Slashdot Mirror

← Back to Stories (view on slashdot.org)

Many Mac OS Users Not Getting Security Updates

Posted by Soulskill on from the security-updates-aren't-sexy dept.

AmiMoJo writes "According to security company Sophos, around 55% of home users and 18% of enterprise users have updated to Mavericks, the latest version of Mac OS (10.9). Unfortunately Apple appears to have stopped providing security updates for older versions. Indeed, they list Mavericks itself as a security update. This means that the majority of users are no longer getting critical security patches. Sophos recommends taking similar precautions to those recommended for people who cannot upgrade from Windows XP."

35 of 380 comments (clear)

  1. Does it matter? by jaymz666 · · Score: 3, Insightful

    Since you know, the switch ads told me Macs don't get viruses or other bad stuff

    1. Re:Does it matter? by Anonymous Coward · · Score: 4, Informative

      Security updates aren't just for viruses.

      That being said, I use a mac and I cannot upgrade to 10.9 because my machine isn't supported. It still does everything I need it to do, it's not slow. I don't think Apple doesn't support it because the hardware IS too old (Intel processor and all), I just think it's because Apple THINKS the hardware is too old. I can tell you that this is the last mac I buy. I dislike Microsoft and Windows with a passion, but at least they don't arbitrarily decide that your PC is too old to run their latest operating system. It may not run it fast, but generally it will run it.

      Linux only from now on.

    2. Re:Does it matter? by Anonymous Coward · · Score: 5, Insightful

      Apple fanboys and apple haters should be banned from slashdot. They have this illusion that they are two separate groups of people. The fact is that they are a single bunch of idiots.

    3. Re:Does it matter? by tangelogee · · Score: 4, Insightful

      Driver support is not Micosoft's fault. That's the Vendors. And need we talk about the fact that up until recently, you could only install (basically) Apple sanctioned expansion cards in their machines? Or their new way of doing things, which is "We'll package all of the hardware up in a neat little box, which you can't open, so we can force you to upgrade the hardware in order to upgrade the OS."

    4. Re:Does it matter? by TWiTfan · · Score: 4, Funny

      Father Steve only extends his divine blessings to those with the faith to maintain the latest holy hardware. Obviously, you have lost your faith and become a Windows or Linux heretic. Expect no welcome in the Great Apple Store when the end comes!

      --
      The cow says "Moo." The dog says "Woof." The Timothy says "Thanks, valued customer. We appreciate your input."
    5. Re:Does it matter? by Alan+Shutko · · Score: 4, Informative

      OS X is UNIX 03 certified by The Open Group and carries the UNIX brand.

    6. Re:Does it matter? by alexhs · · Score: 5, Insightful

      Apple fanboys and Apple haters should be banned from slashdot. They have this illusion that they are two separate groups of people. The fact is that they are a single bunch of idiots.

      Android fanboys and android haters should be banned from slashdot. They have this illusion that they are two separate groups of people. The fact is that they are a single bunch of idiots.
      Microsoft fanboys and microsoft haters should be banned from slashdot. They have this illusion that they are two separate groups of people. The fact is that they are a single bunch of idiots.
      Vi fanboys and vi haters should be banned from slashdot. They have this illusion that they are two separate groups of people. The fact is that they are a single bunch of idiots.
      Emacs fanboys and Emacs haters should be banned from slashdot. They have this illusion that they are two separate groups of people. The fact is that they are a single bunch of idiots.
      Bitcoin fanboys and bitcoin haters should be banned from slashdot. They have this illusion that they are two separate groups of people. The fact is that they are a single bunch of idiots.
      True scotmen fanboys and true scotmen haters should be banned from slashdot. They have this illusion that they are two separate groups of people. The fact is that they are a single bunch of idiots.

      Who's left ? :)

      --
      I have discovered a truly marvelous proof of killer sig, which this margin is too narrow to contain.
    7. Re:Does it matter? by NatasRevol · · Score: 4, Funny

      False scotsmen?

      --
      There are two types of people in the world: Those who crave closure
    8. Re:Does it matter? by StrangeBrew · · Score: 3, Insightful

      Steve Jobs greatest achievement was convincing the world that a Mac wasn't a PC.

    9. Re:Does it matter? by KingOfBLASH · · Score: 4, Funny

      What kind of a place would slashdot be if people only opened their mouths when they knew what they were talking about?

    10. Re:Does it matter? by XxtraLarGe · · Score: 4, Insightful

      What useful software are you missing?

      Don't feed the trolls, you'll only encourage them.

      --
      Taking guns away from the 99% gives the 1% 100% of the power.
    11. Re:Does it matter? by Capt.DrumkenBum · · Score: 5, Insightful

      What kind of a place would slashdot be if people only opened their mouths when they knew what they were talking about?

      An unbelievably quiet place.

      --
      If I were God, wouldn't I protect my churches from acts of me?
    12. Re:Does it matter? by iksbob · · Score: 5, Insightful

      Putting aside the ranking of Jobs' achievements, convincing the world of the non-PCness of Macs pales in comparison to Gates' achievement: Convincing the world that all PCs run Windows.

  2. It's bad for all OS's by zerosomething · · Score: 4, Interesting

    I'm woking in a large university where you find a larger percentage of Mac and Linux systems. It's hell keeping all operating systems updated properly. Researchers get grants to do something then spend $2million on the custom systems build on a particular version of an OS. Now it's 5 years later are still using the old OS because it would cost another $1million to upgrade the custom code and get new equipment that doesn't use parallel ports for data transfers.

    --
    It all starts at 0
    1. Re:It's bad for all OS's by Geoffrey.landis · · Score: 3, Insightful

      ...Now it's 5 years later are still using the old OS because it would cost another $1million to upgrade the custom code and get new equipment that doesn't use parallel ports for data transfers.

      In general, changing the OS breaks some stuff that used to work. It's always best to wait until the people willing to be drive the software first have found workarounds to the problems.

      Or you can call support, which will tell you "Oh, that doesn't work with the new operating system."

      --
      http://www.geoffreylandis.com
    2. Re:It's bad for all OS's by Hatta · · Score: 4, Interesting

      Indeed. We have a microscope that's hooked up to a G4 powermac running 10.2. The company that made the camera doesn't exist anymore, and the most recent software available for it is for XP. The solution? Firewall the microscope computer except for communication with the department file server.

      --
      Give me Classic Slashdot or give me death!
    3. Re:It's bad for all OS's by Solandri · · Score: 3, Interesting

      Hah. My uncle's print shop has a $20,000 laser film printer whose manufacturer folded in the early 1990s. The only drivers that work are for Windows 3.0 and Mac OS 7 (also works on 9, but not 10). So his fancy new graphics design computers send their output to an ancient Power Mac 8100 (with all of 32 MB of RAM) for printing silkscreens. It's so old that last time I visited to fix a problem he was having, the power button snapped off because the plastic had become brittle with age.

      Nice to know he's not the only one in this type of situation. Software people need to realize that constantly updating is sometimes not an option, and for certain applications (like dedicated hardware drivers) you need to treat the software like an embedded system and make it as robust as you can out the box. Software may be obsolete in 3 years, but hardware can frequently last for 25+ years. (It prints onto roll film that's about 28 inches wide for printing posters, so please don't say just buy a new printer from Staples. Replacements are currently about $2500+ for inkjet, $10k+ for laser.)

  3. Just no by Sockatume · · Score: 5, Informative

    Far be it for me to say that a security company was using dodgy numbers to hype its product, but their MacOS adoption numbers are soley from Sophos-for-MacOS users, which I'd have to imagine is a really spectacularly unrepresentative sample. And their assertions that Mavericks was the only way to get security updates for MacOS going forwards seems to be contradicted by the fact that the previous version of MacOS was security patched when Mavericks was launched.

    --
    No kidding!!! What do you say at this point?
    1. Re:Just no by AmiMoJo · · Score: 3, Informative

      If you check the linked page you can see that since Mavericks was released, listed as a security update, all other OS level updates and many of the app updates have required it. They claim not to support older versions.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  4. Updates vs Upgrades by tysonedwards · · Score: 4, Insightful

    It is unfortunate that Apple didn't think that one through a little further.
    If they are adopting the model of "the OS Upgrade IS a security update", then throw it in their normal update mechanism rather than having people seek it out.

    Since they didn't, they must realize that there is a chance that their Upgrade could break things for people, so let them upgrade in their own time, and as such should back port the occasional update to the computers that they sold 3 months or so ago.

    --
    Thirty four characters live here.
  5. Yes, they are. by tirerim · · Score: 4, Informative

    I'm not sure where the author gets the idea that Apple has stopped releasing security updates for older systems. The page linked from the summary lists updates for software for OS X 10.7 and up as recently as 16 December, a Java update for versions 10.6 and up on 15 October, and the most recent actual security update, also for versions 10.6 and up, on 12 September. Apple releases security updates when necessary, not every Tuesday like Microsoft. The fact that they've released an OS update, which includes security patches, for the most recent version of the OS without releasing one for older versions most likely means that the vulnerabilities addressed were not present in older versions; this has been the Apple release strategy for at least a decade.

    1. Re:Yes, they are. by Sockatume · · Score: 4, Informative

      Their support for that assertion is a link to one of their own articles:

      1) From three months ago
      2) Before 10.9 launched
      3) Right after a major OSX 10.8 software update had been released
      4) Which has had its thesis contradicted by the series of subsequent updates you list

      I don't think Sophos are in the "critical thinking" business.

      --
      No kidding!!! What do you say at this point?
    2. Re:Yes, they are. by Lawrence_Bird · · Score: 5, Insightful

      So.. what about users pre 10.6? Forgotten? Microsoft still supports XP Does Apple still support OS X 10.1? They were released at the same time in 2001. I think nothing illustrates the difference between the companies than that fact. Apple obsoletes their users by force while Microsoft bends over backwards to maintain not only support but backward compatability.

    3. Re:Yes, they are. by AmiMoJo · · Score: 4, Informative

      Here is the list from Apple's own web site, linked to in the summary:

      19 Dec 2013 Motion 5.1 (OS X Mavericks v10.9 or later)
      16 Dec 2013 OS X Mavericks v10.9.1
      16 Dec 2013 Safari 6.1.1 and Safari 7.0.1 (OS X Lion v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9)
      22 Oct 2013 Apple Remote Desktop 3.7 (Apple Remote Desktop 3.0 or later)
      22 Oct 2013 Apple Remote Desktop 3.5.4 (Apple Remote Desktop 3.0 or later)
      22 Oct 2013 OS X Server 3.0 (OS X Mavericks v10.9 or later)
      22 Oct 2013 Keynote 6.0 (OS X Mavericks v10.9 or later)
      22 Oct 2013 OS X Mavericks v10.9 (Mac OS X v10.6.8 and later)

      (Windows and iOS updates omitted)

      So after the 22nf of October 2013 when Mavericks was released they don't seem to be back-porting all their patches for either the OS or all apps. Note that the 16th December patch to Mavericks appears to fix bugs that exist in older versions of Mac OS, which did not receive an update. There are all security patches specifically, not just feature updates.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    4. Re:Yes, they are. by Tom · · Score: 3, Insightful

      Yeah, but there's been only 2 releases of windows since then, while there have been 7 releases of OS X.

      The iteration cycle of OS X is faster. If you don't like it, then nobody forces you to buy it, stay with windows.

      Also, a new version of OS X is something like 20 or 30 bucks, while a new version of windows is ten times that amount. There's little excuse to still be running OS X 10.1

      --
      Assorted stuff I do sometimes: Lemuria.org
    5. Re:Yes, they are. by Anubis+IV · · Score: 3, Insightful

      It's true. And there are benefits and drawbacks to doing so.

      For Microsoft, it means that their customers rarely get left behind, and that they rarely will upgrade to discover that their favorite seldom-used feature has been phased out. On the flipside, it means that Microsoft's designs are saddled by needing to accommodate loads of legacy features, which leads to bloated designs with inconsistencies like mixed metaphors and cluttered UIs.

      The exact opposite is true with Apple. They're unafraid to leave behind customers who don't keep up, and they're unafraid to cut out features that they can't or don't want to fit into the latest version of their software. But it also means that they are able to polish the latest iThing to its utmost, providing a tight user experience that isn't held back by needing to fit in legacy features.

      Pick the one that appeals to you, or choose Linux, but don't fault Microsoft for not being Apple, or Apple for not being Microsoft. The two companies are cut from entirely different cloth, and it's for everyone's benefit that that's the case, since otherwise computing might be quite a bit more boring.

  6. Mac OS vs Windows XP by DogDude · · Score: 5, Insightful

    That's some real troll-bait comparing Mac OS to Windows XP. There's really little similarity. Microsoft is discontinuing security patches for a 12 year old OS. Apple is discontinuing security updates for an 18 month old OS.

    --
    I don't respond to AC's.
    1. Re:Mac OS vs Windows XP by UnknowingFool · · Score: 4, Informative

      Apple isn't discontinuing security updates to Mountain Lion. Even in the link provided, Apple updated Safari just last month and updates to versions as old as Snow Leopard in October. Unlike MS, Apple doesn't have a regular patch Tuesday.

      --
      Well, there's spam egg sausage and spam, that's not got much spam in it.
  7. No evidence to support it by MrMickS · · Score: 5, Informative

    Looking at the Apple update release page there hasn't been a Security Update since Mavericks was released so there is no evidence to support the assertion from Sophos.

    The last Security Update from Apple was 2013-004 and included updates for Snow Leopard, Lion, and Mountain Lion. Until Apple releases a security update that *only* targets Mavericks this is just Sophos FUD.

    --
    You may think me a tired, old, cynic. I'd have to disagree about the tired bit.
  8. As much as I hate to defend Apple... by MikeRT · · Score: 4, Insightful

    I have a 5.5 year old MBP and it runs Mavericks almost perfectly as well as it ran Leopard. The case for not upgrading to Mavericks if you have a x86 Mac that is the age of mine or newer is based almost entirely on being a curmudgeon who doesn't want someone telling him to just move onto the next version. The vast majority of the refuseniks are likely not savvy users objecting to the "iOSification" of MacOS X or something like that, but ordinary idiots who blink at you with a blank expression when you ask what version of OS X they use. "Huh? Macs haver versions?" Yeah. My wife and I have met a lot of casual Mac users who don't seem to understand that no, really, MacOS X has versions just like Windows and that using the same OS X that came with your Mac three or four years later is like saying "I don't need that service pack shit" on Windows.

  9. Re:Exactly why I stopped buying Apple by Sockatume · · Score: 4, Interesting

    When iOS 4 came out, you switched to Android because you wanted more software updates? Summer 2010, at the height of the Android software update panic, when Motorola had to be pressured to even update the Droid to 2.2, and most phones were lucky to see an update outside of the first six months?

    Then when you couldn't get a new version of MacOS for a five-year-old laptop, rather than just install Windows 7 on it, you bought a whole new computer?

    Talk about cutting off your nose to spite your face.

    --
    No kidding!!! What do you say at this point?
  10. Re:Exactly why I stopped buying Apple by CastrTroy · · Score: 4, Interesting

    You switched to Android because you iPhone couldn't get an update? Hope you picked the right model. Android phones have terrible track records for receiving updates. Many of them never receive an update after leaving the factory floor. People say the Nexus line of phones get better support, but I'm not sure if I believe that. The Nexus One is stuck on Gingerbread (2.3) after only being released in 2010. The Nexus S is only at 4.1, Then Galaxy Nexus is at 4.2 or 4.3 depending on the hardware revision. The only ones you can run the latest OS on are the Nexus 4 and 5, the former of which is only from late 2012. Meanwhile, in with Apple, IOS 7 is supported all the way back to the iPhone 4, which was released in early 2011.

    --

    Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
  11. X11 by tepples · · Score: 3, Insightful

    As long as it runs POSIX and an X11 server, it should run desktop applications designed for desktop Linux or FreeBSD with minimal porting work. The POSIX-certified versions of Windows did not include an X11 server and therefore were not very useful as *n?x workstations. Likewise, despite using the Linux kernel, Android uses different apps because its GUI layer runs on something other than an X11 server.

  12. Re:Mavericks really isn't a new OS by UnknowingFool · · Score: 3, Informative

    I think the main difference is that Apple does things in small steps rather than large steps so transitions are easier. For example between OS X Cheetah (10.1) and Leopard (10.5) there was so much change that many programs that worked in Cheetah may not work in Leopard but each versions was only a small change from the previous. MS did the same thing in the same time from XP -> Vista but the changes were so abrupt that it broke so many things. Leopard brought in the new Intel CPUs. Snow Leopard contained a great deal of changes to the core systems including the transition to 64-bit. The pattern from Apple has been major architectural changes then refinements for a few versions then major architectural change.

    --
    Well, there's spam egg sausage and spam, that's not got much spam in it.
  13. Re:FPS Russia by UnknowingFool · · Score: 3, Informative

    So pay a premium for the hardware then spend loads more getting a non-OEM install of windows and potentially a license for your VM solution.

    Yes, because getting an OEM versions of Windows for the PC I built myself is rather easy and cheap. Also the cost of Windows is $0 for all OEM systems right? I didn't pay anything for it at all.

    --
    Well, there's spam egg sausage and spam, that's not got much spam in it.