Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Releases 31 Security Fixes

Posted by kdawson on from the more-secure-than-you dept.

Agram writes, "This week Apple has released fixes for 31 vulnerabilities in its OS, although reportedly a number of known flaws remain un-addressed (according to the instigator of the Month of Kernel Bugs, 'Apple hasn't fixed any of the bugs published during [MoKB], except for the AirPort issue'). Earlier this year, in a move reminiscent of Microsoft's past patching faux pas, Apple released a 'fix' the installation of which broke features unrelated to the targeted flaw. With the growing number of low-level flaws, one has to wonder if Apple's 'more secure' argument still stands. Earlier this month, Microsoft released 6 fixes. Linux does not seem to fare much better. Despite all of these fixes, exploits remain in the wild for each platform. Perhaps, security-wise, the OS choice really boils down to a 'pick-your-poison X user-base' equation?"

4 of 319 comments (clear)

  1. Free software is not supposed to be 'much better' by mi · · Score: 0, Flamebait
    Linux (if you need a URL for Linux, you are probably at this site by mistake) does not seem to fare much better.

    Vendors of commercial software would have you believe, free is supposed to be much worse: "Free and worth every penny"...

    That it is even on par is great. If it is better, even if by "not much" — that's terrific!..

    Personally, I'd rather the world used FreeBSD, of course, instead of imitations like "MacOS"/"Darwin", or "Linux" :-)

    --
    In Soviet Washington the swamp drains you.
  2. Re:Please by EvilTwinSkippy · · Score: 0, Flamebait

    Where have you ever met an "Average" mac user.

    They fall into 2 categories: Mouth breathers who know Photoshop like the back of their hand but can't be trusted with scissors, and ubergeeks who use Mac because they consider it the Mercedes Benz of hardware and software.

    --
    "Learning is not compulsory... neither is survival."
    --Dr.W.Edwards Deming
  3. Re:It Never Did by 99BottlesOfBeerInMyF · · Score: 0, Flamebait

    It never did.

    Sure it did. The "more secure" applies versus Windows though, which is what most people use as the goal post.

    First of all, you can't compare security of operating systems, because you can't eliminate bias from your tests.

    Select 100 random users of each system and see how much malware they have. It is simple and practical as a real world evaluation.

    Secondly, Apple's OS is closed source, which you can never trust.

    Lots of software is closed source. Lots of software which is open source is too long and convoluted for any person to properly audit. It's not a matter of trust, just results.

    Thirdly, much of the OS is written in unsafe languages (particularly C, C++, and, perhaps, Objective C - I don't know if the last is unsafe), and thus, the statistical probability that it will contain security holes is high.

    So? Can you show me an OS where this is not the case? We're talking about "more secure" which is to say relative security.

    Finally, I don't think Mac OS X has been so thouroughly scrutinized by security experts as Windows has.

    Half of what people think of as the OS, in OS X is both open source and derived from code that has been tested more thoroughly and regularly than Windows. Much of the rest has little room for security holes because it is simply not in any position to cause security problems. OS X is by no means a poster child for a super secure OS, but compared to Windows it is no contest. I know people who have worked at Microsoft and it has given me little or no faith in the thoroughness of their security testing. My understanding is every hole is rated by how serious it is and how many people it effects and more than half of them MS knows about are not even fixed. Apple, on the other hand, has just fixed some holes that affect maybe one in a thousand of their customers and only cause a denial of service then.

    OS X is "more secure" than Windows and that's just the way it is. You'd be hard pressed to find an expert that disagrees.

  4. Re:It Never Did by 99BottlesOfBeerInMyF · · Score: 0, Flamebait

    If you define security as the inverse of how much something gets exploited, you're right.

    Yeah, that's pretty much how I define security all right.

    However, I care about security as in all vulnerabilities, not just the ones that have been found and are actively and widely being exploited, but also the ones that remain to be discovered or the ones that aren't actively being exploited, but could be used by a determined attacker to gain access to my system.

    If a vulnerability hasn't been found, it can't be used. If a vulnerability exists in a package, but no one ever finds it, does it make a sound... err make me less secure? Nope. Security by obscurity is a valid type of security, just not an ideal one. If you're looking for a desktop OS that is highly unlikely to be exploited for an average user, OS X is a very good choice. It is a much better choice than Windows. If, however, you're not a typical user and you face an extra high risk of some particular threat, like direct attack by talented hackers trying to get your top secret whatever, then you should consider a system designed to counter that threat. Perhaps SELinux or some other locked down system designed with security as the top priority. Most people don't want to use such a system because it sacrifices a lot of functionality and ease of use to gain that security.

    All of this, however, sidesteps the issue being addressed which is, "Is OS X 'more secure'." If you're comparing it to Windows, yes it is for general users. If you're comparing it to Solaris for an application in an environment full of homocidal security experts that hate all macs and will instantly attack any user of such a system physically with Uzi's, then no it is not "more secure." I think it is a bit unreasonable, however, to apply those criteria. In the general case OS X is much more secure than Windows.