Apple Still Has Not Patched the DNS Hole

Steve Shockley notes an article up at TidBITS on Apple's unexplained failure to patch the DNS vulnerability that we have been discussing for a few weeks now. "Apple uses the popular Internet Systems Consortium BIND DNS server, which was one of the first tools patched, but Apple has yet to include the fixed version in Mac OS X Server, despite being notified of vulnerability details early in the process and being informed of the coordinated patch release date."

Re:in case you didnt get the memo

What are you smoking? Apple has always been evil. Extremely litigious and questionable methods.

Steve Jobs?

[st33med]

Maybe because he is sick/out of work is why they can't patch it (They fear their boss might yell at them for patching it without his consent...)

OR They are so stubborn that they believe there is and never will be anything wrong with a Mac.

OR They are still testing the patch (highly unlikely since it has little interference with how the server functions...)

Sure, they can get away with a whole lot of stuff since they aren't a monopoly like MS, but, this is just wrong.

Right on

Well, that's what my Mac using friend whose reality is severely distorted told me - "I don't have to worry, I use Mac.". Further arguments were futile after that.

Re:Hey, I just wrote about this

[Pfhor]

this is related to Apple's OS X Server product, which runs DNS (bind in fact), and many mac businesses do in fact use it, if even as a local DNS cache (which a simple fix now would be to configure their boxes to us opendns).

The bigger issue is this is a pretty big deal on the security front, all of the businesses that apple has to compete with in the server space (especially in the eyes of enterprise IT), have had a fix and a public statement about it out the door. Apple is the big unix vendor missing off the list, and has not even made a public statement as such to inform it's users about the issue. Not exactly the best way to talk about how secure their products are (client and server).

Of course, they still haven't gotten around to fixing the ARDAgent.app vulnerability from a few weeks back either.

Re:Is it really so hard?

[MrNaz]

Personally, the brazen "stomp everywhere and expect the world to bow to their whims" attitude reminded me of Microsoft in the mid 90s.

Now, complacency with regards to security confirms it: Apple are following Microsoft's path 15 years after them.

It's just a matter of time until geeks wake up and start hating them. Oh, and don't claim you hated Microsoft prior to 1995, you know it's a lie. Everyone wanted to be Bill Gates back then, he was the noble knight/geek taking on the world and bringing down empires like IBM and DEC with his accessible to all consumer computers. It was only after Linux came on the scene that geeks turned on him like the fickle fashionistas that they claim they aren't.

Face it, Apple, like Microsoft before the, are just the flavor of the month.

Re:Is it really so hard?

[ktappe]

Oh, and don't claim you hated Microsoft prior to 1995, you know it's a lie.

Fail. I was a vocal opponent of Windows 3.1, calling it the abomination it was. Also, you seem to think there are no geeks hating on Apple now. I'm not sure what blogs/newsgroups/boards you read, but if you can't find plenty of anti-Mac/Apple hate, you must have some pretty good filters.

Re:Mac OS X ...Server?

[Whiney+Mac+Fanboy]

its 500 dollars for a unlimited license,

Uhhh? unlimited license? For $500, Apple gives you a 10-client license?

and does a hell of a lot more than throw a few OSS solutions into the box.

OSS solutions:

* Scale up onto hardware Apple can only dream about (talk to Sun or IBM for more info)

* Fit into your existing vmware infrastructure.

* Don't impose bullshit per-client licensing restrictions.

* Don't leave you with a coating of vendor lock-in slime.

Sure, if you're a complete Apple shop (hah!), then OS X server is probably a good fit for you, but in the real world, its mixed clients (or at least looking in that direction).

If your going to comment it helps if you have half a clue what your talking about.

Well - at least we agree on this....