Slashdot Mirror
Month of Apple Fixes
das writes "On the same day as the launch of the Month of Apple Bugs (MOAB) (blog), Landon Fuller, a programmer, Darwin developer, and former engineer in Apple's BSD Technology Group, has launched an effort to provide runtime fixes for each MOAB issue as they are released. A fix has already been posted for the first MOAB issue."
Kevin Finisterre, security researcher, founder of Digital Munition, and co-presenter of the Month of Apple Bugs, has also responded on the SecurityFocus focus-apple list to some of my concerns, expanding on some of the motivations and reasoning behing MOAB (followup).
Also, the second bug was just posted a few minutes ago: a udp:// URI handling vulnerability in VLC Media Player that affects both the Mac OS X and Windows versions of VLC Media Player. While not exactly what I'd call an "Apple bug" (yes, yes, I know the FAQ says they're also looking at "popular applications" that run on Mac OS X as well), it is interesting to note that vulnerabilities in cross platform applications may transfer more easily to the Intel-based Macs running Mac OS X...
In any event, Apple's immediate technical response and longer-term strategic response to MOAB should be interesting.
(Disclaimer: I am the story submitter.)
Thank you, Landon.
These bugs are not exploitable obviously right? Otherwise we'd be seeing mad mac oriented spyware.
It's simply not possible to make spyware for macs.
for a Month of I Don't Care.
Apple products don't have bugs. They have worms.
You're suffering from some serious RTFA syndrome. By doing the patch the way he did you change NO SYSTEM FILES.
I guess you missed the "download the source" link. Moron.
The immaturity of the tech community is quite disappointing.
The acronym MOAB has already been taken http://en.wikipedia.org/wiki/Massive_Ordnance_Air_ Blast_bomb
To prevent confusion I propose it should be Apple Month of the Bugs. AMOB
All this is a little fun exercise and a public service, if you will. Also, anyone can examine the code.
How do you uninstall these quick fixes? Simple. They'll almost all invariably be runtime fixes with Application Enhancer (APE). APE modules are just self-contained directories; nothing more. They can be unloaded on demand, and APE itself can be easily installed, uninstalled, disabled, and modules can be loaded and unloaded at will.
Also, Landon Fuller is anything but an "Apple fanboy", or in any way remotely interested in "saving Apple's rep". The idea is to look at the bugs, and see if a quick technical solution or remediation can be provided. No one has to install them. Since the code is available, anyone can see what's being done, including the rest of the community. If one wishes to wait for Apple's official patches, fine.
Aside from all of this, of course Mac OS X, like any other operating system or large software project, has bugs. Some of these bugs will enable vulnerabilities that can be exploited. I fail to see how any of this is surprising. If you're actually interested, I've summed up my thoughts on this here.
I don't care who this guy is... I'm not downloading "fixes" for my iMac from anyone but Apple:
Steps to Recreate
1. Go to MOAB site, record exploit info
2. Create malicious version of exploit
3. Post to web as a "fix" and tell users to blindly install
Thanks, but I'd prefer to maintain ownership of my machine...
If I have time, or if people help me.
I tested thoroughly on Intel and PowerPC Macs. I wouldn't release a fix to the world without being fairly certain that it works correctly. You're welcome to review the code for the first fix -- it's about 10 lines. I'd be happy to explain the various entry points for you, too. We're using these fixes on all our Macs here at Three Rings Design.
Alternatively, you can not use the patch. I won't mind.
You open the Application Enhancer pref pane and hit the "-" (minus) button.
http://plausible.coop
You also missed the "download the source" link didn't you, doucheface?
Uh...then look at the source code yourself.
Nothing is hidden, and Landon isn't trying to hide anything that's being done.
Also, these fixes are runtime fixes via APE modules. They only place they're "installed" is into APE, so they can all be easily removed/disabled at will (as can APE itself). There is nothing wrong with the principle of runtime patching, and this is really a technical exercise more than anything. But again, the code is all right there, and you can see exactly what is being done.
Whats this guys motivation? He says specifically in his FAQ that he did not tell Apple of these problems, he just releasing it publicly.
Rarely, the point is releasing them without vendor notification. Although, sometimes we may decide to pass an issue through the appropriate people. The problem with so-called 'responsible disclosure' is that for some people, it means keeping others on hold for insane amounts of time, even when the fix should be trivial. And the reward (automated responses and euphemism-heavy advisories) doesn't pay off in the end.
So why do we have to wait an entire month to get to bug #31. Whats the motivation to keep bug #31 alive for 31 more days?
Also from the FAQ:
7. John Doe has written a 'post' in his blog, saying he debunks the XXX bug, what's that?
No worries. It's probably someone begging for attention or PR-brainwashed
Thats right, anybody who disagrees is psycho. Is that you George?
See above posts, maybe even RTFA... then RTFSC. All 10 lines of it. Cheers.
Sorry... that acronym is already taken:
AMOB Anna Maria Oyster Bar (Bradenton, FL)
AMOB Automatic Meteorological Oceanographic Buoy
You should try an acronym that is totally original, like:
Exploits & bugS from aPple moNth
I realize that the idea is just catching on in IE and has not been implemented anywhere else, but why doesn't Safari setuid() the rendering engine to guest (or some other nonprivileged user)?
Is this feature in the works? I certainly hope so.
If he can't read C++, what good does reading the source code do?
Nice pic of the unabomber sketch on the release page... quite telling.
Cwm, fjord-bank glyphs vext quiz
On the same day as slashdot ran this article slashdot also ran this dupe, indicating that it's editing problems have still not been solved. When asked to comment, a slashdot spokesperson replied "My hovercraft is full of eels".
I think it's within the breathing computer tech IQ's capability to google enough to understand 10 lines of straightforward code. Otherwise, ask someone you trust. Like your mechanic for cars, we have technicians for computers.
From the other thread, it appeared that no Mac owner posted saying that they had been able to replicate the results - the people that did post results said the quicktime file given crashed Quicktime, but did not run the payload target. Simply being able to crash an application is not the same as actually executing arbitrary code.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Also means = Mother of All Bombs. Hmm...
Why is it "stupid", just out of curiosity?
Uh...then look at the source code yourself.
Worst possible response. Are you suggesting that all Apple users become professional software developers? My girlfriend has trouble getting iTunes to work correctly. I don't think that the source code would mean anything to her. And no, I would NEVER suggest installing any Apple fixes that are not directly from Apple. I wouldn't care if it was Linus Torvalds, himself that was posting fixes.
Absolutely -- but I'd still strongly suggest disabling the QuickTime RTSP component:
http://isc.sans.org/diary.php?storyid=1993
You forgot number 4:
4. Have my professional and personal reputation permanently sullied.
I'll pass! =) The code is up for review, but if you don't feel comfortable with my fix, you can disable the primary attack vector by following the directions from the SANS web site.
http://plausible.coop
I bet they find the Mother Of All Bugs during the Month of Apple Bugs. Will S. Jobs have to take Management Of Aggressive Behavior classes so as not to snap under the strain? I sense the Mother Of All Battles coming from the Apple fanbase.
Microsoft Often Anticipates Bugs, but they have a "fix it after it shows itself" policy. Maybe Our Apple Boys will take security more seriously now.
May Omnipotent Allah Bless their efforts.
There are 01 kinds of cars in the world. The General Lee, and everything else.
So
[simon:~] simon% vlc
tcsh: vlc: Command not found.
[simon:~] simon% perl VLCMediaSlayer-x86.pl
jump address is: 0x41424344
writing to file: pwnage.m3u
[simon:~] simon% open pwnage.m3u
[simon:~] simon% (opens iTunes)
the application for this second bug is not even shipped on Mac's by default! Meaning that this completely 3rd-party software, if installed onto a Mac, can cause problems with the Mac. And this is Apple's problem how, exactly ?
Simon
Physicists get Hadrons!
See here for details.
I think the poster is referring to a bug/quirk that will sometimes render a line of text with a slightly bolder appearance than other lines on the screen. Scrolling or highlighting and unhighlighting will usually make it redraw properly. It is irritating and has been around for awhile, at least since I started using Tiger.
As I understand it, the QuickTime bug also affects Windows, but the runtime fix is Mac-only.
Talk about an exaggerated response. Nobody's telling your girlfriend to look at source code or become a professional software developer. Source code is available for those smart enough to understand it, and if anything bad is in it, the community would be warned.
"Sufferin' succotash."
This should be a darling situation for the Lunix/OSX love-fest community.
Someone points out all the ways their OS can easily get h@xxor3d, and someone not affiliated with the official product has to fix it.
So in other words, Lunix and Apple get a free ride concerning their lack of security... while every obsure, situational, irrelevant problem with Windows is celebrated like a holiday here.
w00t! Three Cheers for "Security Through Obscurity"!!!
So far it's 50% Apple Bugs.
No wonder this guy's hiding.
"Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
I don't know about the grandparent, but I think it makes the text really blurry and fuzzy, to the point where it's harder to read than decently-rendered aliased fonts, even on the lowest setting. It's a bit frustrating for me; I can finally afford an LCD, and now every OS (not just OS X) wants to make everything blurrier than the worn-out CRT I'm replacing. Looking at an OS X, Vista, or recent Linux screenshot makes me think I need glasses; everything looks slightly out of focus.
I understand that a lot of people seem to like text anti-aliasing, I just don't, and wish I could just shut it off. Unfortunately, with more and more OSes and applications, it seems I can't.
A VLC bug is an Apple Bug?
Well, if that qualifies maybe they should start looking into MS Office for Apple bugs......
I'm sorry but the APE is not easy to uninstall at all. And it causes a lot of trouble; I once used x-shade or whatever its name was and it installed APE; after some time I started having some problems with the machine being slow and some other stuff, I looked for solutions and a lot of people were posting about how APE causes many problems. I uninstalled it by following the directions in the forums (which include removing files buried deep in some directory) and my problem was fixed. Why would the solutions require using a third-party application such as APE? QuickTime can be fixed by Apple and they can issue a security update; VLC is open source and it would only require downloading a newer version. I really hope APE is not necessary for any fixes (except for fixing the unsanity stuff, which I stay away from).
Go hug some trees.
And will "the community" notify my GF about not installing this patch? No, it's NEVER a good idea to install non-official patches, unless you like trojans.
Ugh. :-(
APE isn't going to be necessary for ANY fixes from Apple. Apple will release their fixes in due course, and they'll be like all their previous fixes have been: normal updates to the OS that come down via Software Update, etc.
But since we can't directly fix Apple's code, this is a little technical exercise that fixes them with runtime patches. One very easy way to do runtime patches and code injection such as this is to use APE.
Also, APE is *very* easy to uninstall. It has its own uninstaller right in the installer, which will, categorically and definitely, uninstall every single last thing that has anything to do with APE.
Also, there is nothing wrong with APE, and here is a very detailed explanation of exactly what APE is and what it does.
All this project is is just that: a project. The community is welcome to inspect all of the source code, and anyone is free to use these runtime patches. Yes, QuickTime, and VLC, and everything else that will be covered in MOAB will be fixed by Apple and the various applicable vendors/developers. That is not at all the point of providing on-demand runtime fixes each day, and you have apparently totally missed the point of this projects, and the post you responded to where I pretty concisely explain it.
Well, there is Silk which allows you to turn off antialiasing. Sure, everything looks like crap with corn in it... but at least it's not "blurry".
Sure it is, especially when the code is peer-reviewed and fixes a security problem that could theoretically invite malware.
It's just like not taking the polio vaccinations because you've heard they might cause HIV as a western plot even though there's no evidence and no rational mind would think that. Sigh, I wish I was kidding about that.
Will somebody please root this kid's so-called girlfriend already?
Maybe we should do some kind of lobby to push for no anti-aliasing in Leopard. Nowadays I have to use windows over Parallels just to use Firefox and Eclipse. At least in windows I have the option to turn anti-aliasing off...
You could use TinkerTool too. But it won't solve the problem, OS X doesn't allow you to change the default font used everywhere (Lucida Grande) and that font looks terrible in the user interfaces when not aliased. Besides, a lot of applications just seem to think that anti-aliasing is the rule and do whatever they want.
Aside from all of this, of course Mac OS X, like any other operating system or large software project, has bugs. Some of these bugs will enable vulnerabilities that can be exploited. I fail to see how any of this is surprising.
This attitude is why we'll continue to see more and more security vulnerabilities (from all vendors). Which become more and more dangerous as our society's dependencies on software become deeper.
You've basically reached the conclusion that there's no reason for vendors to even try. Because it's "okay" to screw up and ship security holes, and some "responsible security researcher" will be nice, and do the vendor's work for free, and "responsibly disclose" the vendor's mistake.
I'll stick to my personal prediction: only legislation will cure this disease and teach people that software security is important, and training programmers is important, and paying for secure software is important. This legislation would be awful and might even destroy open source software, but I'm tired of the endless stream of security holes. I'm tired of downloading popular open-source apps and finding security holes just by scrolling through the code (no I don't report them. I fix them in my clients' copies.)
Can you imagine a parallel universe where arrogant doctors, or bridge designers, or any other profession, routinely say things like "most patients die" .. "most bridges randomly fall down" .. "most stock trades are off by 2-3 cents"?
I don't believe that all software contains an endless stream of security holes. I believe that all these idiotic off-by-one or buffer overflow errors can be tested for and avoided. If an independent individual can discover these bugs, so can Apple, "at the factory". Software isn't a physical process, it's just a bunch of ones and zeros going in and out. It should be possible to make sure no sequence of bytes will cause a security breach.
What, pray tell, is Apple supposed to do about A BUG IN VLC? Being able to run an application is by definition arbitrary code execution. What is Apple supposed to do to stop people from running arbitrary code (i.e., run applications)? How is Apple supposed to know what an application is supposed to do, v. what it is actually trying to do?
Why is this classified as an Apple bug when it affects VLC on Windows too?
This whole MOAB thing is lame, lame, lame.
I was going to use a stronger word, but my New Years resolution is still (diminishingly) in effect...
... wrong. I can't think how you could think that. It's hard to construct an argument when your starting premise is just nonsense.
:-) that QT doesn't support the codecs that you want, but it's not Apple's fault that other 3rd-party codecs have bugs in. Yes, I'm a Mac fan, but not a fanboy - I completely agree with bug #1, but this is just completely ... bogus.
If Apple don't supply a piece of software, it is *not* their fault that there can be subsequent problems using that piece of software, it's the program-author's fault. Obviously vlc isn't completely necessary (otherwise I would have it installed, I install a fair amount of linux-related s/w). I do have windows-media player and realmedia player installed...
To say that just because Apple don't supply a particular feature (viewing movies that require codec XXX), it's Apple's problem when you install 3rd-party software that does is just
By the same logic, it's Apple's fault that:
- I can't run my FPGA-mapping software on my Mac Pro, because Xilinx don't support the Mac. Apple ought to do something.
- I can't run any game I want on the Mac. Curse those game-producing companies, oh no, wait, it's Apple's fault.
- My Mac doesn't make toast! How simple is making toast? Apple ought to pull their finger out!
- ad nauseum.
Install 3rd-party software, have problems with that software, blame the software author. Don't blame the machine manufacturer / operating-system provider.
Moan like buggery (*) (hmm, unfortunate turn of phrase
Simon
(*) "Moan like buggery" isn't really rude where I come from, oddly enough...
Physicists get Hadrons!
I really appreciate what you're doing.
The bits on the bus go on and off... on and off... on and off...
I realize that the idea is just catching on in IE and has not been implemented anywhere else, but why doesn't Safari setuid() the rendering engine to guest (or some other nonprivileged user)?
First, let me make one point clear. This is not "just catching on in IE", it has been used for running potentially exloitable applications in UNIX for decades. It's a last resort when applied to interactive programs... it's usually used with applications that are running unattended and providing services to the outside world... and the limitations of this kind of technique are abundantly clear. UNIX environments typically take this kind of thing several stages further, using chrooted environments and jails to really isolate the untrusted code from the rest of the system.
Second, Security is like sex, if you're penetrated you're fucked. Just because an exploit in IE can only have an effect on resources owned by a restricted user should not be considered a big deal. Why?
(1) Once you can run local native code, you're in a MUCH better position to devise a secondary exploit against a local privilege escalation vulnerability.
(2) Resources accessible to Internet Explorer include (of necessity) any security tokens (passwords, etcetera) used for access to online services, as well as anything else that you use the same tokens for... like, say, your local account.
I've repeatedly argued that the fact that the local user runs with lower privileges on Mac OS X than on Windows is not nearly as important as Mac fanatics make out. Well, the converse is true... this new hack Microsoft has come up with to avoid facing the security flaws in the design of IE isn't nearly as importantas Microsoft apologists make out.
OS X doesn't allow you to change the default font used everywhere (Lucida Grande) and that font looks terrible in the user interfaces when not aliased.
Perhaps OS X doesn't, but Silk does. That was kinda my point, just kinda.
TinkerTool supposedly allows it too. It's just that OS X doesn't respect settings for the "core" fonts as it should.
If Apple would be as slow about the fix as MS was about the WMF fix, I might indeed install a patch from a 3rd party (as I chose to do for WMF).
There are pros and cons to third party patches (and you have identified a possible negative case), but there solid ways to validate the decision with the security community, even if you can't read the code yourself.
I think its really cool that Landon is spending his time writing counters and taking a decidedly positive action in this investigation.
Personally, I never heard of APE before this, and knowing something about that software is already a positive result for me, even if I only disable rtsp handler (which I have done).
because they call Mac fanboys crackheads on their front page.
Hey, thanks for providing the runtime fix(es).
Are you suggesting that all Apple users become professional software developers?
They don't need to. They just need to know someone they trust who is competant to read the source. It doesn't even have to be someone they know... for example, if source this small was crocked there would be approximately two thousand posts in this discussion pointing it out. So, really, "all Apple users" just have to know someone who they trust who knows where to look.
Especially since Apple's fixes, in the past, have not always been as good as third party fixes. They still haven't fixed the "help" hole properly, for example...
http://www.scarydevil.org/~peter/io/apple.html
Hi Landon, thanks for the fix.
One concern I'd like to point out (having looked at your source) is that you use NSAddImage to load the QuickTimeStreaming component in order to resolve the address of the problem function. The concern is that every process will then have the QuickTimeStreaming component and its dependencies loaded into memory.
Aside from the excess use of address space that you point out, this may unintentionally expose more applications to bugs from frameworks they don't normally link against, such as:
I wouldn't be surprised to see these guys take advantage of this in a future exploit.
I'm not too familiar with dyld or APE patching unfortunately so I don't have a solution to offer. Ideally, one can patch only those apps or bundles that link against the QTS framework themselves.
Thank you very much for reviewing the code. I ultimately decided that the additional complexity required to watch for the QTS component being dynamically loaded was more risky than simply forcing it to be loaded. It seems like the simplest way to ensure that the function in question is -always- patched.
The only security downside, as far as I know, is that an existing exploit could potentially execute some of the newly loaded code (See http://en.wikipedia.org/wiki/Return-to-libc_attack ). However, after reviewing a number of applications (Safari, Firefox, Adium, Mail.app, VLC) it became apparent that most of the libraries in question were already being loaded anyway. It seems like additional risk is very minute, but I could be missing something important =)
http://plausible.coop
But the source code is meaningless as a guarantee of nonmaliciousness (intentional or unintentional) unless you compile the code yourself. Because that's the only way to know that the "fix" you install matches the source code.
JoeBlow isn't going to be able to compile the code himself. So it doesn't really matter if JoeBlow sees that some guy claiming to be a software dev on the net reviewed and ok'ed the code.
-- "I never gave these stories much credence." - HAL 9000
I finally got a chance to try the exploit on my own Macbook Pro, where it did not work.
Given that the Ruby script is slightly flawed, how are we to assume that they are even capable of coming up with a real exploit instead of just crashing applications?
Month of Apple Bugs, indeed! Given the second bug (an error in VLC! Oh My!) I think the whole effort is going to backfire and point, correctly or not, as a shining example as to the lack of serious problems in OS X itself (unless they are saving something good for later, but it seems like they had better produce a real bug shortly or face derision).
You have to wonder now if the Oracle one was canceled because they couldn't get any of those exploits to work either - or perhaps never figured out how to install Oracle, that took me a few passes the first time I tried to set it up.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
But the source code is meaningless as a guarantee of nonmaliciousness (intentional or unintentional) unless you compile the code yourself.
Or you can get a copy from someone trustworthy who has done so, or you have someone trustworthy verify that the executable matches the source, or... the point is, the source code allows you to build a stronger chain of trust for the software. For any software, whether it's a fix or a game... after all, the same argument about installing a security fix from anyone but Apple applies to installing *any* software from anyone but Apple.
Do you have any third party proprietary software on your computer at all?
I just verified myself - the proof of concept exploit for the bug that was actually an Apple bug did not work. Crashing Quicktime is not the same as an exploit that executes arbitrary code, obviously an actual exploit is more complex than he thought. Or perhaps I should use the phrase "Imagined" since we have yet to see a single post from a user that got the exploit to work.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
It's not shippped on Macs by default - but, by the virtue of it being the ONLY way to play some popular video formats on Macintosh, I'd say it may as well be installed by default.
That's just plain wrong - I don't use it much myself because I simply have used codec packs that install into Quicktime, for things like Divix videos and WMV9. What codecs were you thinking of that you can't load this way?
A more meaningful though still questionable bug would have been in a Divix codec pack for Quicktime. I would question it since the only people that really "need" diivx are people downloading video from torrents where it is the formal of choice; many users just watch YouTube and buy TV on ITMS, those users would not need anything but the default Quicktime.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
It's popular enough that every minor release was posted to /. *and* it plays videos I wasn't able to play with QuickTime. I've used it for years.
Clear, Dark Skies
having to re-apply a collection of kernel patches for the USB drivers every time I got a kernel update. (This was back in early 2.4, you understand).
These days, it's Linux goes on the back end machine, OS X on the front end, and Windows off the deep end.
Clear, Dark Skies
I'd give you odds that 50 people with the experience to know what they're doing downloaded it. Since it comes from a trusted source (a developer), and is promoted by another trusted source (Security Focus), and other people have downloaded it without issue, and others have looked at the code without issue, I'd say it's as safe as can be.
It is of the order Diptera or flies. True bugs belong to the order Hemiptera and only Hemiptera...
Many people forget that they have to add codecs to WMP on Windows to get it to run videos encoded with alternate video codcs (DivX, XviD, etc.).
QuickTime for Mac OS X can be similarly augmented:
Simply download Flip4Mac (free) for WMV support and Perian (free) for support for just about everything else.
No need for VLC.
Up, Up, Down, Down, Left, Right, Left, Right, B, A, START
Someone, I think it was Macslash reported that a few machines got the full exploit, while most simply got the crash.
I've posted on Macslash, and Digg as well looking for anyone who can reproduce the results (and now have tried it myself on my own Macbook Pro) - I have yet to see a post saying it works on thier computer. On the website they have a shell exploit version which they gaurantee works "but you have to verify with a debugger". to the naked eye, it also crashes Quicktime with no other result.
Even if it happens sometimes, I question how serious a bug really is that only happens when the stars (or more accuratley, memory locations in an application) align. That doesn't seem like a very appealing hole for an attacker to try, as users will be driven away in droves by a video that simply crashes quicktime.
Also - I seem to remember hearing that the newest intel chips have hardware protection that prevents the execution of code loaded into data buffers (i.e., buffer overrun attacks) - could that have an effect?
That takes some enabling to use, I think the OS has to enable it and OS X does not do so yet. Or it might be more of a compiler kind of thing for an application; I forget. I don't think it helps much currently in OS X.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Terrorists Lose!
If you don't fail at least 90 percent of the time, you're not aiming high enough. (Alan Kay)
Internet Explorer is currently the only browser that implements this technique, and it does so only on Vista (AFAIK).
I run as a restricted user on Windows, and I use RunAs to elevate privilege when necessary. I would prefer the browser to run with even less privilege, so there was low possibility that a hostile process could wipe out My Documents or anything else I own. In any case, I feel much more secure running restricted as a hostile ActiveX component/buffer overflow will have a much harder time escalating privilege, modifying or installing software, or wiping out my hard drive. The idea here is not to be the "low hanging fruit" for a mass attack - a determined attacker might have to spend MUCH more time breaking into my systems, granted that it probably could be done. ssh has been using privsep for some time; the browser should too.
Avoid Missing Ball for High Score
Uh, if your girlfriend is connected enough to the community to know about an unofficial patch, she'd be connected enough to know what the community thinks about that patch.
"Sufferin' succotash."
As a reply to my earlier comment -- I've been stewing on this, and decided to err on the side of caution and register a dyld "add image" callback for the QT Streaming Component, using _dyld_register_func_for_add_image(). I'll include the changes with the next bug fix.
Thank you very much for your suggestion.
http://plausible.coop
Windows is a much more attractive target due to the large number of possible exploits, users that don't patch their systems and a huge install base. Certainly on the money making side of spyware and bot nets, the Mac is still not a very interesting target.
Even were a Mac virus or worm to hit the wild, the rate of propagation would likely be a lot slower than on Windows due to the fewer systems out there.
Sometimes my arms bend back.
No, it's NEVER a good idea to install non-official patches, unless you like trojans.
:)
By the same logic it's NEVER a good idea to install third-party software.
You know, I think this is the first I've run into someone I know on Slashdot! I had Tyson over for turkey soup a couple of weeks ago, and he also complained about how I'm never on MSN. I'll see what I can do. ;)
The bits on the bus go on and off... on and off... on and off...
The obvious way to handle it, I thought when the story broke last month...
you had me at #!
...in a few days the MacWorld Expo keynote will be done and everyone will be writing and blogging about that, MOAB never to be heard again.
Certainly there are advantages to running an application or system components as a user with restricted privileges. However, there are also many disadvantages, namely complexity.
How far do you take this approach, 3 levels four levels....etc. Increasing the complexity, in this case by having different operational privileges for different sections of a system also will result in unexpected issues occurring more frequently. Even though the original goal is to reduce what can happen.
An example: Operating system
A single user operating system is less complex than a multi user operating system. Therefore, a single user application is less complex than a multi user application.
Complexity, provides functionality, in this case it may offer this functionality as increased security. However, it comes at a cost. As the system complexity increases so do the opportunity for errors to occur
To increase security, you could run a separate OS in a virtualized environment or better yet on a separate machine. Then and only then run the browser on this machine or in this virtual environment. The more things we try to do on one system the more attractive it will become as a target. See this article.
It will be interesting to see where this technology leads in the future. It could well become the de-facto.
Try repairing the permissions and then reset the Reality Distortion Field.