Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ancient Flaws May Leave Mac OS X Vulnerable

Posted by Zonk on from the patch-to-the-left-patch-to-the-right dept.

mdeb writes "ZDNet Australia is running a story that claims Mac OS X 'contains unpatched security flaws of a type that were fixed on alternative operating systems more than a decade ago.' As an example, in August of last year, Apple patched the 'dsidentity' bug, which could easily have been exploited to grant a non-privileged user with admin rights the capability to create and remove 'root' user accounts."

34 of 388 comments (clear)

  1. Stop the Presses by Nom+du+Keyboard · · Score: 3, Funny

    Wow, stop the presses. Security flaws on a *nix based system. Boy that's news no one expected. Or does somehow the magic Apple logo protect you from all harm - and Bill Gates?

    --
    "It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
    1. Re:Stop the Presses by ackthpt · · Score: 5, Funny
      Or does somehow the magic Apple logo protect you from all harm - and Bill Gates?

      It protects you from everything up to the Triassic period. After that, you're on your own. These were ancient flaws, vulerable to ancient threats. Don't boot up in a museum of natural history or you're toast.

      --

      A feeling of having made the same mistake before: Deja Foobar
  2. Steve Gibson... by Ravatar · · Score: 4, Funny

    Now we will just have to sit and wait for Steve Gibson's assessment that Apple intentionally left these exploits open as a backdoor to the system!

    1. Re:Steve Gibson... by Anonymous Coward · · Score: 1, Funny

      No, backdoors around here are anything butt ambiguous. ...

    2. Re:Steve Gibson... by Minwee · · Score: 4, Funny
      It's worse than that. GRC has recently discovered that OS X uses something called "Sockets" which, if used incorrectly, could not only completely destroy the entire Internet but also reach out from inside your computer to turn down the dial in the freezer and make all of your ice cream go melty. It's that bad.

      Your only protection against this is Steve Gibson's patented new "Snake Oil!" technology which uses a combination of Stealth PicoWankoProbulators and Network Monkeyspanks to defeat all known "Socket" based attacks. Why Apple chose to include such dangerous technology in every release of OS X is a mystery, but only by paying Steve Gibson a large amount of money can you ever hope to protect yourself against it.

  3. Yeah, okay... by daeley · · Score: 5, Funny

    ZDNet Australia is running a story that claims OS X 'contains unpatched security flaws of a type that were fixed on alternative operating systems more than a decade ago.'

    Only in the Southern Hemisphere. Up here, trolls rotate counterclockwise.

    --
    I watched C-beams glitter in the dark near the Tannhauser gate.
  4. Thank Goodness! by phase_9 · · Score: 3, Funny

    Thank God people have almost cracked running Windows XP on these new Mactels!

  5. OSX is a security nightmare by QCompson · · Score: 5, Funny

    Good thing I use Windows ME.

    1. Re:OSX is a security nightmare by jtorkbob · · Score: 2, Funny

      Please, this is no place for vulgarity.

      --
      AC: Only on slashdot... could the sentence "My hovercraft is full of eels." be moderated "+4, Insightful
    2. Re:OSX is a security nightmare by Anonymous Coward · · Score: 5, Funny

      Yup, good thing I'm using your Windows ME as well.

  6. Ancient? by Shadow+Wrought · · Score: 5, Funny

    It must have happened when they translated the binary off of the stone tablets, likely because they were limited to only bronze tools.

    --
    If brevity is the soul of wit, then how does one explain Twitter?
    1. Re:Ancient? by BorgCopyeditor · · Score: 5, Funny
      It must have happened when they translated the binary off of the stone tablets

      Rosetta will remedy all that.

      --
      Shop as usual. And avoid panic buying.
  7. Windows. The new alternative. by autophile · · Score: 4, Funny
    ...a type that were fixed on alternative operating systems...

    That's the first time I've heard operating systems other than OSX described as "alternative".

    --Rob

    --
    Towards the Singularity.
  8. Re:Inconceivable! by grasshoppa · · Score: 2, Funny

    You keep using that word. I do not think it means what you think it means.

    --
    Mod me down with all of your hatred and your journey towards the dark side will be complete!
  9. Re:I don't care, it's a small niche product anyway by Ravatar · · Score: 3, Funny

    We need a mod category for "baiting the untold OSX masses".

  10. Requires User to Authenticat by ta+ma+de · · Score: 5, Funny

    Considering the user must be priviliged is it safe to say that the user has already authenticated and in the system. I always use passwords like "asldkfje983r0u!56@#987$%^rnYA(*U()*U&0u" for standard users. If they can crack that they deserve to gain admin rights too. You should see my admin key: it is a 10^12 digit mersenne prime.

    1. Re:Requires User to Authenticat by AutopsyReport · · Score: 5, Funny
      You should see my admin key: it is a 10^12 digit mersenne prime.

      Also known as the number of days you'll be spending as a virgin.

      --

      For he today that sheds his blood with me shall be my brother.

    2. Re:Requires User to Authenticat by ta+ma+de · · Score: 4, Funny

      LOL. I had to run and find an extinguisher to quence that BURN.

    3. Re:Requires User to Authenticat by tehshen · · Score: 2, Funny

      I sincerely hope that your sig has nothing to do with your post

      --
      Guy asked me for a quarter for a cup of coffee. So I bit him.
  11. Re:Inconceivable! by Anonymous Coward · · Score: 1, Funny

    My name is Inigo Montoya, you referenced Princess Bride, prepare to read the same joke ten thousand times.

  12. Re:Inconceivable! by ettlz · · Score: 2, Funny

    "You keep using that word. I do not think it means what you think it means."

    I ain't got a fucking clue what you guys are talking about, but hey! When in Rome.

  13. Re:In one minuets... by Ant2 · · Score: 3, Funny

    Hey, it doesn't matter and mac os X is uber secure.

  14. Classic FUD- mark story troll by acomj · · Score: 1, Funny

    Where are all the OSX exploits??? I've been running without a virus scanner, although I back up frequently. Nothing, no spywear, viruses etc.

    Are there probably exploits possible. Yes of course. But Apple's security record has been very very good.

    This is absolute hogwash.

  15. I'm switching! by Anonymous+Poodle · · Score: 5, Funny

    That does it! I'm swiching back to Micorosoft Bob!

  16. Spywear? by Big_Al_B · · Score: 2, Funny

    Is that, like, a decoder ring or a shoe-phone?

  17. Ancient Flaws by robertjw · · Score: 5, Funny

    When I saw the headlines I thought someone had found Egyptian Hieroglyphs from aliens explaining how to break into OSX.

    Guess my definition of Ancient isn't the same as the posters.

    --
    Find coupons in Greeley
    1. Re:Ancient Flaws by Paradise+Pete · · Score: 2, Funny
      Guess my definition of Ancient isn't the same as the posters.

      No kidding. And I also thought that flaws were those things they stand on in Boston.

  18. Well, yes! by IAAP · · Score: 3, Funny
    Or does somehow the magic Apple logo protect you from all harm - and Bill Gates?

    You see, you hold a crucifix straight up and down for Vampires; cock it 45 degrees so it sort of looks like the Apple logo, and you'll keep Gates away! But, there's a problem with Balmer, you also need the Firefox logo to ward him off. Sometimes, you need Nerdy, the MS Slayer. She's, yes, it's a woman, the chosen one. I can't say anymore now.

  19. So like, I was writing a paper on my Mac... by Lothsahn · · Score: 4, Funny

    And then it was like... beepbeepbeepbeep, and then, like, half my accounts were gone. And I was like, huh?

    They were really good accounts too. And then I had to recreate them and I had to do it fast, and they weren't as good...

    --
    -=Lothsahn=-
  20. Re:Huh??? by booch · · Score: 3, Funny

    I was myself wondering what a non-privileged user with admin rights was. But a few more reads finds that it means that the exploit gives admin rights to non-priveleged users.

    --
    Software sucks. Open Source sucks less.
  21. Re:Self-serving press release story by goofyheadedpunk · · Score: 4, Funny

    Now that's not fair. It's entirely possible that Mr. Archibald is very passionate about source code auditing and that his business and this story are just outpourings of... BWAHAHAHA. Oh geez, I can't believe I typed that for so long.

    Yeah, good point.

    Hehe...

    --

    What if the entire Universe were a chrooted environment with everything symlinked from the host?
  22. Top ten reasons why OS X has no viruses yet by SuperKendall · · Score: 5, Funny


    10) Ten million+ active boxes still "too small a number" to target.

    9) Worlds virus writers all work at Valve; have no idea what the hell OS X is.

    8) OS X originally scheduled to have virus this year; pushed back till Q2 next year to add Intel support and a Universal Binary.

    7) Russian Mafia all actually use Macs, tell underlings to keep macs virus free so they don't have to run virus scanners.

    6) Forget buffer overflows; real mechanism viruses use to spread is actually second mouse button.

    5) No viruses released for sale on ITMS yet.

    4) Actually viruses everywhere but Jobs Reality Distorition Field keeps Mac users thinking they are not there.

    3) XCode secretly detects and transforms viruses into RSS readers instead at compile time; explains glut on Macs.

    2) Virus writers accientally drug virus into one of several hundred "Untitled Folders" on Desktop, now have no idea where it is.

    1) Mac owners just too damn pretty for God to let them get viruses.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  23. Mr. Archibald by nuckin+futs · · Score: 2, Funny

    When we spoke to Apple on the phone about this issue, the security team had never even heard of the application, and burst out laughing at the simplicity of the vulnerability," said Archibald.

    don't take it personally. seriously. They were laughing with you, not at you.

  24. Mac malware! by Anon.Pedant · · Score: 2, Funny

    Someday these smug mac users are going to get their comeuppance.

    Really.

    Someday.

    Any day now...