at the drop of a hat. Go back to where you came from because I know I'm using a product that has REAL flaws. Bah!

    --
    I am NOT a number! I am a - oh wait, I'm number 761710. Look! 761710!
  15. Re:Wow, this is pointless by Elwood+P+Dowd · · Score: 2, Funny

    Hehe. You seem to have misunderstood. I was joking about how hilariously easy it is to configure Apache on Mac OS X.

    To be fair, it's about as easy as configuring IIS on XP or Apache on Linux.

    Wait. Unless you were joking too, in which case I didn't get it...

    --

    There are no trails. There are no trees out here.
  16. Re:update mechanisms by iamacat · · Score: 2, Funny

    I've never used Windows myself

    Wow, you could get a spot on news. Care to explain how you managed this remarkable achivement, especially if you work with computers?

  17. Re:update mechanisms by transient · · Score: 4, Funny
    Windows Update is semi automatic.

    Just like my gun.

    --

    irb(main):001:0>
  18. Re:Biggest bunch of bull ever by nate1138 · · Score: 2, Funny

    Uh, I've been a sysadmin since 1994, and I still don't believe that most systems need firewalls.

    Wow, I'm glad you're not my admin.

    --
    Where's my lobbyist? Right here.